CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 240
1. Senior management commitment and support will MOSTlikely be offered when the value of information security governance is presented from a:
A) threat perspective.
B) compliance perspective.
C) risk perspective.
D) policy perspective.
2. Which of the following would provide nonrepudiation of electronic transactions?
A) Two-factor authentication
B) Periodic reaccreditations
C) Third-party certificates
D) Receipt acknowledgment
3. The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:
A) evaluate the effect of the changes on the levels of residual risk.
B) identity changes in the risk environment.
C) update information security policies in accordance with the changes.
D) change business objectives based on potential impact.
4. Exceptions to a security policy should be approved based PRIMARILY on:
A) risk appetite.
B) the external threat probability.
C) results of a business impact analysis (BIA).
D) the number of security incidents.
5. Which of the following is the BEST way to increase the visibility of information security within an organization's culture?
A) Requiring cross-functional information security training
B) Implementing user awareness campaigns for the entire company
C) Publishing an acceptable use policy
D) Establishing security policies based on industry standards
A) threat perspective.
B) compliance perspective.
C) risk perspective.
D) policy perspective.
2. Which of the following would provide nonrepudiation of electronic transactions?
A) Two-factor authentication
B) Periodic reaccreditations
C) Third-party certificates
D) Receipt acknowledgment
3. The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:
A) evaluate the effect of the changes on the levels of residual risk.
B) identity changes in the risk environment.
C) update information security policies in accordance with the changes.
D) change business objectives based on potential impact.
4. Exceptions to a security policy should be approved based PRIMARILY on:
A) risk appetite.
B) the external threat probability.
C) results of a business impact analysis (BIA).
D) the number of security incidents.
5. Which of the following is the BEST way to increase the visibility of information security within an organization's culture?
A) Requiring cross-functional information security training
B) Implementing user awareness campaigns for the entire company
C) Publishing an acceptable use policy
D) Establishing security policies based on industry standards
1. Right Answer: D
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: B
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment