ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

A systems interruption has been traced to a personal USB device plugged into the corporate network by an IT employee who bypassed internal control procedures. Of the following, who should be accountable?

Business continuity manager (BCM)
Business continuity manager (BCM)
Human resources manager (HRM)
Human resources manager (HRM)
Chief risk officer (CRO)
Chief risk officer (CRO)
Chief information officer (CIO)
Chief information officer (CIO)
Suggested answer: D
asked 18/09/2024
Michael Serda
39 questions

Question 32

Report Export Collapse

A risk practitioner is summarizing the results of a high-profile risk assessment sponsored by senior management. The BEST way to support risk-based decisions by senior management would be to:

map findings to objectives.
map findings to objectives.
provide a quantified detailed analysts.
provide a quantified detailed analysts.
recommend risk tolerance thresholds.
recommend risk tolerance thresholds.
quantify key risk indicators (KRls).
quantify key risk indicators (KRls).
Suggested answer: A
asked 18/09/2024
Yi-Jen Tung
40 questions

Question 33

Report Export Collapse

A rule-based data loss prevention {DLP) tool has recently been implemented to reduce the risk of sensitive data leakage. Which of the following is MOST likely to change as a result of this implementation?

Risk likelihood
Risk likelihood
Risk velocity
Risk velocity
Risk appetite
Risk appetite
Risk impact
Risk impact
Suggested answer: A
asked 18/09/2024
OKAN AYDOÄžAN
53 questions

Question 34

Report Export Collapse

Which of the following is MOST critical when designing controls?

Involvement of internal audit
Involvement of internal audit
Involvement of process owner
Involvement of process owner
Quantitative impact of the risk
Quantitative impact of the risk
Identification of key risk indicators
Identification of key risk indicators
Suggested answer: B
asked 18/09/2024
Amin Dashti
55 questions

Question 35

Report Export Collapse

Which of the following is the MOST useful indicator to measure the efficiency of an identity and access management process?

Number of tickets for provisioning new accounts
Number of tickets for provisioning new accounts
Average time to provision user accounts
Average time to provision user accounts
Password reset volume per month
Password reset volume per month
Average account lockout time
Average account lockout time
Suggested answer: C
asked 18/09/2024
federico monaco
42 questions

Question 36

Report Export Collapse

The analysis of which of the following will BEST help validate whether suspicious network activity is malicious?

Logs and system events
Logs and system events
Intrusion detection system (IDS) rules
Intrusion detection system (IDS) rules
Vulnerability assessment reports
Vulnerability assessment reports
Penetration test reports
Penetration test reports
Suggested answer: D
asked 18/09/2024
Myratgeldi Bekdurdyyev
50 questions

Question 37

Report Export Collapse

Which of the following is the MOST important requirement for monitoring key risk indicators (KRls) using log analysis?

Obtaining logs m an easily readable format
Obtaining logs m an easily readable format
Providing accurate logs m a timely manner
Providing accurate logs m a timely manner
Collecting logs from the entire set of IT systems
Collecting logs from the entire set of IT systems
implementing an automated log analysis tool
implementing an automated log analysis tool
Suggested answer: B
asked 18/09/2024
Amidou Florian TOURE
36 questions

Question 38

Report Export Collapse

Which of the following is the MOST important outcome of reviewing the risk management process?

Assuring the risk profile supports the IT objectives
Assuring the risk profile supports the IT objectives
Improving the competencies of employees who performed the review
Improving the competencies of employees who performed the review
Determining what changes should be nude to IS policies to reduce risk
Determining what changes should be nude to IS policies to reduce risk
Determining that procedures used in risk assessment are appropriate
Determining that procedures used in risk assessment are appropriate
Suggested answer: A
asked 18/09/2024
Zeshan Tariq
45 questions

Question 39

Report Export Collapse

Which of the following should be the PRIMARY objective of promoting a risk-aware culture within an organization?

Better understanding of the risk appetite
Better understanding of the risk appetite
Improving audit results
Improving audit results
Enabling risk-based decision making
Enabling risk-based decision making
Increasing process control efficiencies
Increasing process control efficiencies
Suggested answer: C
asked 18/09/2024
Robert Thompson
35 questions

Question 40

Report Export Collapse

Which of the following is the BEST method to identify unnecessary controls?

Evaluating the impact of removing existing controls
Evaluating the impact of removing existing controls
Evaluating existing controls against audit requirements
Evaluating existing controls against audit requirements
Reviewing system functionalities associated with business processes
Reviewing system functionalities associated with business processes
Monitoring existing key risk indicators (KRIs)
Monitoring existing key risk indicators (KRIs)
Suggested answer: A
asked 18/09/2024
Roger Perez Espitia
45 questions
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?