CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 165
1. In order to ensure separation of duties, which of the following activities is BEST performed by someone other than the system administrator?
A) Deleting system logs
B) Using system utilities
C) Monitoring system utilization
D) Defining system recovery procedures
2. Of the following, who should have PRIMARY responsibility for assessing the security risk associated with an outsourced cloud provider contract?
A) Information security manager
B) Compliance manager
C) Chief information officer
D) Service delivery manager
3. The BEST way to mitirate the risk associated with a social engineering attack is to:
A) deploy an effective intrusion detection system (IDS).
B) perform a business risk assessment of the email filtering system.
C) implement multi-factor authentication on critical business systems.
D) perform a user-knowledge gap assessment of information security practices.
4. The PRIMARY purpose for continuous monitoring of security controls is to ensure:
A) system availability.
B) control gaps are minimized.
C) effectiveness of controls.
D) alignment with compliance requirements.
5. To prevent computers on the corporate network from being used as part of a distributed denial of service attack, the information security manager should use:
A) incoming traffic filtering
B) outgoing traffic filtering
C) IT security policy dissemination
D) rate limiting
A) Deleting system logs
B) Using system utilities
C) Monitoring system utilization
D) Defining system recovery procedures
2. Of the following, who should have PRIMARY responsibility for assessing the security risk associated with an outsourced cloud provider contract?
A) Information security manager
B) Compliance manager
C) Chief information officer
D) Service delivery manager
3. The BEST way to mitirate the risk associated with a social engineering attack is to:
A) deploy an effective intrusion detection system (IDS).
B) perform a business risk assessment of the email filtering system.
C) implement multi-factor authentication on critical business systems.
D) perform a user-knowledge gap assessment of information security practices.
4. The PRIMARY purpose for continuous monitoring of security controls is to ensure:
A) system availability.
B) control gaps are minimized.
C) effectiveness of controls.
D) alignment with compliance requirements.
5. To prevent computers on the corporate network from being used as part of a distributed denial of service attack, the information security manager should use:
A) incoming traffic filtering
B) outgoing traffic filtering
C) IT security policy dissemination
D) rate limiting
1. Right Answer: A
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment