لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A method to transfer risk is to______________.
A. Implement redundancy
B. Move operations to another region
C. Align to business operations
D. Purchase breach insurance
عرض الإجابة
اجابة صحيحة: D
السؤال #2
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization's need?
A. International Organization for Standardizations ?€" 22301 (ISO-22301)
B. Information Technology Infrastructure Library (ITIL)
C. Payment Card Industry Data Security Standards (PCI-DSS)
D. International Organization for Standardizations ?€" 27005 (ISO-27005)
عرض الإجابة
اجابة صحيحة: A
السؤال #3
When considering using a vendor to help support your security devices remotely, what is the BEST choice for allowing access?
A. Vendors uses their own laptop and logins with same admin credentials your security team uses
B. Vendor uses a company supplied laptop and logins using two factor authentication with same admin credentials your security team uses
C. Vendor uses a company supplied laptop and logins using two factor authentication with their own unique credentials
D. Vendor uses their own laptop and logins using two factor authentication with their own unique credentials
عرض الإجابة
اجابة صحيحة: C
السؤال #4
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
A. knowledge required to analyze each issue
B. information security metrics
C. linkage to business area objectives
D. baseline against which metrics are evaluated
عرض الإجابة
اجابة صحيحة: C
السؤال #5
Which of the following should be determined while defining risk management strategies?
A. Organizational objectives and risk tolerance
B. Enterprise disaster recovery plans
C. Risk assessment criteria
D. IT architecture complexity
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Why is it vitally important that senior management endorse a security policy?
A. So that employees will follow the policy directives
B. So that they can be held legally accountable
C. So that external bodies will recognize the organizations commitment to security
D. So that they will accept ownership for security within the organization
عرض الإجابة
اجابة صحيحة: D
السؤال #7
Which of the following should be determined while defining risk management strategies?
A. Organizational objectives and risk tolerance
B. Enterprise disaster recovery plans
C. Risk assessment criteria
D. IT architecture complexity
عرض الإجابة
اجابة صحيحة: A
السؤال #8
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
A. Consumer right disclosure
B. Data breach disclosure
C. Special circumstance disclosure
D. Security incident disclosure
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?
A. Understand the business goals of the organization
B. Poses a strong technical background
C. Poses a strong auditing background
D. Understand all regulations affecting the organization
عرض الإجابة
اجابة صحيحة: A
السؤال #10
When briefing senior management on the creation of a governance process, the MOST important aspect should be:
A. knowledge required to analyze each issue
B. information security metrics
C. linkage to business area objectives
D. baseline against which metrics are evaluated
عرض الإجابة
اجابة صحيحة: C
السؤال #11
A global retail organization is looking to implement a consistent Disaster Recovery and Business Continuity Process across all of its business units. Which of the following standards and guidelines can BEST address this organization's need?
A. International Organization for Standardizations ?€" 22301 (ISO-22301)
B. Information Technology Infrastructure Library (ITIL)
C. Payment Card Industry Data Security Standards (PCI-DSS)
D. International Organization for Standardizations ?€" 27005 (ISO-27005)
عرض الإجابة
اجابة صحيحة: A
السؤال #12
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?
A. Compliance management
B. Audit validation
C. Physical control testing
D. Security awareness training
عرض الإجابة
اجابة صحيحة: A
السؤال #13
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
A. Need to comply with breach disclosure laws
B. Fiduciary responsibility to safeguard credit information
C. Need to transfer the risk associated with hosting PII data
D. Need to better understand the risk associated with using PII data
عرض الإجابة
اجابة صحيحة: D
السؤال #14
Beim Umgang mit Risiken kann der Informationssicherheitsexperte w?hlen:
A. zuweisen
B. übertragung
C. best?tigen
D. verz?gern
عرض الإجابة
اجابة صحيحة: C
السؤال #15
Which of the following is the MOST important benefit of an effective security governance process?
A. Senior management participation in the incident response process
B. Better vendor management
C. Reduction of security breaches
D. Reduction of liability and overall risk to the organization
عرض الإجابة
اجابة صحيحة: D
السؤال #16
When managing a project, the MOST important activity in managing the expectations of stakeholders is:
A. To force stakeholders to commit ample resources to support the project
B. To facilitate proper communication regarding outcomes
C. To assure stakeholders commit to the project start and end dates in writing
D. To finalize detailed scope of the project at project initiation
عرض الإجابة
اجابة صحيحة: B
السؤال #17
An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?
A. Consumer right disclosure
B. Data breach disclosure
C. Special circumstance disclosure
D. Security incident disclosure
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Why is it vitally important that senior management endorse a security policy?
