CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 225
1. Which of the following would contribute MOST to employees' understanding of data handling responsibilities?
A) Demonstrating support by senior management of the security program
B) Requiring staff acknowledgement of security policies
C) Labeling documents according to appropriate security classification
D) Implementing a tailored security awareness training program
2. What information is MOST helpful in demonstrating to senior management how information security governance aligns with business objectives?
A) Updates on information security projects in development
B) Drafts of proposed policy changes
C) Metrics of key information security deliverables
D) A list of monitored threats, risks, and exposures
3. A third-party service provider has proposed a data loss prevention (DLP) solution. Which of the following MUST be in place for this solution to be relevant to the organization?
A) Senior management support
B) A data classification schema
C) An adequate data testing environment
D) A business case
4. Which of the following would be of GREATEST assistance in determining whether to accept residual risk of a critical security system?
A) Maximum tolerable outage (MTO)
B) Cost-benefit analysis of mitigating controls
C) Annual loss expectancy (ALE)
D) Approved annual budget
5. An attacker was able to gain access to an organization's perimeter firewall and made changes to allow wider external access and to steal data. Which of the following would have BEST provided timely identification of this incident?
A) Deploying a security information and event management system (SIEM)
B) Deploying an intrusion prevention system (IPS)
C) Implementing a data loss prevention (DLP) suite
D) Conducting regular system administrator awareness training
A) Demonstrating support by senior management of the security program
B) Requiring staff acknowledgement of security policies
C) Labeling documents according to appropriate security classification
D) Implementing a tailored security awareness training program
2. What information is MOST helpful in demonstrating to senior management how information security governance aligns with business objectives?
A) Updates on information security projects in development
B) Drafts of proposed policy changes
C) Metrics of key information security deliverables
D) A list of monitored threats, risks, and exposures
3. A third-party service provider has proposed a data loss prevention (DLP) solution. Which of the following MUST be in place for this solution to be relevant to the organization?
A) Senior management support
B) A data classification schema
C) An adequate data testing environment
D) A business case
4. Which of the following would be of GREATEST assistance in determining whether to accept residual risk of a critical security system?
A) Maximum tolerable outage (MTO)
B) Cost-benefit analysis of mitigating controls
C) Annual loss expectancy (ALE)
D) Approved annual budget
5. An attacker was able to gain access to an organization's perimeter firewall and made changes to allow wider external access and to steal data. Which of the following would have BEST provided timely identification of this incident?
A) Deploying a security information and event management system (SIEM)
B) Deploying an intrusion prevention system (IPS)
C) Implementing a data loss prevention (DLP) suite
D) Conducting regular system administrator awareness training
1. Right Answer: D
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment