CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 109
1. Which of the following is the GREATEST benefit of integrating information security program requirements into vendor management?
A) The ability to reduce risk in the supply chain
B) The ability to meet industry compliance requirements
C) The ability to define service level agreements (SLAs)
D) The ability to improve vendor performance
2. Which of the following is a step in establishing a security policy?
A) Developing platform-level security baselines
B) Creating a RACI matrix
C) Implementing a process for developing and maintaining the policy
D) Developing configuration parameters for the network
3. The BEST time to ensure that a corporation acquires secure software products when outsourcing software development is during:
A) corporate security reviews.
B) contract performance audits.
C) contract negotiation.
D) security policy development.
4. Which of the following is the BEST way to determine if an organization's current risk is within the risk appetite?
A) Conducting a business impact analysis (BIA)
B) Implementing key performance indicators (KPIs)
C) Implementing key risk indicators (KRIs)
D) Developing additional mitigating controls
5. An organization with a strict need-to-know information access policy is about to launch a knowledge management intranet.Which of the following is the MOST important activity to ensure compliance with existing security policies?
A) Develop a control procedure to check content before it is published.
B) Change organization policy to allow wider use of the new web site.
C) Ensure that access to the web site is limited to senior managers and the board.
D) Password-protect documents that contain confidential information.
A) The ability to reduce risk in the supply chain
B) The ability to meet industry compliance requirements
C) The ability to define service level agreements (SLAs)
D) The ability to improve vendor performance
2. Which of the following is a step in establishing a security policy?
A) Developing platform-level security baselines
B) Creating a RACI matrix
C) Implementing a process for developing and maintaining the policy
D) Developing configuration parameters for the network
3. The BEST time to ensure that a corporation acquires secure software products when outsourcing software development is during:
A) corporate security reviews.
B) contract performance audits.
C) contract negotiation.
D) security policy development.
4. Which of the following is the BEST way to determine if an organization's current risk is within the risk appetite?
A) Conducting a business impact analysis (BIA)
B) Implementing key performance indicators (KPIs)
C) Implementing key risk indicators (KRIs)
D) Developing additional mitigating controls
5. An organization with a strict need-to-know information access policy is about to launch a knowledge management intranet.Which of the following is the MOST important activity to ensure compliance with existing security policies?
A) Develop a control procedure to check content before it is published.
B) Change organization policy to allow wider use of the new web site.
C) Ensure that access to the web site is limited to senior managers and the board.
D) Password-protect documents that contain confidential information.
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment