CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 227
1. Which of the following is MOST critical when creating an incident response plan?
A) Identifying what constitutes an incident
B) Identifying vulnerable data assets
C) Aligning with the risk assessment process
D) Documenting incident notification and escalation processes
2. A third-party service provider is developing a mobile app for an organization's customers.Which of the following issues should be of GREATEST concern to the information security manager?
A) Software escrow is not addressed in the contract.
B) The contract has no requirement for secure development practices.
C) The mobile app's programmers are all offshore contractors.
D) SLAs after deployment are not clearly defined.
3. Which of the following BEST indicates senior management support for an information security program?
A) Detailed information security policies are established and regularly reviewed.
B) The information security manager meets regularly with the lines of business.
C) Key performance indicators (KPIs) are defined for the information security program.
D) Risk assessments are conducted frequently by the information security team.
4. An information security manager suspects that the organization has suffered a ransomware attack. What should be done FIRST?
A) Notify senior management.
B) Alert employees to the attack.
C) Confirm an infection.
D) Isolate the affected systems.
5. Implementing a strong password policy is part of an organization's information security strategy for the year. A business unit believes the strategy may adversely affect a client's adoption of a recently developed mobile application and has decided not to implement the policy.Which of the following is the information security manager's BEST course of action?
A) Analyze the risk and impact of not implementing the policy.
B) Develop and implement a password policy for the mobile application.
C) Escalate non-implementation of the policy to senior management.
D) Benchmark with similar mobile applications to identify gaps.
A) Identifying what constitutes an incident
B) Identifying vulnerable data assets
C) Aligning with the risk assessment process
D) Documenting incident notification and escalation processes
2. A third-party service provider is developing a mobile app for an organization's customers.Which of the following issues should be of GREATEST concern to the information security manager?
A) Software escrow is not addressed in the contract.
B) The contract has no requirement for secure development practices.
C) The mobile app's programmers are all offshore contractors.
D) SLAs after deployment are not clearly defined.
3. Which of the following BEST indicates senior management support for an information security program?
A) Detailed information security policies are established and regularly reviewed.
B) The information security manager meets regularly with the lines of business.
C) Key performance indicators (KPIs) are defined for the information security program.
D) Risk assessments are conducted frequently by the information security team.
4. An information security manager suspects that the organization has suffered a ransomware attack. What should be done FIRST?
A) Notify senior management.
B) Alert employees to the attack.
C) Confirm an infection.
D) Isolate the affected systems.
5. Implementing a strong password policy is part of an organization's information security strategy for the year. A business unit believes the strategy may adversely affect a client's adoption of a recently developed mobile application and has decided not to implement the policy.Which of the following is the information security manager's BEST course of action?
A) Analyze the risk and impact of not implementing the policy.
B) Develop and implement a password policy for the mobile application.
C) Escalate non-implementation of the policy to senior management.
D) Benchmark with similar mobile applications to identify gaps.
1. Right Answer: D
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment