لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
An upward trend in which of the following metrics should be of MOST concern?
A. Number of business change management requests
B. Number of revisions to security policy
C. Number of security policy exceptions approved
D. Number of changes to firewall rules
عرض الإجابة
اجابة صحيحة: B
السؤال #2
Which of the following is the BEST way to determine the ongoing efficiency of control processes?
A. Perform annual risk assessments
B. Interview process owners
C. Review the risk register
D. Analyze key performance indicators (KPIs)
عرض الإجابة
اجابة صحيحة: A
السؤال #3
Which of the following is the MOST useful indicator to measure the efficiency of an identity and access management process?
A. Number of tickets for provisioning new accounts
B. Average time to provision user accounts
C. Password reset volume per month
D. Average account lockout time
عرض الإجابة
اجابة صحيحة: A
السؤال #4
A newly enacted information privacy law significantly increases financial penalties for breaches of personally identifiable information (Pll). Which of the following will MOST likely outcome for an organization affected by the new law?
A. Increase in compliance breaches
B. Increase in loss event impact
C. Increase in residual risk
D. Increase in customer complaints
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which of the following should be included in a risk scenario to be used for risk analysis?
A. Risk appetite
B. Threat type
C. Risk tolerance
D. Residual risk
عرض الإجابة
اجابة صحيحة: A
السؤال #6
The acceptance of control costs that exceed risk exposure is MOST likely an example of:
A. low risk tolerance
B. corporate culture misalignment
C. corporate culture alignment
D. high risk tolerance
عرض الإجابة
اجابة صحيحة: B
السؤال #7
Which of the following is the MOST important outcome of reviewing the risk management process?
A. Assuring the risk profile supports the IT objectives
B. Improving the competencies of employees who performed the review
C. Determining what changes should be nude to IS policies to reduce risk
D. Determining that procedures used in risk assessment are appropriate
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Which of the following is the FIRST step in risk assessment?
A. Review risk governance
B. Asset identification
C. Identify risk factors
D. Inherent risk identification
عرض الإجابة
اجابة صحيحة: B
السؤال #9
In an organization with a mature risk management program, which of the following would provide the BEST evidence that the IT risk profile is up to date?
A. Risk questionnaire
B. Risk register
C. Management assertion
D. Compliance manual
عرض الإجابة
اجابة صحيحة: B
السؤال #10
A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security. Which of the following observations would be MOST relevant to escalate to senior management?
A. An increase in attempted distributed denial of service (DDoS) attacks
B. An increase in attempted website phishing attacks
C. A decrease in achievement of service level agreements (SLAs)
D. A decrease in remediated web security vulnerabilities
عرض الإجابة
اجابة صحيحة: D
السؤال #11
Which of the following is the MOST important consideration when multiple risk practitioners capture risk scenarios in a single risk register?
A. Aligning risk ownership and control ownership
B. Developing risk escalation and reporting procedures
C. Maintaining up-to-date risk treatment plans
D. Using a consistent method for risk assessment
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which of the following would BEST help to ensure that suspicious network activity is identified?
A. Analyzing intrusion detection system (IDS) logs
B. Analyzing server logs
C. Using a third-party monitoring provider
D. Coordinating events with appropriate agencies
عرض الإجابة
اجابة صحيحة: C
السؤال #13
An organization has raised the risk appetite for technology risk. The MOST likely result would be:
A. increased inherent risk
B. higher risk management cost
C. decreased residual risk
D. lower risk management cost
عرض الإجابة
اجابة صحيحة: B
السؤال #14
An internally developed payroll application leverages Platform as a Service (PaaS) infrastructure from the cloud. Who owns the related data confidentiality risk?
A. IT infrastructure head
B. Human resources head
C. Supplier management head
D. Application development head
عرض الإجابة
اجابة صحيحة: A
السؤال #15
A risk owner should be the person accountable for:
A. the risk management process
B. managing controls
C. implementing actions
D. the business process
عرض الإجابة
اجابة صحيحة: A
السؤال #16
An IT operations team implements disaster recovery controls based on decisions from application owners regarding the level of resiliency needed. Who is the risk owner in this scenario?
A. Business resilience manager
B. Disaster recovery team lead
C. Application owner
D. IT operations manager
عرض الإجابة
اجابة صحيحة: B
السؤال #17
Which of the following is the BEST metric to demonstrate the effectiveness of an organization's change management process?
A. Increase in the frequency of changes
B. Percent of unauthorized changes
C. Increase in the number of emergency changes
D. Average time to complete changes
عرض الإجابة
اجابة صحيحة: D
السؤال #18
Which of the following statements BEST describes risk appetite?
A. The amount of risk an organization is willing to accept
B. The effective management of risk and internal control environments
C. Acceptable variation between risk thresholds and business objectives
D. The acceptable variation relative to the achievement of objectives
عرض الإجابة
اجابة صحيحة: A
السؤال #19
A risk practitioner is reviewing the status of an action plan to mitigate an emerging IT risk and finds the risk level has increased. The BEST course of action would be to:
A. implement the planned controls and accept the remaining risk
B. suspend the current action plan in order to reassess the risk
C. revise the action plan to include additional mitigating controls
D. evaluate whether selected controls are still appropriate
عرض الإجابة
اجابة صحيحة: B
السؤال #20
The MOST important reason to aggregate results from multiple risk assessments on interdependent information systems is to:
A. establish overall impact to the organization
B. efficiently manage the scope of the assignment
C. identify critical information systems
D. facilitate communication to senior management
عرض الإجابة
اجابة صحيحة: A
السؤال #21
IT stakeholders have asked a risk practitioner for IT risk profile reports associated with specific departments to allocate resources for risk mitigation. The BEST way to address this request would be to use:
A. the cost associated with each control
B. historical risk assessments
C. key risk indicators (KRls)
D. information from the risk register
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Who should be accountable for ensuring effective cybersecurity controls are established?
A. Risk owner
B. Security management function
C. IT management
D. Enterprise risk function
عرض الإجابة
اجابة صحيحة: B
السؤال #23
Which of the following is MOST important for an organization to have in place when developing a risk management framework?
A. A strategic approach to risk including an established risk appetite
B. A risk-based internal audit plan for the organization
C. A control function within the risk management team
D. An organization-wide risk awareness training program
عرض الإجابة
اجابة صحيحة: C
السؤال #24
What can be determined from the risk scenario chart?
A. Relative positions on the risk map
B. Risk treatment options
C. Capability of enterprise to implement
D. The multiple risk factors addressed by a chosen response
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.