A. So that employees will follow the policy directives
B. So that they can be held legally accountable
C. So that external bodies will recognize the organizations commitment to security
D. So that they will accept ownership for security within the organization
عرض الإجابة
اجابة صحيحة: D
السؤال #19
Which of the following is of MOST importance when security leaders of an organization are required to align security to influence the culture of an organization?
A. Understand the business goals of the organization
B. Poses a strong technical background
C. Poses a strong auditing background
D. Understand all regulations affecting the organization
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Was ist ein Vorteil eines risikobasierten Ansatzes für die Prüfungsplanung?
A. Ressourcen werden den Bereichen mit der gr??ten Bedeutung zugewiesen
B. Die Planung kann Monate im Voraus durchgeführt werden
C. Budgets werden mit gr??erer Wahrscheinlichkeit vom IT-Revisionspersonal eingehalten
D. Die Mitarbeiter werden einer Vielzahl von Technologien ausgesetzt sein
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Which of the following is considered the MOST effective tool against social engineering?
A. Anti-phishing tools
B. Effective Security awareness program
C. Anti-malware tools
D. Effective Security Vulnerability Management Program
عرض الإجابة
اجابة صحيحة: B
السؤال #22
A security manager regularly checks work areas after business hours for security violations; such as unsecured files or unattended computers with active sessions. This activity BEST demonstrates what part of a security program?
A. Compliance management
B. Audit validation
C. Physical control testing
D. Security awareness training
عرض الإجابة
اجابة صحيحة: A
السؤال #23
Welche der folgenden Komponenten des geistigen Eigentums konzentriert sich auf die Aufrechterhaltung der Markenbekanntheit?
A. Warenzeichen
B. Patent
C. Forschungsprotokolle
D. Urheberrecht
عرض الإجابة
اجابة صحيحة: A
السؤال #24
Welche der folgenden Aussagen beschreibt am besten den Zweck der Norm ISO 27002 der International Organization for Standardization?
A. Um Empfehlungen für das Informationssicherheitsmanagement an diejenigen zu geben, die für die Initiierung, Implementierung oder Aufrechterhaltung der Sicherheit in ihrer Organisation verantwortlich sind
B. Bereitstellung einer gemeinsamen Grundlage für die Entwicklung organisatorischer Sicherheitsstandards
C. Zur Bereitstellung effektiver Sicherheitsmanagementpraktiken und zur Schaffung von Vertrauen in den Umgang zwischen Organisationen
D. Um festgelegte Richtlinien und allgemeine Prinzipien für die Initiierung, Implementierung, Aufrechterhaltung und Verbesserung des Informationssicherheitsmanagements innerhalb einer Organisation
عرض الإجابة
اجابة صحيحة: A
السؤال #25
You are the CISO for an investment banking firm. The firm is using artificial intelligence (AI) to assist in approving clients for loans. Which control is MOST important to protect AI products?
A. Hash datasets
B. Sanitize datasets
C. Delete datasets
D. Encrypt datasets
عرض الإجابة
اجابة صحيحة: B
السؤال #26
When measuring the effectiveness of an Information Security Management System which one of the following would be MOST LIKELY used as a metric framework?
A. ISO 27001
B. PRINCE2
C. ISO 27004
D. ITILv3
عرض الإجابة
اجابة صحيحة: C
السؤال #27
Which of the following is the MAIN reason to follow a formal risk management process in an organization that hosts and uses privately identifiable information (PII) as part of their business models and processes?
A. Need to comply with breach disclosure laws
B. Fiduciary responsibility to safeguard credit information
C. Need to transfer the risk associated with hosting PII data
D. Need to better understand the risk associated with using PII data
عرض الإجابة
اجابة صحيحة: D
السؤال #28
A method to transfer risk is to______________.
A. Implement redundancy
B. Move operations to another region
C. Align to business operations
D. Purchase breach insurance
عرض الإجابة
اجابة صحيحة: D
السؤال #29
Which of the following is the MOST important benefit of an effective security governance process?
A. Senior management participation in the incident response process
B. Better vendor management
C. Reduction of security breaches
D. Reduction of liability and overall risk to the organization
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Welcher der folgenden Begriffe wird verwendet, um Gegenma?nahmen zu beschreiben, die implementiert wurden, um Risiken für physisches Eigentum, Informationen und Computersysteme zu minimieren?
A. Sicherheitsframeworks
B. Sicherheitsrichtlinien
C. Sicherheitsbewusstsein
D. Sicherheitskontrollen
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.