لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Which of the following is the BEST indication of an improved risk-aware culture following the implementation of a security awareness training program for all employees?
A. A reduction in the number of help desk calls
B. An increase in the number of identified system flaws
C. A reduction in the number of user access resets
D. An increase in the number of incidents reported
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which of the following is a KEY responsibility of the second line of defense?
A. Implementing control activities
B. Monitoring control effectiveness
C. Conducting control self-assessments
D. Owning risk scenarios
عرض الإجابة
اجابة صحيحة: C
السؤال #3
When a high-risk security breach occurs, which of the following would be MOST important to the person responsible for managing the incident?
A. An anal/sis of the security logs that illustrate the sequence of events
B. An analysis of the impact of similar attacks in other organizations
C. A business case for implementing stronger logical access controls
D. A justification of corrective action taken
عرض الإجابة
اجابة صحيحة: B
السؤال #4
An organization has decided to implement an emerging technology and incorporate the new capabilities into its strategic business plan. Business operations for the technology will be outsourced. What will be the risk practitioner's PRIMARY role during the change?
A. Managing third-party risk
B. Developing risk scenarios
C. Managing the threat landscape
D. Updating risk appetite
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Establishing and organizational code of conduct is an example of which type of control?
A. Preventive
B. Directive
C. Detective
D. Compensating
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Deviation from a mitigation action plan's completion date should be determined by which of the following?
A. Change management as determined by a change control board
B. Benchmarking analysis with similar completed projects
C. Project governance criteria as determined by the project office
D. The risk owner as determined by risk management processes
عرض الإجابة
اجابة صحيحة: A
السؤال #7
To mitigate the risk of using a spreadsheet to analyze financial data, IT has engaged a third-party vendor to deploy a standard application to automate the process. Which of the following parties should own the risk associated with calculation errors?
A. business owner
B. IT department
C. Risk manager
D. Third-party provider
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Which of the following is MOST effective in continuous risk management process improvement?
A. Periodic assessments
B. Change management
C. Awareness training
D. Policy updates
عرض الإجابة
اجابة صحيحة: C
السؤال #9
An organization operates in an environment where reduced time-to-market for new software products is a top business priority. Which of the following should be the risk practitioner's GREATEST concern?
A. Sufficient resources are not assigned to IT development projects
B. Customer support help desk staff does not have adequate training
C. Email infrastructure does not have proper rollback plans
D. The corporate email system does not identify and store phishing emails
عرض الإجابة
اجابة صحيحة: A
السؤال #10
A maturity model will BEST indicate:
A. confidentiality and integrity
B. effectiveness and efficiency
C. availability and reliability
D. certification and accreditation
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Which of the following is MOST important to understand when developing key risk indicators (KRIs)?
A. KRI thresholds
B. Integrity of the source data
C. Control environment
D. Stakeholder requirements
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Which of the following should be the MOST important consideration when performing a vendor risk assessment?
A. Results of the last risk assessment of the vendor
B. Inherent risk of the business process supported by the vendor
C. Risk tolerance of the vendor
D. Length of time since the last risk assessment of the vendor
عرض الإجابة
اجابة صحيحة: D
السؤال #13
The analysis of which of the following will BEST help validate whether suspicious network activity is malicious?
A. Logs and system events
B. Intrusion detection system (IDS) rules
C. Vulnerability assessment reports
D. Penetration test reports
عرض الإجابة
اجابة صحيحة: C
السؤال #14
Mapping open risk issues to an enterprise risk heat map BEST facilitates:
A. risk response
B. control monitoring
C. risk identification
D. risk ownership
عرض الإجابة
اجابة صحيحة: B
السؤال #15
A risk practitioner learns that the organization s industry is experiencing a trend of rising security incidents. Which of the following is the BEST course of action?
A. Evaluate the relevance of the evolving threats
B. Review past internal audit results
C. Respond to organizational security threats
D. Research industry published studies
عرض الإجابة
اجابة صحيحة: A
السؤال #16
Which of the following is the MOST important foundational element of an effective three lines of defense model for an organization?
A. A robust risk aggregation tool set
B. Clearly defined roles and responsibilities
C. A well-established risk management committee
D. Well-documented and communicated escalation procedures
عرض الإجابة
اجابة صحيحة: A
السؤال #17
Which of the following is of GREATEST concern when uncontrolled changes are made to the control environment?
A. A decrease in control layering effectiveness
B. An increase in inherent risk
C. An increase in control vulnerabilities
D. An increase in the level of residual risk
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: