- Email support@dumps4free.com
Topic 2 : Pool B Jul-Aug-Sep
An internal audit report reveals that not all IT application databases have encryption in place. Which of the following information would be MOST important for assessing the risk impact?
A.
The number of users who can access sensitive data
B.
A list of unencrypted databases which contain sensitive data
C.
The reason some databases have not been encrypted
D.
The cost required to enforce encryption
A list of unencrypted databases which contain sensitive data
Risk mitigation procedures should include:
A.
buying an insurance policy.
B.
acceptance of exposures
C.
deployment of counter measures.
D.
enterprise architecture implementation.
deployment of counter measures.
Which of the following is MOST helpful in identifying new risk exposures due to changes in the business environment?
A.
Standard operating procedures
B.
SWOT analysis
C.
Industry benchmarking
D.
Control gap analysis
SWOT analysis
An organization delegates its data processing to the internal IT team to manage information through its applications. Which of the following is the role of the internal IT team in this situation?
A.
Data controllers
B.
Data processors
C.
Data custodians
D.
Data owners
Data processors
A risk practitioner observes that hardware failure incidents have been increasing over the last few months. However, due to built-in redundancy and fault-tolerant architecture, there have been no interruptions to business operations. The risk practitioner should conclude that:
A.
a root cause analysis is required
B.
controls are effective for ensuring continuity
C.
hardware needs to be upgraded
D.
no action is required as there was no impact
a root cause analysis is required
| Page 4 out of 193 Pages |
| Previous |