CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 234
1. In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?
A) Compliance with security requirements
B) Frequency of status reporting
C) Nondisclosure clause
D) Intellectual property
2. Which of the following service offerings in a typical Infrastructure as a Service (IaaS) model will BEST enable a cloud service provider to assist customers when recovering from a security incident?
A) Availability of current infrastructure documentation
B) Capability to take a snapshot of virtual machines
C) Availability of web application firewall logs
D) Capability of online virtual machine analysis
3. Which of the following is the BESTapproach for an information security manager when developing new information security policies?
A) Create a stakeholder map.
B) Reference an industry standard.
C) Establish an information security governance committee.
D) Download a policy template.
4. The FIRST step in establishing an information security program is to:
A) define policies and standards that mitigate the organization's risks
B) secure organizational commitment and support.
C) assess the organization's compliance with regulatory requirements.
D) determine the level of risk that is acceptable to senior management.
5. Due to budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).Which of the following is the information security manager's BEST course of action?
A) Inform the legal department of the deficiency.
B) Analyze and report the issue to senior management.
C) Require the application owner to implement the controls.
D) Assess and present the risks to the application owner.
A) Compliance with security requirements
B) Frequency of status reporting
C) Nondisclosure clause
D) Intellectual property
2. Which of the following service offerings in a typical Infrastructure as a Service (IaaS) model will BEST enable a cloud service provider to assist customers when recovering from a security incident?
A) Availability of current infrastructure documentation
B) Capability to take a snapshot of virtual machines
C) Availability of web application firewall logs
D) Capability of online virtual machine analysis
3. Which of the following is the BESTapproach for an information security manager when developing new information security policies?
A) Create a stakeholder map.
B) Reference an industry standard.
C) Establish an information security governance committee.
D) Download a policy template.
4. The FIRST step in establishing an information security program is to:
A) define policies and standards that mitigate the organization's risks
B) secure organizational commitment and support.
C) assess the organization's compliance with regulatory requirements.
D) determine the level of risk that is acceptable to senior management.
5. Due to budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).Which of the following is the information security manager's BEST course of action?
A) Inform the legal department of the deficiency.
B) Analyze and report the issue to senior management.
C) Require the application owner to implement the controls.
D) Assess and present the risks to the application owner.
1. Right Answer: A
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Explanation:
2. Right Answer: B
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: D
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment