CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 215
1. An organization utilizes a third party to classify its customers' personally identifiable information (PII). What is the BEST way to hold the third party accountable for data leaks?
A) Include detailed documentation requirements within the formal statement of work.
B) Submit a formal request for proposal (RFP) containing detailed documentation of requirements.
C) Ensure a nondisclosure agreement is signed by both parties' senior management.
D) Require the service provider to sign off on the organization's acceptable use policy.
2. When designing security controls, it is MOST important to:
A) apply a risk-based approach.
B) focus on preventive controls.
C) evaluate the costs associated with the controls.
D) apply controls to confidential information.
3. Information classification is a fundamental step in determining:
A) whether risk analysis objectives are met.
B) who has ownership of information.
C) the type of metrics that should be captured.
D) the security strategy that should be used.
4. Which of the following should be the MOST important consideration of business continuity management?
A) Ensuring human safety
B) Identifying critical business processes
C) Ensuring the reliability of backup data
D) Securing critical information assets
5. Which of the following would MOST effectively ensure that information security is implemented in a new system?
A) Security baselines
B) Security scanning
C) Secure code reviews
D) Penetration testing
A) Include detailed documentation requirements within the formal statement of work.
B) Submit a formal request for proposal (RFP) containing detailed documentation of requirements.
C) Ensure a nondisclosure agreement is signed by both parties' senior management.
D) Require the service provider to sign off on the organization's acceptable use policy.
2. When designing security controls, it is MOST important to:
A) apply a risk-based approach.
B) focus on preventive controls.
C) evaluate the costs associated with the controls.
D) apply controls to confidential information.
3. Information classification is a fundamental step in determining:
A) whether risk analysis objectives are met.
B) who has ownership of information.
C) the type of metrics that should be captured.
D) the security strategy that should be used.
4. Which of the following should be the MOST important consideration of business continuity management?
A) Ensuring human safety
B) Identifying critical business processes
C) Ensuring the reliability of backup data
D) Securing critical information assets
5. Which of the following would MOST effectively ensure that information security is implemented in a new system?
A) Security baselines
B) Security scanning
C) Secure code reviews
D) Penetration testing
1. Right Answer: A
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment