- Email support@dumps4free.com
Topic 1: Exam Pool A
Application data integrity risk is MOST directly addressed by a design that includes:
A.
application log requirements such as field-level audit trails and user activity logs.
B.
strict application of an authorized data dictionary.
C.
access control technologies such as role-based entitlements.
D.
reconciliation routines such as checksums, hash totals, and record counts.
access control technologies such as role-based entitlements.
An organization has experienced multiple instances of privileged users misusing their
access. Which of the following processes would be MOST helpful in identifying such
violations?
A.
Log review
B.
Policy exception review
C.
Review of access controls
D.
Security assessment
Log review
Which of the following is the BEST way to enhance training for incident response teams?
A.
Participate in emergency response activities
B.
Conduct interviews with organizational units
C.
Establish incident key performance indicators (KPIs)
D.
Perform post-incident reviews
Participate in emergency response activities
Which of the following is the PRIMARY purpose of establishing an information security
governance framework?
A.
To reduce security audit issues
B.
To proactively address security objectives
C.
To enhance business continuity planning
D.
To minimize security risks
To proactively address security objectives
Who should determine data access requirements for an application hosted at an
organization's data center?
A.
Systems administrator
B.
Business owner
C.
Information security manager
D.
Data custodian
Business owner
| Page 5 out of 61 Pages |
| Previous |