CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 231
1. When developing an incident response plan, which of the following is the MOST effective way to ensure incidents common to the organization are handled properly?
A) Adopting industry standard response procedures
B) Rehearsing response scenarios
C) Conducting awareness training
D) Creating and distributing a personnel call tree
2. Following a successful and well-publicized hacking incident, an organization has plans to improve application security.Which of the following is a security project risk?
A) Critical evidence may be lost.
B) The reputation of the organization may be damaged.
C) A trapdoor may have been installed in the application.
D) Resources may not be available to support the implementation.
3. Which of the following BEST validates that security controls are implemented in a new business process?
A) Assess the process according to information security policy.
B) Benchmark the process against industry practices.
C) Verify the use of a recognized control framework.
D) Review the process for conformance with information security best practices.
4. Which of the following is MOST important when prioritizing an information security incident?
A) Organizational risk tolerance
B) Cost to contain and remediate the incident
C) Critically of affected resources
D) Short-term impact to shareholder value
5. A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations.Which of the following would be of MOST concern to senior management?
A) The organization uses a decentralized privacy governance structure.
B) Privacy policies are only reviewed annually.
C) The organization does not have a dedicated privacy officer.
D) The privacy program does not include a formal training component.
A) Adopting industry standard response procedures
B) Rehearsing response scenarios
C) Conducting awareness training
D) Creating and distributing a personnel call tree
2. Following a successful and well-publicized hacking incident, an organization has plans to improve application security.Which of the following is a security project risk?
A) Critical evidence may be lost.
B) The reputation of the organization may be damaged.
C) A trapdoor may have been installed in the application.
D) Resources may not be available to support the implementation.
3. Which of the following BEST validates that security controls are implemented in a new business process?
A) Assess the process according to information security policy.
B) Benchmark the process against industry practices.
C) Verify the use of a recognized control framework.
D) Review the process for conformance with information security best practices.
4. Which of the following is MOST important when prioritizing an information security incident?
A) Organizational risk tolerance
B) Cost to contain and remediate the incident
C) Critically of affected resources
D) Short-term impact to shareholder value
5. A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations.Which of the following would be of MOST concern to senior management?
A) The organization uses a decentralized privacy governance structure.
B) Privacy policies are only reviewed annually.
C) The organization does not have a dedicated privacy officer.
D) The privacy program does not include a formal training component.
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment