ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 154

Add to Whishlist

List of questions

Question 1531

Report Export Collapse

An organization uses a biometric access control system for authentication and access to its server room. Which control type has been implemented?

Become a Premium Member for full access
  Unlock Premium Member

Question 1532

Report Export Collapse

Who is accountable for authorizing application access in a cloud Software as a Service (SaaS) solution?

Become a Premium Member for full access
  Unlock Premium Member

Question 1533

Report Export Collapse

The BEST use of key risk indicators (KRIs) is to provide:

Become a Premium Member for full access
  Unlock Premium Member

Question 1534

Report Export Collapse

During the control evaluation phase of a risk assessment, it is noted that multiple controls are ineffective. Which of the following should be the risk practitioner's FIRST course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 1535

Report Export Collapse

Who is ULTIMATELY accountable for risk treatment?

Become a Premium Member for full access
  Unlock Premium Member

Question 1536

Report Export Collapse

An organization has implemented a policy requiring staff members to take a minimum of five consecutive days' leave per year to mitigate the risk of malicious insider activities. Which of the following is the BEST key performance indicator (KPI) of the effectiveness of this policy?

Become a Premium Member for full access
  Unlock Premium Member

Question 1537

Report Export Collapse

Which of the following BEST enables an organization to address new risk associated with an Internet of Things (IoT) solution?

Become a Premium Member for full access
  Unlock Premium Member

Question 1538

Report Export Collapse

An organization is subject to a new regulation that requires nearly real-time recovery of its services following a disruption. Which of the following is the BEST way to manage the risk in this situation?

Become a Premium Member for full access
  Unlock Premium Member

Question 1539

Report Export Collapse

A user has contacted the risk practitioner regarding malware spreading laterally across the organization's corporate network. Which of the following is the risk practitioner's BEST course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 1540

Report Export Collapse

Which of the following BEST reduces the likelihood of fraudulent activity that occurs through use of a digital wallet?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?