CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 92
1. Which of the following provides the BEST assurance that security policies are applied across business operations?
A) Organizational standards are required to be formally accepted.
B) Organizational standards are enforced by technical controls.
C) Organizational standards are included in awareness training.
D) Organizational standards are documented in operational procedures.
2. What should be a security manager's PRIMARY objective in the event of a security incident?
A) Identify the source of the breach and how it was perpetrated.
B) Contain the threat and restore operations in a timely manner.
C) Ensure that normal operations are not disrupted.
D) Identify lapses in operational control effectiveness.
3. Which of the following is the BEST indication that an information security program is effective?
A) The number of reported and confirmed security incidents has increased after awareness training.
B) The security awareness program was developed following industry best practices.
C) The security team has performed a risk assessment to understand the organization's risk appetite.
D) The security team is knowledgeable and uses the best available tools.
4. Which of the following would be of GREATEST concern to an IS auditor receiving an organization's security incident handling procedures?
A) Annual tabletop exercises are performed instead of functional incident response exercises.
B) Roles for computer emergency response team (CERT) members have not been formally documented.
C) Guidelines for prioritizing incidents have not been identified.
D) Workstation antivirus software alerts are not regularly reviewed.
5. An organization has suffered a number of incidents in which USB flash drives with sensitive data have been lost. Which of the following be MOST effective in preventing loss of sensitive data?
A) Modifying the disciplinary policy to be more stringent
B) Implementing a check-in/check-out process for USB flash drives
C) Issuing encrypted USB flash drives to staff
D) Increasing the frequency of security awareness training
A) Organizational standards are required to be formally accepted.
B) Organizational standards are enforced by technical controls.
C) Organizational standards are included in awareness training.
D) Organizational standards are documented in operational procedures.
2. What should be a security manager's PRIMARY objective in the event of a security incident?
A) Identify the source of the breach and how it was perpetrated.
B) Contain the threat and restore operations in a timely manner.
C) Ensure that normal operations are not disrupted.
D) Identify lapses in operational control effectiveness.
3. Which of the following is the BEST indication that an information security program is effective?
A) The number of reported and confirmed security incidents has increased after awareness training.
B) The security awareness program was developed following industry best practices.
C) The security team has performed a risk assessment to understand the organization's risk appetite.
D) The security team is knowledgeable and uses the best available tools.
4. Which of the following would be of GREATEST concern to an IS auditor receiving an organization's security incident handling procedures?
A) Annual tabletop exercises are performed instead of functional incident response exercises.
B) Roles for computer emergency response team (CERT) members have not been formally documented.
C) Guidelines for prioritizing incidents have not been identified.
D) Workstation antivirus software alerts are not regularly reviewed.
5. An organization has suffered a number of incidents in which USB flash drives with sensitive data have been lost. Which of the following be MOST effective in preventing loss of sensitive data?
A) Modifying the disciplinary policy to be more stringent
B) Implementing a check-in/check-out process for USB flash drives
C) Issuing encrypted USB flash drives to staff
D) Increasing the frequency of security awareness training
1. Right Answer: D
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment