CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 203
1. A risk profile support effective security decisions PRIMARILY because it:
A) defines how the best mitigate future risks.
B) identifies priorities for risk reduction.
C) enables comparison with industry best practices.
D) describes security threats.
2. The PRIMARY goal of a post-incident review should be to:
A) determine why the incident occurred.
B) determine how to improve the incident handling process.
C) identify policy changes to prevent a recurrence.
D) establish the cost of the incident to the business.
3. Which of the following activities is used to determine the effect of a disruptive event?
A) Maximum tolerable downtime assessment
B) Recovery time objective (RTO) analysis
C) Business impact analysis (BIA)
D) Incident impact analysis
4. For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?
A) Multiple failed login attempts on an employee's workstation
B) Suspicious network traffic originating from the demilitarized zone (DMZ)
C) Several port scans of the web server
D) Anti-malware alerts on several employees' workstations
5. When establishing escalation processes for an organization's computer security incident response team, the organization's procedures should:
A) provide unrestricted communication channels to executive leadership to ensure direct access.
B) require events to be escalated whenever possible to ensure that management is kept informed.
C) recommend the same communication path for events to ensure consistency of communication.
D) specify step-by-step escalation paths to ensure an appropriate chain of command.
A) defines how the best mitigate future risks.
B) identifies priorities for risk reduction.
C) enables comparison with industry best practices.
D) describes security threats.
2. The PRIMARY goal of a post-incident review should be to:
A) determine why the incident occurred.
B) determine how to improve the incident handling process.
C) identify policy changes to prevent a recurrence.
D) establish the cost of the incident to the business.
3. Which of the following activities is used to determine the effect of a disruptive event?
A) Maximum tolerable downtime assessment
B) Recovery time objective (RTO) analysis
C) Business impact analysis (BIA)
D) Incident impact analysis
4. For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?
A) Multiple failed login attempts on an employee's workstation
B) Suspicious network traffic originating from the demilitarized zone (DMZ)
C) Several port scans of the web server
D) Anti-malware alerts on several employees' workstations
5. When establishing escalation processes for an organization's computer security incident response team, the organization's procedures should:
A) provide unrestricted communication channels to executive leadership to ensure direct access.
B) require events to be escalated whenever possible to ensure that management is kept informed.
C) recommend the same communication path for events to ensure consistency of communication.
D) specify step-by-step escalation paths to ensure an appropriate chain of command.
1. Right Answer: B
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment