لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Harry is the project manager of HDW project. He has identified a risk that could injure project team members. He does not want to accept any risk where someone could become injured on this project so he hires a professional vendor to complete this portion of the project work. What type of risk response is Harry implementing?
A. Transference
B. Mitigation
C. Acceptance
D. Avoidance
عرض الإجابة
اجابة صحيحة: ABD
السؤال #2
Which of the following is the MOST important factor affecting risk management in an organization?
A. The risk manager's expertise
B. Regulatory requirements
C. Board of directors' expertise
D. The organization's culture
عرض الإجابة
اجابة صحيحة: B
السؤال #3
You are the risk official of your enterprise. Your enterprise takes important decisions without considering risk credential information and is also unaware of external requirements for risk management and integration with enterprise risk management. In which of the following risk management capability maturity levels does your enterprise exists?
A. Level 1
B. Level 0
C. Level 5
D. Level 4
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Which of the following is the BEST way for a risk practitioner to verify that management has addressed control issues identified during a previous external audit?
A. Interview control owners
B. Observe the control enhancements in operation
C. Inspect external audit documentation
D. Review management's detailed action plans
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Which of the following components of risk scenarios has the potential to generate internal or external threat on an enterprise?
A. Timing dimension
B. Events
C. Assets
D. Actors
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Topic 4Before assigning sensitivity levels to information, it is MOST important to:
A. define the information classification policy
B. conduct a sensitivity analysis
C. identify information custodians
D. define recovery time objectives (RTOs)
عرض الإجابة
اجابة صحيحة: A
السؤال #7
Which of the following statements is NOT true regarding the risk management plan?
A. The risk management plan is an output of the Plan Risk Management process
B. The risk management plan is an input to all the remaining risk-planning processes
D. The risk management plan includes thresholds, scoring and interpretation methods, responsible parties, and budgets
عرض الإجابة
اجابة صحيحة: C
السؤال #8
An application runs a scheduled job that compiles financial data from multiple business systems and updates the financial reporting system. If this job runs too long, it can delay financial reporting. Which of the following is the risk practitioner's BEST recommendation?
A. Implement database activity and capacity monitoring
B. Ensure the business is aware of the risk
C. Ensure the enterprise has a process to detect such situations
D. Consider providing additional system resources to this job
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Topic 4Which of the following is MOST important for an organization to update following a change in legislation requiring notificationto individuals impacted by data breaches?
A. Security awareness training
B. Policies and standards
C. Risk appetite and tolerance
D. Insurance coverage
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Which of the following BEST measures the efficiency of an incident response process?
A. Number of incidents escalated to management
B. Average time between changes and updating of escalation matrix
C. Average gap between actual and agreed response times
D. Number of incidents lacking responses
عرض الإجابة
اجابة صحيحة: B
السؤال #11
Due to a change in business processes, an identified risk scenario no longer requires mitigation. Which of the following is the MOST important reason the risk should remain in the risk register?
A. To support regulatory requirements
B. To prevent the risk scenario in the current environment
C. To monitor for potential changes to the risk scenario
D. To track historical risk assessment results
عرض الإجابة
اجابة صحيحة: D
السؤال #12
You are the project manager of the GHY Project for your company. You need to complete a project management process that will be on the lookout for new risks, changing risks, and risks that are now outdated. Which project management process is responsible for these actions?
A. Risk planning B
C. Risk identification
D. Risk analysis
عرض الإجابة
اجابة صحيحة: B
السؤال #13
What are the responsibilities of the CRO? Each correct answer represents a complete solution. Choose three.
A. Managing the risk assessment process B
C. Advising Board of Directors
D. Managing the supporting risk management function
عرض الإجابة
اجابة صحيحة: AB
السؤال #14
Where are all risks and risk responses documented as the project progresses?
A. Risk management plan
B. Project management plan
C. Risk response plan
D. Risk register
عرض الإجابة
اجابة صحيحة: D
السؤال #15
You are the project manager of GHT project. You have planned the risk response process and now you are about to implement various controls. What you should do before relying on any of the controls?
A. Review performance data
B. Discover risk exposure
C. Conduct pilot testing
D. Articulate risk
عرض الإجابة
اجابة صحيحة: AC
السؤال #16
Which of the following BEST ensures that a firewall is configured in compliance with an enterprise's security policy? A. Interview the firewall administrator.
B. Review the actual procedures
C. Review the device's log file for recent attacks
D. Review the parameter settings
عرض الإجابة
اجابة صحيحة: C
السؤال #17
Topic 4The PRIMARY purpose of using a framework for risk analysis is to:
A. help define risk tolerance
B. help develop risk scenarios
C. improve consistency
D. improve accountability
عرض الإجابة
اجابة صحيحة: A
السؤال #18
Which of the following is MOST important when developing key risk indicators (KRIs)?
A. Alignment with regulatory requirements
B. Availability of qualitative data
C. Properly set thresholds
D. Alignment with industry benchmarks
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Which of the following is the GREATEST risk associated with the use of data analytics?
A. Distributed data sources
B. Manual data extraction
C. Incorrect data selection
D. Excessive data volume
عرض الإجابة
اجابة صحيحة: B
السؤال #20
Which of the following aspect of monitoring tool ensures that the monitoring tool has the ability to keep up with the growth of an enterprise? A. Scalability
B. Customizability
C. Sustainability
D. Impact on performance
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Topic 4Which of the following will BEST help to ensure the continued effectiveness of the IT risk management function within anorganization experiencing high employee turnover?
A. Change and release management
B. Well documented policies and procedures
C. Risk and issue tracking
D. An IT strategy committee
عرض الإجابة
اجابة صحيحة: B
السؤال #22
Topic 4Which of the following is the BEST way to quantify the likelihood of risk materialization?
A. Balanced scorecard
B. Business impact analysis (BIA)
C. Threat and vulnerability assessment
D. Compliance assessments
عرض الإجابة
اجابة صحيحة: C
السؤال #23
Topic 4In order to determine if a risk is under-controlled, the risk practitioner will need to:
A. determine the sufficiency of the IT risk budget
B. monitor and evaluate IT performance
C. identify risk management best practices
D. understand the risk tolerance
عرض الإجابة
اجابة صحيحة: D
السؤال #24
Which of the following matrices is used to specify risk thresholds?
A. Risk indicator matrix
B. Impact matrix
C. Risk scenario matrix
D. Probability matrix
عرض الإجابة
اجابة صحيحة: A
السؤال #25
Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?
A. Risk transfer
B. Risk acceptance C
D. Risk mitigation
عرض الإجابة
اجابة صحيحة: D
السؤال #26
A risk practitioner notices that a particular key risk indicator (KRI) has remained below its established trigger point for an extended period of time. Which of the following should be done FIRST?
A. Recommend a re-evaluation of the current threshold of the KRI
B. Notify management that KRIs are being effectively managed
C. Update the risk rating associated with the KRI In the risk register
D. Update the risk tolerance and risk appetite to better align to the KRI
عرض الإجابة
اجابة صحيحة: D
السؤال #27
Which of the following BEST helps to identify significant events that could impact an organization? Vulnerability analysis
A. Control analysis
B. Scenario analysis
C. Heat map analysis
عرض الإجابة
اجابة صحيحة: A
السؤال #28
You are the project manager of GHT project. Your project team is in the process of identifying project risks on your current project. The team has the option to use all of the following tools and techniques to diagram some of these potential risks EXCEPT for which one?
A. Process flowchart
B. Ishikawa diagram
C. Influence diagram
D. Decision tree diagram
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.