CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 76
1. Reevaluation of risk is MOST critical when there is:
A) a change in security policy.
B) resistance to the implementation of mitigating controls.
C) a change in the threat landscape.
D) a management request for updated security reports.
2. An information security manager finds that a soon-to-be deployed online application will increase risk beyond acceptable levels, and necessary controls have not been included. Which of the following is the BEST course of action for the information security manager?
A) Present a business case for additional controls to senior management.
B) Instruct IT to deploy controls based on urgent business needs.
C) Solicit bids for compensating control products.
D) Recommend a different application.
3. Which of the following is the GREATEST risk of single sign-on?
A) It is a single point of failure for an enterprise access control process.
B) Password carelessness by one user may render the entire infrastructure vulnerable.
C) Integration of single sign-on with the rest of the infrastructure is complicated.
D) One administrator maintains the single sign-on solutions without segregation of duty.
4. Which of the following is the MOST important reason for performing a risk analysis?
A) Assigning the appropriate level of protection
B) Identifying critical information assets
C) Identifying and eliminating threats
D) Promoting increased security awareness in the organization
5. Deciding the level of protection a particular asset should be given in BEST determined by:
A) a threat assessment.
B) a vulnerability assessment.
C) a risk analysis.
D) corporate risk appetite.
A) a change in security policy.
B) resistance to the implementation of mitigating controls.
C) a change in the threat landscape.
D) a management request for updated security reports.
2. An information security manager finds that a soon-to-be deployed online application will increase risk beyond acceptable levels, and necessary controls have not been included. Which of the following is the BEST course of action for the information security manager?
A) Present a business case for additional controls to senior management.
B) Instruct IT to deploy controls based on urgent business needs.
C) Solicit bids for compensating control products.
D) Recommend a different application.
3. Which of the following is the GREATEST risk of single sign-on?
A) It is a single point of failure for an enterprise access control process.
B) Password carelessness by one user may render the entire infrastructure vulnerable.
C) Integration of single sign-on with the rest of the infrastructure is complicated.
D) One administrator maintains the single sign-on solutions without segregation of duty.
4. Which of the following is the MOST important reason for performing a risk analysis?
A) Assigning the appropriate level of protection
B) Identifying critical information assets
C) Identifying and eliminating threats
D) Promoting increased security awareness in the organization
5. Deciding the level of protection a particular asset should be given in BEST determined by:
A) a threat assessment.
B) a vulnerability assessment.
C) a risk analysis.
D) corporate risk appetite.
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment