ExamGecko
Search Search Login
Home Home / Isaca / CGEIT

Isaca CGEIT Practice Test - Questions Answers, Page 38

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Results of an enterprise's customer survey indicate customers prefer using mobile applications. However, this same survey shows the enterprise's mobile applications are considered inferior compared to legacy browser-based applications. Which of the following should be the FIRST step in creating an effective long-term mobile application strategy?
An enterprise is planning a transformation initiative by leveraging emerging technology that will have a significant impact on existing products and services Which of the following is the BEST way for IT to prepare for this change?
Which of the following is the MOST important consideration when integrating a new vendor with an enterprise resource planning (ERP) system?
A CEO wants to establish a governance framework to facilitate the alignment of IT and business strategies. Which of the following should be a KEY requirement of this framework?
An organization's board of directors has questioned the value provided by IT key performance indicators (KPIs). Which of the following is the BEST way to determine whether the KPIs adequately support organizational objectives?
A CIO is concerned with the potential of vendor system failures that could cause a large amount of unintended system downtime. To determine how to prepare for this concern, what is MOST important for the CIO to review?
A CIO is planning to implement an enterprise resource planning (ERP) system at the request of the business. Of the following, who is accountable for providing sponsorship for the IT-enabled change across the enterprise?
A financial services company has implemented the use of a cloud-based centralized customer relationship management (CRM) system. The company has decided to go multi-national. Which of the following should be the enterprise risk management (ERM) committee's PRIMARY consideration?
Acceptance of an enterprise's newly implemented IT governance initiatives has been resisted by a functional group requesting more autonomy over technology choices. Which of the following is MOST important to accommodate this need for autonomy?
A regulatory audit assessed an enterprise's main transactional application as noncompliant. In addition to fines and required corrections, an agreement was reached to implement a set of governance controls over IT. Accountability for these controls is BEST assigned to which of the following?

Question 371

Report
Export
Collapse

The PRIMARY objective of building outcome measures is to:

A.
monitor whether the chosen strategy is successful
A.
monitor whether the chosen strategy is successful
Answers
B.
visualize how the strategy will be achieved.
B.
visualize how the strategy will be achieved.
Answers
C.
demonstrate commitment to IT governance.
C.
demonstrate commitment to IT governance.
Answers
D.
clarify the cause-and-effect relationship of the strategy.
D.
clarify the cause-and-effect relationship of the strategy.
Answers
Suggested answer: A

Question 372

Report
Export
Collapse

Once the strategic vision has been established, which of the following would be the BEST activity for supporting the implementation of performance measures?

A.
Monitor service level performance.
A.
Monitor service level performance.
Answers
B.
Document strengths, weaknesses, opportunities, and threats.
B.
Document strengths, weaknesses, opportunities, and threats.
Answers
C.
Document policy requirements
C.
Document policy requirements
Answers
D.
Identify key performance indicators (KPIs).
D.
Identify key performance indicators (KPIs).
Answers
Suggested answer: C

Question 373

Report
Export
Collapse

Which of the following BEST supports the implementation of an effective data classification policy?

A.
Monitoring with key performance indicators (KPIs)
A.
Monitoring with key performance indicators (KPIs)
Answers
B.
Implementation of data loss prevention (DLP) tools
B.
Implementation of data loss prevention (DLP) tools
Answers
C.
Clear guidelines adopted by the business
C.
Clear guidelines adopted by the business
Answers
D.
Classification policy approval by the board
D.
Classification policy approval by the board
Answers
Suggested answer: C

Question 374

Report
Export
Collapse

An enterprise has lost an unencrypted backup tape of archived customer dat

a. A data breach report is not mandatory in the relevant jurisdiction. From an ethical standpoint, what should the enterprise do NEXT?

