- Email support@dumps4free.com
Topic 1 : Pool A
A PRIMARY advantage of involving business management in evaluating and managing risk is that management:
A.
better understands the system architecture.
B.
is more objective than risk management
C.
can balance technical and business risk.
D.
can make better informed business decisions
can make better informed business decisions
Which of the following is of GREATEST concern when uncontrolled changes are made to the control
environment?
A.
A decrease in control layering effectiveness
B.
An increase in inherent risk
C.
An increase in control vulnerabilities
D.
An increase in the level of residual risk
An increase in the level of residual risk
Which of the following is a KEY outcome of risk ownership?
A.
Risk responsibilities are addressed.
B.
Risk-related information is communicated.
C.
Risk-oriented tasks are defined.
D.
Business process risk is analyzed.
Risk responsibilities are addressed.
An organization has implemented a preventive control to lock user accounts after three unsuccessful login
attempts. This practice has been proven to be unproductive, and a change in the control threshold value has
been recommended. Who should authorize changing this threshold?
A.
Risk owner
B.
IT security manager
C.
IT system owner
D.
Control owner
Control owner
An upward trend in which of the following metrics should be of MOST concern?
A.
Number of business change management requests
B.
Number of revisions to security policy
C.
Number of security policy exceptions approved
D.
Number of changes to firewall rules
Number of security policy exceptions approved
| Page 38 out of 193 Pages |
| Previous |