ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 15

Add to Whishlist

List of questions

Question 141

Report Export Collapse

An unauthorized individual has socially engineered entry into an organization's secured physical premises. Which of the following is the BEST way to prevent future occurrences?

Employ security guards.
Employ security guards.
Conduct security awareness training.
Conduct security awareness training.
Install security cameras.
Install security cameras.
Require security access badges.
Require security access badges.
Suggested answer: B
asked 18/09/2024
asd asd
36 questions

Question 142

Report Export Collapse

The MOST effective way to increase the likelihood that risk responses will be implemented is to:

create an action plan
create an action plan
assign ownership
assign ownership
review progress reports
review progress reports
perform regular audits.
perform regular audits.
Suggested answer: B
asked 18/09/2024
Kabi Bashala
41 questions

Question 143

Report Export Collapse

Which of the following would be MOST useful when measuring the progress of a risk response action plan?

Percentage of mitigated risk scenarios
Percentage of mitigated risk scenarios
Annual loss expectancy (ALE) changes
Annual loss expectancy (ALE) changes
Resource expenditure against budget
Resource expenditure against budget
An up-to-date risk register
An up-to-date risk register
Suggested answer: D
asked 18/09/2024
Anupam Ojha
44 questions

Question 144

Report Export Collapse

Which of the following would MOST effectively enable a business operations manager to identify events exceeding risk thresholds?

Continuous monitoring
Continuous monitoring
A control self-assessment
A control self-assessment
Transaction logging
Transaction logging
Benchmarking against peers
Benchmarking against peers
Suggested answer: A
asked 18/09/2024
ROBERTO INFANTAS
40 questions

Question 145

Report Export Collapse

Which of the following is the MOST cost-effective way to test a business continuity plan?

Conduct interviews with key stakeholders.
Conduct interviews with key stakeholders.
Conduct a tabletop exercise.
Conduct a tabletop exercise.
Conduct a disaster recovery exercise.
Conduct a disaster recovery exercise.
Conduct a full functional exercise.
Conduct a full functional exercise.
Suggested answer: B
asked 18/09/2024
Ray Hato
43 questions

Question 146

Report Export Collapse

Which of the following is the PRIMARY reason for a risk practitioner to use global standards related to risk management?

To build an organizational risk-aware culture
To build an organizational risk-aware culture
To continuously improve risk management processes
To continuously improve risk management processes
To comply with legal and regulatory requirements
To comply with legal and regulatory requirements
To identify gaps in risk management practices
To identify gaps in risk management practices
Suggested answer: B
asked 18/09/2024
Arun kumar
40 questions

Question 147

Report Export Collapse

Which of the following is the FIRST step in managing the security risk associated with wearable technology in the workplace?

Identify the potential risk.
Identify the potential risk.
Monitor employee usage.
Monitor employee usage.
Assess the potential risk.
Assess the potential risk.
Develop risk awareness training.
Develop risk awareness training.
Suggested answer: A
asked 18/09/2024
Mina Shaker
52 questions

Question 148

Report Export Collapse

A risk practitioner observes that hardware failure incidents have been increasing over the last few months. However, due to built-in redundancy and fault-tolerant architecture, there have been no interruptions to business operations. The risk practitioner should conclude that:

a root cause analysis is required
a root cause analysis is required
controls are effective for ensuring continuity
controls are effective for ensuring continuity
hardware needs to be upgraded
hardware needs to be upgraded
no action is required as there was no impact
no action is required as there was no impact
Suggested answer: A
asked 18/09/2024
Samya Sharab
41 questions

Question 149

Report Export Collapse

Which of the following is MOST helpful in identifying new risk exposures due to changes in the business environment?

Standard operating procedures
Standard operating procedures
SWOT analysis
SWOT analysis
Industry benchmarking
Industry benchmarking
Control gap analysis
Control gap analysis
Suggested answer: B
asked 18/09/2024
Velmurugan P
44 questions

Question 150

Report Export Collapse

Which of the following controls will BEST detect unauthorized modification of data by a database administrator?

Reviewing database access rights
Reviewing database access rights
Reviewing database activity logs
Reviewing database activity logs
Comparing data to input records
Comparing data to input records
Reviewing changes to edit checks
Reviewing changes to edit checks
Suggested answer: B
asked 18/09/2024
Guillaume Deterville
51 questions
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?