CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 78
1. A software vendor has announced a zero-day vulnerability that exposes an organization's critical business systems, following should be the information security manager's PRIMARY concern?
A) Business tolerance of downtime
B) Adequacy of the incident response plan
C) Availability of resources to implement controls
D) Ability to test patches prior to deployment
2. Which of the following is the MOST important action when using a web application that has recognized vulnerabilities?
A) Deploy an application firewall.
B) Deploy host-based intrusion detection.
C) Install anti-spyware software.
D) Monitor application level logs.
3. Which of the following is the MOST effective mitigation strategy to protect confidential information from insider threats?
A) Performing an entitlement review process
B) Implementing authentication mechanism
C) Defining segregation of duties
D) Establishing authorization controls
4. Which of the following is the BEST indicator of a successful external intrusion into computer systems?
A) Unexpected use of protocols within the DMZ.
B) Unexpected increase of malformed URLs.
C) Decrease in the number of login failures.
D) Spikes in the number of login failures.
5. The likelihood of a successful attack is a function of:
A) incentive and capability of the intruder
B) opportunity and asset value
C) threat and vulnerability levels
D) value and desirability to the intruder
A) Business tolerance of downtime
B) Adequacy of the incident response plan
C) Availability of resources to implement controls
D) Ability to test patches prior to deployment
2. Which of the following is the MOST important action when using a web application that has recognized vulnerabilities?
A) Deploy an application firewall.
B) Deploy host-based intrusion detection.
C) Install anti-spyware software.
D) Monitor application level logs.
3. Which of the following is the MOST effective mitigation strategy to protect confidential information from insider threats?
A) Performing an entitlement review process
B) Implementing authentication mechanism
C) Defining segregation of duties
D) Establishing authorization controls
4. Which of the following is the BEST indicator of a successful external intrusion into computer systems?
A) Unexpected use of protocols within the DMZ.
B) Unexpected increase of malformed URLs.
C) Decrease in the number of login failures.
D) Spikes in the number of login failures.
5. The likelihood of a successful attack is a function of:
A) incentive and capability of the intruder
B) opportunity and asset value
C) threat and vulnerability levels
D) value and desirability to the intruder
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment