CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 212
1. Executive leadership has decided to engage a consulting firm to develop and implement a comprehensive security framework for the organization to allow senior management to remain focused on business priorities. Which of the following poses the GREATEST challenge to the successful implementation of a new security governance framework?
A) Information security management does not fully accept the responsibility for information security governance.
B) Executive leadership views information security governance primarily as a concern of the information security management team.
C) Information security staff has little or no experience with the practice of information security governance.
D) Executive leadership becomes involved in decisions about information security governance.
2. Which of the following is the MOST effective way to ensure information security policies are followed?
A) Require sign-off on acceptable use policies.
B) Require regular security awareness training.
C) Provide detailed security procedures.
D) Perform a gap analysis.
3. Which of the following is the MOST effective way to address an organization's security concerns during contract negotiations with a third party?
A) Ensure security is involved in the procurement process.
B) Communicate security policy with the third-party vendor.
C) Review the third-party contract with the organization's legal department.
D) Conduct an information security audit on the third-party vendor.
4. Which of the following is the BEST method to ensure that data owners take responsibility for implementing information security processes?
A) Include security tasks into employee job descriptions.
B) Include membership on project teams.
C) Provide job rotation into the security organization.
D) Increase security awareness training.
5. Organization XYZ, a lucrative, Internet-only business, recently suffered a power outage that lasted two hours. The organization's data center was unavailable in the interim. In order to mitigate risk in the MOST cost-efficient manner, the organization should:
A) plan to operate at a reduced capacity from the primary place of business.
B) create an IT hot site with immediate fail-over capability.
C) install an uninterruptible power supply (UPS) and generator.
D) set up a duplicate business center in a geographically separate area.
A) Information security management does not fully accept the responsibility for information security governance.
B) Executive leadership views information security governance primarily as a concern of the information security management team.
C) Information security staff has little or no experience with the practice of information security governance.
D) Executive leadership becomes involved in decisions about information security governance.
2. Which of the following is the MOST effective way to ensure information security policies are followed?
A) Require sign-off on acceptable use policies.
B) Require regular security awareness training.
C) Provide detailed security procedures.
D) Perform a gap analysis.
3. Which of the following is the MOST effective way to address an organization's security concerns during contract negotiations with a third party?
A) Ensure security is involved in the procurement process.
B) Communicate security policy with the third-party vendor.
C) Review the third-party contract with the organization's legal department.
D) Conduct an information security audit on the third-party vendor.
4. Which of the following is the BEST method to ensure that data owners take responsibility for implementing information security processes?
A) Include security tasks into employee job descriptions.
B) Include membership on project teams.
C) Provide job rotation into the security organization.
D) Increase security awareness training.
5. Organization XYZ, a lucrative, Internet-only business, recently suffered a power outage that lasted two hours. The organization's data center was unavailable in the interim. In order to mitigate risk in the MOST cost-efficient manner, the organization should:
A) plan to operate at a reduced capacity from the primary place of business.
B) create an IT hot site with immediate fail-over capability.
C) install an uninterruptible power supply (UPS) and generator.
D) set up a duplicate business center in a geographically separate area.
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment