CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 95
1. An information security manager is preparing an incident response plan. Which of the following is the MOST important consideration when responding to an incident involving sensitive customer data?
A) The assignment of a forensics teams
B) The ability to recover from the incident in a timely manner
C) Following defined post-incident review procedures
D) The ability to obtain incident information in a timely manner
2. An organization that has outsourced its incident management capabilities just discovered a significant privacy breach by an unknown attacker. Which of the following is the MOST important action of the security manager?
A) Follow the outsourcer's response plan
B) Refer to the organization's response plan
C) Notify the outsourcer of the privacy breach
D) Alert the appropriate law enforcement authorities
3. The effectiveness of an incident response team will be GREATEST when:
A) the incident response process is updated based on lessons learned
B) incidents are identified using a security information and event monitoring (SIEM) system
C) the incident response team members are trained security personnel
D) the incident response team meets on a regular basis to review log files
4. An external penetration test identified a serious security vulnerability in a critical business application. Before reporting the vulnerability to senior management, the information security manager's BEST course of action should be to:
A) determine the potential impact with the business owner
B) initiate the incident response process
C) block access to the vulnerable business application
D) report the vulnerability to IT for remediation
5. When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:
A) reduce the costs of future preventive controls
B) provide metrics for reporting to senior management
C) verify compliance with the service level agreement (SLA)
D) learn of potential areas of improvement
A) The assignment of a forensics teams
B) The ability to recover from the incident in a timely manner
C) Following defined post-incident review procedures
D) The ability to obtain incident information in a timely manner
2. An organization that has outsourced its incident management capabilities just discovered a significant privacy breach by an unknown attacker. Which of the following is the MOST important action of the security manager?
A) Follow the outsourcer's response plan
B) Refer to the organization's response plan
C) Notify the outsourcer of the privacy breach
D) Alert the appropriate law enforcement authorities
3. The effectiveness of an incident response team will be GREATEST when:
A) the incident response process is updated based on lessons learned
B) incidents are identified using a security information and event monitoring (SIEM) system
C) the incident response team members are trained security personnel
D) the incident response team meets on a regular basis to review log files
4. An external penetration test identified a serious security vulnerability in a critical business application. Before reporting the vulnerability to senior management, the information security manager's BEST course of action should be to:
A) determine the potential impact with the business owner
B) initiate the incident response process
C) block access to the vulnerable business application
D) report the vulnerability to IT for remediation
5. When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:
A) reduce the costs of future preventive controls
B) provide metrics for reporting to senior management
C) verify compliance with the service level agreement (SLA)
D) learn of potential areas of improvement
1. Right Answer: C
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment