- Email support@dumps4free.com
Topic 1 : Pool A
An organization that has been the subject of multiple social engineering attacks is developing a risk awareness program.The PRIMARY goal of this program should be to:
A.
reduce the risk to an acceptable level.
B.
communicate the consequences for violations.
C.
implement industry best practices.
D.
reduce the organization's risk appetite
communicate the consequences for violations.
Which of the following risk register updates is MOST important for senior management to review?
A.
Extending the date of a future action plan by two months
B.
Retiring a risk scenario no longer used
C.
Avoiding a risk that was previously accepted
D.
Changing a risk owner
Extending the date of a future action plan by two months
What should be the PRIMARY objective for a risk practitioner performing a post-implementation review of an IT risk mitigation project?
A.
Documenting project lessons learned
B.
Validating the risk mitigation project has been completed
C.
Confirming that the project budget was not exceeded
D.
Verifying that the risk level has been lowered
Documenting project lessons learned
Which of the following would BEST help to ensure that identified risk is efficiently managed?
A.
Reviewing the maturity of the control environment
B.
Regularly monitoring the project plan
C.
Maintaining a key risk indicator for each asset in the risk register
D.
Periodically reviewing controls per the risk treatment plan
Periodically reviewing controls per the risk treatment plan
When testing the security of an IT system, il is MOST important to ensure that;
A.
tests are conducted after business hours.
B.
operators are unaware of the test.
C.
external experts execute the test.
D.
agreement is obtained from stakeholders.
agreement is obtained from stakeholders.
| Page 11 out of 193 Pages |
| Previous |