لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
An organization has a process in place that involves the use of a vendor. A risk assessment was completed during the development of the process. A year after the implementation a monetary decision has been made to use a different vendor. What, if anything, should occur?
A. Nothing, since a risk assessment was completed during developmen
B. A vulnerability assessment should be conducte
C. A new risk assessment should be performe
D. The new vendor's SAS 70 type II report should be reviewe
عرض الإجابة
اجابة صحيحة: B
السؤال #2
Which of the following is MOST important to understand when developing a meaningful information security strategy?
A. Regulatory environment
B. International security standards
C. Organizational risks
D. Organizational goals
عرض الإجابة
اجابة صحيحة: D
السؤال #3
An information security manager at a global organization has to ensure that the local information security program will initially ensure compliance with the:
A. corporate data privacy polic
B. data privacy policy where data are collecte
C. data privacy policy of the headquarters' countr
D. data privacy directive applicable globall
عرض الإجابة
اجابة صحيحة: A
السؤال #4
A business impact analysis (BIA) is the BEST tool for calculating:
A. total cost of ownershi
B. priority of restoratio
C. annualized loss expectancy (ALE)
D. residual ris
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Information security projects should be prioritized on the basis of:
A. time required for implementatio
B. impact on the organizatio
C. total cost for implementatio
D. mix of resources require
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Risk assessment is MOST effective when performed:
A. at the beginning of security program developmen
B. on a continuous basi
C. while developing the business case for the security progra
D. during the business change proces
عرض الإجابة
اجابة صحيحة: D
السؤال #7
Which of the following is the MOST relevant metric to include in an information security quarterly report to the executive committee?
A. Security compliant servers trend report
B. Percentage of security compliant servers
C. Number of security patches applied
D. Security patches applied trend report
عرض الإجابة
اجابة صحيحة: B
السؤال #8
The PRIMARY objective of a risk management program is to:
A. minimize inherent ris
B. eliminate business ris
C. implement effective control
D. minimize residual ris
عرض الإجابة
اجابة صحيحة: B
السؤال #9
In an organization, information systems security is the responsibility of:
A. all personne
B. information systems personne
C. information systems security personne
D. functional personne
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Which of the following is MOST effective in preventing weaknesses from being introduced into existing production systems?
A. Patch management
B. Change management
C. Security baselines
D. Virus detection
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Security monitoring mechanisms should PRIMARILY:
A. focus on business-critical informatio
B. assist owners to manage control risk
C. focus on detecting network intrusion
D. record all security violation
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which of the following roles is PRIMARILY responsible for determining the information classification levels for a given information asset?
A. Manager
B. Custodian
C. User
D. Owner
عرض الإجابة
اجابة صحيحة: C
السؤال #13
A message* that has been encrypted by the sender's private key and again by the receiver's public key achieves:
A. authentication and authorizatio
B. confidentiality and integrit
C. confidentiality and nonrepudiatio
D. authentication and nonrepudiatio
عرض الإجابة
اجابة صحيحة: D
السؤال #14
A risk management approach to information protection is:
A. managing risks to an acceptable level, commensurate with goals and objective
B. accepting the security posture provided by commercial security product
C. implementing a training program to educate individuals on information protection and risk
D. managing risk tools to ensure that they assess all information protection vulnerabilitie
عرض الإجابة
اجابة صحيحة: C
السؤال #15
When configuring a biometric access control system that protects a high-security data center, the system's sensitivity level should be set:
A. to u higher false reject rate (FRR)
B. to a lower crossover error rat
C. to a higher false acceptance rate (FAR)
D. exactly to the crossover error rat
عرض الإجابة
اجابة صحيحة: A
السؤال #16
Which of the following is MOST effective for securing wireless networks as a point of entry into a corporate network?
A. Boundary router
B. Strong encryption
C. Internet-facing firewall
D. Intrusion detection system (IDS)
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Which of the following would a security manager establish to determine the target for restoration of normal processing?
A. Recover)' time objective (RTO)
B. Maximum tolerable outage (MTO)
C. Recovery point objectives (RPOs)
D. Services delivery objectives (SDOs)
عرض الإجابة
اجابة صحيحة: BExplanati
السؤال #18
The MAIN reason for deploying a public key infrastructure (PKI) when implementing an information security program is to:
A. ensure the confidentiality of sensitive materia
B. provide a high assurance of identit
C. allow deployment of the active director
D. implement secure sockets layer (SSL) encryptio
عرض الإجابة
اجابة صحيحة: A
السؤال #19
Because of its importance to the business, an organization wants to quickly implement a technical solution which deviates from the company's policies. An information security manager should:
A. conduct a risk assessment and allow or disallow based on the outcom
B. recommend a risk assessment and implementation only if the residual risks are accepte
C. recommend against implementation because it violates the company's policie
D. recommend revision of current polic
عرض الإجابة
اجابة صحيحة: C
السؤال #20
After a risk assessment study, a bank with global operations decided to continue doing business in certain regions of the world where identity theft is rampant. The information security manager should encourage the business to:
A. increase its customer awareness efforts in those region
B. implement monitoring techniques to detect and react to potential frau
C. outsource credit card processing to a third part
D. make the customer liable for losses if they fail to follow the bank's advic
عرض الإجابة
اجابة صحيحة: D
السؤال #21
The main mail server of a financial institution has been compromised at the superuser level; the only way to ensure the system is secure would be to:
A. change the root password of the syste
B. implement multifactor authenticatio
C. rebuild the system from the original installation mediu
D. disconnect the mail server from the networ
عرض الإجابة
اجابة صحيحة: B
السؤال #22
In a business impact analysis, the value of an information system should be based on the overall cost:
A. of recover
B. to recreat
C. if unavailabl
D. of emergency operation
عرض الإجابة
اجابة صحيحة: B
السؤال #23
A risk analysis should:
A. include a benchmark of similar companies in its scop
B. assume an equal degree of protection for all asset
C. address the potential size and likelihood of los
D. give more weight to the likelihood v
E. the size of the los
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.