ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 32

Add to Whishlist

List of questions

Question 311

Report Export Collapse

An organization has engaged a third party to provide an Internet gateway encryption service that protects sensitive data uploaded to a cloud service. This is an example of risk:

mitigation.
mitigation.
avoidance.
avoidance.
transfer.
transfer.
acceptance.
acceptance.
Suggested answer: A
asked 18/09/2024
Ahmed Alghadeer
36 questions

Question 312

Report Export Collapse

An IT license audit has revealed that there are several unlicensed copies of co be to:

immediately uninstall the unlicensed software from the laptops
immediately uninstall the unlicensed software from the laptops
centralize administration rights on laptops so that installations are controlled
centralize administration rights on laptops so that installations are controlled
report the issue to management so appropriate action can be taken.
report the issue to management so appropriate action can be taken.
procure the requisite licenses for the software to minimize business impact.
procure the requisite licenses for the software to minimize business impact.
Suggested answer: B
asked 18/09/2024
Rodrigo Valencia
48 questions

Question 313

Report Export Collapse

Which of the following conditions presents the GREATEST risk to an application?

Application controls are manual.
Application controls are manual.
Application development is outsourced.
Application development is outsourced.
Source code is escrowed.
Source code is escrowed.
Developers have access to production environment.
Developers have access to production environment.
Suggested answer: D
asked 18/09/2024
Robert Endicott
48 questions

Question 314

Report Export Collapse

The annualized loss expectancy (ALE) method of risk analysis:

Become a Premium Member for full access
  Unlock Premium Member

Question 315

Report Export Collapse

During an IT department reorganization, the manager of a risk mitigation action plan was replaced. The new manager has begun implementing a new control after identifying a more effective option. Which of the following is the risk practitioner's BEST course of action?

Become a Premium Member for full access
  Unlock Premium Member

Question 316

Report Export Collapse

The GREATEST concern when maintaining a risk register is that:

Become a Premium Member for full access
  Unlock Premium Member

Question 317

Report Export Collapse

Which of the following is the BEST way to support communication of emerging risk?

Become a Premium Member for full access
  Unlock Premium Member

Question 318

Report Export Collapse

Which of the following is the BEST indication that an organization's risk management program has not reached the desired maturity level?

Become a Premium Member for full access
  Unlock Premium Member

Question 319

Report Export Collapse

An IT organization is replacing the customer relationship management (CRM) system. Who should own the risk associated with customer data leakage caused by insufficient IT security controls for the new system?

Become a Premium Member for full access
  Unlock Premium Member

Question 320

Report Export Collapse

Which of the following provides the MOST important information to facilitate a risk response decision?

Become a Premium Member for full access
  Unlock Premium Member
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?