خذ اختبارات أخرى عبر الإنترنت

السؤال #1

In implementing information security governance, the information security manager is PRIMARILY responsible for:

A. developing the security strateg

B. reviewing the security strateg

C. communicating the security strateg

D. approving the security strategy

عرض الإجابة

اجابة صحيحة: D

السؤال #2

Which of the following is the MOST important requirement for setting up an information security infrastructure for a new system?

A. Performing a business impact analysis (BIA)

B. Considering personal information devices as pan of the security policy

C. Initiating IT security training and familiarization

D. Basing the information security infrastructure on risk assessment

عرض الإجابة

اجابة صحيحة: C

السؤال #3

The impact of losing frame relay network connectivity for 18-24 hours should be calculated using the:

A. hourly billing rate charged by the carrie

B. value of the data transmitted over the networ

C. aggregate compensation of all affected business user

D. financial losses incurred by affected business unit

عرض الإجابة

اجابة صحيحة: D

السؤال #4

What will have the HIGHEST impact on standard information security governance models?

A. Number of employees

B. Distance between physical locations

C. Complexity of organizational structure

D. Organizational budget

عرض الإجابة

اجابة صحيحة: D

السؤال #5

A risk management program would be expected to:

A. remove all inherent ris

B. maintain residual risk at an acceptable leve

C. implement preventive controls for every threa

D. reduce control risk to zer

عرض الإجابة

اجابة صحيحة: D

السؤال #6

Who should drive the risk analysis for an organization?

A. Senior management

B. Security manager

C. Quality manager

D. Legal department

عرض الإجابة

اجابة صحيحة: B

السؤال #7

Which of the following is the MOST important factor when designing information security architecture?

A. Technical platform interfaces

B. Scalability of the network

C. Development methodologies

D. Stakeholder requirements

عرض الإجابة

اجابة صحيحة: C

السؤال #8

Risk management programs are designed to reduce risk to:

A. a level that is too small to be measurabl

B. the point at which the benefit exceeds the expens

C. a level that the organization is willing to accep

D. a rate of return that equals the current cost of capita

عرض الإجابة

اجابة صحيحة: A

السؤال #9

An organization's information security processes are currently defined as ad hoc. In seeking to improve their performance level, the next step for the organization should be to:

A. ensure that security processes are consistent across the organizatio

B. enforce baseline security levels across the organizatio

C. ensure that security processes are fully documente

D. implement monitoring of key performance indicators for security processe

عرض الإجابة

اجابة صحيحة: C

السؤال #10

Which of the following situations must be corrected FIRST to ensure successful information security governance within an organization?

A. The information security department has difficulty filling vacancie

B. The chief information officer (CIO) approves security policy change

C. The information security oversight committee only meets quarterl

D. The data center manager has final signoff on all security project

عرض الإجابة

اجابة صحيحة: A

السؤال #11

An organization has to comply with recently published industry regulatory requirements—compliance that potentially has high implementation costs. What should the information security manager do FIRST?

A. Implement a security committe

B. Perform a gap analysi

C. Implement compensating control

D. Demand immediate complianc

عرض الإجابة

اجابة صحيحة: D

السؤال #12

At what stage of the applications development process should the security department initially become involved?

A. When requested

B. At testing

C. At programming

D. At detail requirements

عرض الإجابة

اجابة صحيحة: B

السؤال #13

An outcome of effective security governance is:

A. business dependency assessment

B. strategic alignmen

C. risk assessmen

D. plannin

عرض الإجابة

اجابة صحيحة: B

السؤال #14

The MOST effective way to incorporate risk management practices into existing production systems is through:

A. policy developmen

B. change managemen

C. awareness trainin

D. regular monitorin

عرض الإجابة

اجابة صحيحة: D

السؤال #15

To determine the selection of controls required to meet business objectives, an information security manager should:

A. prioritize the use of role-based access control

B. focus on key control

C. restrict controls to only critical application

D. focus on automated control

عرض الإجابة

اجابة صحيحة: B

السؤال #16

The MAIN reason why asset classification is important to a successful information security program is because classification determines:

A. the priority and extent of risk mitigation effort

B. the amount of insurance needed in case of los

C. the appropriate level of protection to the asse

D. how protection levels compare to peer organization

عرض الإجابة

اجابة صحيحة: B

السؤال #17

The PRIMARY purpose of using risk analysis within a security program is to:

A. justify the security expenditur

B. help businesses prioritize the assets to be protecte

C. inform executive management of residual risk valu

D. assess exposures and plan remediatio

عرض الإجابة

اجابة صحيحة: A

السؤال #18

Which of the following is the BEST reason to perform a business impact analysis (BIA)?

A. To help determine the current state of risk

B. To budget appropriately for needed controls

C. To satisfy regulatory requirements

D. To analyze the effect on the business

عرض الإجابة

اجابة صحيحة: C

السؤال #19

Which of the following MOST commonly falls within the scope of an information security governance steering committee?

A. Interviewing candidates for information security specialist positions

B. Developing content for security awareness programs

C. Prioritizing information security initiatives

D. Approving access to critical financial systems

عرض الإجابة

اجابة صحيحة: B

السؤال #20

Before conducting a formal risk assessment of an organization's information resources, an information security manager should FIRST:

A. map the major threats to business objective

B. review available sources of risk informatio

C. identify the value of the critical asset

D. determine the financial impact if threats materializ

عرض الإجابة

اجابة صحيحة: D

السؤال #21

Who is ultimately responsible for the organization's information?

A. Data custodian

B. Chief information security officer (CISO)

C. Board of directors

D. Chief information officer (CIO)

عرض الإجابة

اجابة صحيحة: C

السؤال #22

Information security policy enforcement is the responsibility of the:

A. security steering committe

B. chief information officer (CIO)

C. chief information security officer (CISO)

D. chief compliance officer (CCO)

عرض الإجابة

اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:

رقم الواتس اب/الهاتف:

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان

عرض الإجابات بعد التقديم

لا تريد أن تفوت شيئا؟

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع! احصل الان

عرض الإجابات بعد التقديم

اجتياز اختبار الممارسة Cisco وPMP وCISA وCISM وAWS بنسبة 100% للبيع!
احصل الان