A.
Initiate disciplinary proceedings against relevant employees.
A.
Initiate disciplinary proceedings against relevant employees.
Answers
B.
Mandate a review of backup tape inventory procedures.
B.
Mandate a review of backup tape inventory procedures.
Answers
C.
Communicate the breach to customers.
C.
Communicate the breach to customers.
Answers
D.
Require an evaluation of storage facility vendors.
D.
Require an evaluation of storage facility vendors.
Answers
Suggested answer: C

Question 375

Report
Export
Collapse

When developing an IT training plan, which of the following is the BEST way to ensure that resource skills requirements are identified?

A.
Extract training requirements from deficiencies reported in customer service satisfaction surveys.
A.
Extract training requirements from deficiencies reported in customer service satisfaction surveys.
Answers
B.
Ask managers to determine IT training requirements annually.
B.
Ask managers to determine IT training requirements annually.
Answers
C.
Determine training needs based on the capabilities to support the IT strategy.
C.
Determine training needs based on the capabilities to support the IT strategy.
Answers
D.
Survey employees for IT skills requirements based upon technology trends.
D.
Survey employees for IT skills requirements based upon technology trends.
Answers
Suggested answer: C

Question 376

Report
Export
Collapse

In which of the following situations is it MOST appropriate to use a quantitative risk assessment?

A.
There is a lack of accurate and reliable past and present risk data.
A.
There is a lack of accurate and reliable past and present risk data.
Answers
B.
The risk assessment needs to be completed in a short period of time.
B.
The risk assessment needs to be completed in a short period of time.
Answers
C.
The objectivity of the risk assessment is of primary importance.
C.
The objectivity of the risk assessment is of primary importance.
Answers
D.
The risk assessment is needed for an IT project business case.
D.
The risk assessment is needed for an IT project business case.
Answers
Suggested answer: C

Question 377

Report
Export
Collapse

An IT department has forwarded a request to the IT strategy committee for funding of a discretionary Investment. The committee's MOST important consideration should be to evaluate:

A.
the technical feasibility of the investment.
A.
the technical feasibility of the investment.
Answers
B.
the business and technical scope of the investment *
B.
the business and technical scope of the investment *
Answers
C.
whether the investment supports corporate goals
C.
whether the investment supports corporate goals
Answers
D.
whether the investment aligns with the enterprise architecture (EA).
D.
whether the investment aligns with the enterprise architecture (EA).
Answers
Suggested answer: C

Question 378

Report
Export
Collapse

Which of the following should be identified FIRST when determining appropriate IT key risk indicators (KRIs)?

A.
IT-related risk
A.
IT-related risk
Answers
B.
IT controls
B.
IT controls
Answers
C.
IT threats
C.
IT threats
Answers
D.
IT objectives
D.
IT objectives
Answers
Suggested answer: C

Question 379

Report
Export
Collapse

An IT risk committee is trying to mitigate the risk associated with a newly implemented bring your own device (BYOD) policy and supporting mobile device management (MDM) tools. Which of the following would be the BEST way to ensure employees understand how to protect sensitive corporate data on their mobile devices?

A.
Require staff to complete security awareness training
A.
Require staff to complete security awareness training
Answers
B.
Develop security procedures for mobile devices.
B.
Develop security procedures for mobile devices.
Answers
C.
Distribute the BYOD policy on the company Intranet.
C.
Distribute the BYOD policy on the company Intranet.
Answers
D.
Require staff to review and sign nondisclosure agreements (NDAs)
D.
Require staff to review and sign nondisclosure agreements (NDAs)
Answers
Suggested answer: A

Question 380

Report
Export
Collapse

An enterprise's decision to move to a virtualized architecture will have the GREATEST impact on:

A.
system life cycle management.
A.
system life cycle management.
Answers
B.
asset classification.
B.
asset classification.
Answers
C.
vendor management
C.
vendor management
Answers
D.
vulnerability management.
D.
vulnerability management.
Answers
Suggested answer: D
Total 577 questions
Go to page: of 58
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms