CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 242
1. What would be an information security manager's BEST course of action when notified that the implementation of some security controls is being delayed due to budget constraints?
A) Prioritize security controls based on risk.
B) Request a budget exception for the security controls.
C) Begin the risk acceptance process.
D) Suggest less expensive alternative security controls.
2. In an organization with effective IT risk management, the PRIMARY reason to establish key risk indicators (KRIs) is to:
A) provide information to remediate risk events.
B) demonstrate the alignment of risk management efforts.
C) map potential risk to key organizational strategic initiatives.
D) identity triggers that exceed risk thresholds.
3. Which of the following provides the MOST relevant evidence of incident response maturity?
A) Red team testing results
B) Average incident closure time
C) Independent audit assessment
D) Tabletop exercise results
4. Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager's NEXT step should be to:
A) inform senior management of changes in risk metrics.
B) perform an assessment to measure the current state.
C) deliver security awareness training.
D) ensure baseline back-ups are performed.
5. An information security manager learns of a new international standard related to information security.Which of the following would be the BEST course of action?
A) Review industry peers' responses to the new standard.
B) Consult with legal counsel on the standard's applicability to regulations.
C) Determine whether the organization can benefit from adopting the new standard.
D) Perform a gap analysis between the new standard and existing practices.
A) Prioritize security controls based on risk.
B) Request a budget exception for the security controls.
C) Begin the risk acceptance process.
D) Suggest less expensive alternative security controls.
2. In an organization with effective IT risk management, the PRIMARY reason to establish key risk indicators (KRIs) is to:
A) provide information to remediate risk events.
B) demonstrate the alignment of risk management efforts.
C) map potential risk to key organizational strategic initiatives.
D) identity triggers that exceed risk thresholds.
3. Which of the following provides the MOST relevant evidence of incident response maturity?
A) Red team testing results
B) Average incident closure time
C) Independent audit assessment
D) Tabletop exercise results
4. Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager's NEXT step should be to:
A) inform senior management of changes in risk metrics.
B) perform an assessment to measure the current state.
C) deliver security awareness training.
D) ensure baseline back-ups are performed.
5. An information security manager learns of a new international standard related to information security.Which of the following would be the BEST course of action?
A) Review industry peers' responses to the new standard.
B) Consult with legal counsel on the standard's applicability to regulations.
C) Determine whether the organization can benefit from adopting the new standard.
D) Perform a gap analysis between the new standard and existing practices.
1. Right Answer: A
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: C
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment