CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 218
1. During an information security audit, it was determined that IT staff did not follow the established standard when configuring and managing IT systems. Which of the following is the BEST way to prevent future occurrences?
A) Updating configuration baselines to allow exceptions
B) Conducting periodic vulnerability scanning
C) Providing annual information security awareness training
D) Implementing a strict change control process
2. Which of the following should be the PRIMARY focus of a post-incident review following a successful response to a cybersecurity incident?
A) Which control failures contributed to the incident
B) How incident response processes were executed
C) What attack vectors were utilized
D) When business operations were restored
3. An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:
A) prepare for criminal prosecution.
B) document lessons learned.
C) evaluate the impact.
D) update information security policies.
4. Which of the following is the MOST important reason for performing a cost-benefit analysis when implementing a security control?
A) To present a realistic information security budget
B) To ensure that benefits are aligned with business strategies
C) To ensure that the mitigation effort does not exceed the asset value
D) To justify information security program activities
5. When developing a new system, detailed information security functionality should FIRST be addressed:
A) as part of prototyping.
B) during the system design phase.
C) when system requirements are defined.
D) as part of application development.
A) Updating configuration baselines to allow exceptions
B) Conducting periodic vulnerability scanning
C) Providing annual information security awareness training
D) Implementing a strict change control process
2. Which of the following should be the PRIMARY focus of a post-incident review following a successful response to a cybersecurity incident?
A) Which control failures contributed to the incident
B) How incident response processes were executed
C) What attack vectors were utilized
D) When business operations were restored
3. An organization has decided to conduct a postmortem analysis after experiencing a loss from an information security attack. The PRIMARY purpose of this analysis should be to:
A) prepare for criminal prosecution.
B) document lessons learned.
C) evaluate the impact.
D) update information security policies.
4. Which of the following is the MOST important reason for performing a cost-benefit analysis when implementing a security control?
A) To present a realistic information security budget
B) To ensure that benefits are aligned with business strategies
C) To ensure that the mitigation effort does not exceed the asset value
D) To justify information security program activities
5. When developing a new system, detailed information security functionality should FIRST be addressed:
A) as part of prototyping.
B) during the system design phase.
C) when system requirements are defined.
D) as part of application development.
1. Right Answer: D
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment