- Email support@dumps4free.com
Topic 1 : Pool A
Which of the following activities would BEST contribute to promoting an organization-wide risk-aware culture?
A.
Performing a benchmark analysis and evaluating gaps
B.
Conducting risk assessments and implementing controls
C.
Communicating components of risk and their acceptable levels
D.
Participating in peer reviews and implementing best practices
Communicating components of risk and their acceptable levels
Due to a change in business processes, an identified risk scenario no longer requires mitigation. Which of the following is the MOST important reason the risk should remain in the risk register?
A.
To support regulatory requirements
B.
To prevent the risk scenario in the current environment
C.
To monitor for potential changes to the risk scenario
D.
To track historical risk assessment results
To track historical risk assessment results
Which of the following would provide the BEST guidance when selecting an appropriate risk treatment plan?
A.
Risk mitigation budget
B.
Business Impact analysis
C.
Cost-benefit analysis
D.
Return on investment
Business Impact analysis
Which of the following tools is MOST effective in identifying trends in the IT risk profile?
A.
Risk self-assessment
B.
Risk register
C.
Risk dashboard
D.
Risk map
Risk dashboard
A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security. Which of the following observations would be MOST relevant to escalate to seniormanagement?
A.
An increase in attempted distributed denial of service (DDoS) attacks
B.
An increase in attempted website phishing attacks
C.
A decrease in achievement of service level agreements (SLAs)
D.
A decrease in remediated web security vulnerabilities
An increase in attempted distributed denial of service (DDoS) attacks
| Page 8 out of 193 Pages |
| Previous |