CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 213
1. Which of the following is the MAIN benefit of performing an assessment of existing incident response processes?
A) Identification of threats and vulnerabilities
B) Prioritization of action plans
C) Validation of current capabilities
D) Benchmarking against industry peers
2. Which of the following has the GREATEST influence on an organization's information security strategy?
A) The organization's risk tolerance
B) The organizational structure
C) Information security awareness
D) Industry security standards
3. The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented, even though the recommendations are required by regulatory oversight. What should the information security manager do NEXT?
A) Formally document the decision.
B) Review the risk monitoring plan.
C) Perform a risk reassessment.
D) Implement the recommendations.
4. Which of the following is the BEST reason for reevaluating an information security program?
A) Ineffectiveness of the information security strategy execution
B) Misalignment between information security priorities and business objectives
C) Change in senior management
D) Noncompliance with information security policies and procedures
5. For an enterprise implementing a bring your own device (BYOD) program, which of the following would provide the BEST security of corporate data residing on unsecured mobile devices?
A) Acceptable use policy
B) Device certification process
C) Containerization solution
D) Data loss prevention (DLP)
A) Identification of threats and vulnerabilities
B) Prioritization of action plans
C) Validation of current capabilities
D) Benchmarking against industry peers
2. Which of the following has the GREATEST influence on an organization's information security strategy?
A) The organization's risk tolerance
B) The organizational structure
C) Information security awareness
D) Industry security standards
3. The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented, even though the recommendations are required by regulatory oversight. What should the information security manager do NEXT?
A) Formally document the decision.
B) Review the risk monitoring plan.
C) Perform a risk reassessment.
D) Implement the recommendations.
4. Which of the following is the BEST reason for reevaluating an information security program?
A) Ineffectiveness of the information security strategy execution
B) Misalignment between information security priorities and business objectives
C) Change in senior management
D) Noncompliance with information security policies and procedures
5. For an enterprise implementing a bring your own device (BYOD) program, which of the following would provide the BEST security of corporate data residing on unsecured mobile devices?
A) Acceptable use policy
B) Device certification process
C) Containerization solution
D) Data loss prevention (DLP)
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment