- Email support@dumps4free.com
Topic 1 : Pool A
A risk assessment has identified that an organization may not be in compliance with industry regulations. The BEST course of action would be to:
A.
conduct a gap analysis against compliance criteria.
B.
identify necessary controls to ensure compliance.
C.
modify internal assurance activities to include control validation.
D.
collaborate with management to meet compliance requirements.
conduct a gap analysis against compliance criteria.
A risk assessment has identified that departments have installed their own WiFi access points on the enterprise
network. Which of the following would be MOST important to include in a report to senior management?
A.
The network security policy
B.
Potential business impact
C.
The WiFi access point configuration
D.
Planned remediation actions
Potential business impact
Which of the following is the BEST indication that an organization's risk management program has not
reached the desired maturity level?
A.
Significant increases in risk mitigation budgets
B.
Large fluctuations in risk ratings between assessments
C.
A steady increase in the time to recover from incidents
D.
A large number of control exceptions
Large fluctuations in risk ratings between assessments
The head of a business operations department asks to review the entire IT risk register. Which of the following
would be the risk manager s BEST approach to this request before sharing the register?
A.
Escalate to senior management
B.
Require a nondisclosure agreement.
C.
Sanitize portions of the register
D.
Determine the purpose of the request
Determine the purpose of the request
Which of the following would BEST help secure online financial transactions from improper users?
A.
Review of log-in attempts
B.
Multi-level authorization
C.
Periodic review of audit trails
D.
Multi-factor authentication
Multi-factor authentication
| Page 33 out of 193 Pages |
| Previous |