CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 37
1. Which of the following BEST enables staff acceptance of information security policies?
A) Strong senior management support
B) Adequate security funding
C) Computer-based training
D) A robust incident response program
2. Which of the following is the MOST important element when developing an information security strategy?
A) Identifying applicable laws and regulations
B) Identifying information assets
C) Determining the risk management methodology
D) Aligning security activities with organizational goals
3. An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following wouldprovide the BESTassurance that the third party's contract programmers comply with the organization's security policies?
A) Perform periodic security assessments of the contractors' activities.
B) Conduct periodic vulnerability scans of the application.
C) Include penalties for noncompliance in the contracting agreement.
D) Require annual signed agreements of adherence to security policies.
4. When choosing the best controls to mitigate risk to acceptable levels, the information security manager's decision should be MAINLY driven by:
A) cost-benefit analysis
B) regulatory requirements
C) best practices
D) control framework
5. What is the FIRST line of defense against criminal insider activities?
A) Validating the integrity of personnel
B) Monitoring employee activities
C) Signing security agreements by critical personnel
D) Stringent and enforced access controls
A) Strong senior management support
B) Adequate security funding
C) Computer-based training
D) A robust incident response program
2. Which of the following is the MOST important element when developing an information security strategy?
A) Identifying applicable laws and regulations
B) Identifying information assets
C) Determining the risk management methodology
D) Aligning security activities with organizational goals
3. An organization has outsourced many application development activities to a third party that uses contract programmers extensively. Which of the following wouldprovide the BESTassurance that the third party's contract programmers comply with the organization's security policies?
A) Perform periodic security assessments of the contractors' activities.
B) Conduct periodic vulnerability scans of the application.
C) Include penalties for noncompliance in the contracting agreement.
D) Require annual signed agreements of adherence to security policies.
4. When choosing the best controls to mitigate risk to acceptable levels, the information security manager's decision should be MAINLY driven by:
A) cost-benefit analysis
B) regulatory requirements
C) best practices
D) control framework
5. What is the FIRST line of defense against criminal insider activities?
A) Validating the integrity of personnel
B) Monitoring employee activities
C) Signing security agreements by critical personnel
D) Stringent and enforced access controls
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment