ExamGecko
Login
Home / Isaca / CRISC / List of questions
Ask Question

Isaca CRISC Practice Test - Questions Answers, Page 6

Add to Whishlist

List of questions

Question 51

Report Export Collapse

Which of the following would BEST help to ensure that suspicious network activity is identified?

Analyzing intrusion detection system (IDS) logs
Analyzing intrusion detection system (IDS) logs
Analyzing server logs
Analyzing server logs
Using a third-party monitoring provider
Using a third-party monitoring provider
Coordinating events with appropriate agencies
Coordinating events with appropriate agencies
Suggested answer: A
asked 18/09/2024
Reselan Govender
45 questions

Question 52

Report Export Collapse

Which of the following would BEST help minimize the risk associated with social engineering threats?

Enforcing employees sanctions
Enforcing employees sanctions
Conducting phishing exercises
Conducting phishing exercises
Enforcing segregation of dunes
Enforcing segregation of dunes
Reviewing the organization's risk appetite
Reviewing the organization's risk appetite
Suggested answer: B
asked 18/09/2024
Osman Taskiran
36 questions

Question 53

Report Export Collapse

Which of the following should be the PRIMARY consideration when implementing controls for monitoring user activity logs?

Ensuring availability of resources for log analysis
Ensuring availability of resources for log analysis
Implementing log analysis tools to automate controls
Implementing log analysis tools to automate controls
Ensuring the control is proportional to the risk
Ensuring the control is proportional to the risk
Building correlations between logs collected from different sources
Building correlations between logs collected from different sources
Suggested answer: C
asked 18/09/2024
Thanh Tran
39 questions

Question 54

Report Export Collapse

Risk mitigation procedures should include:

buying an insurance policy.
buying an insurance policy.
acceptance of exposures
acceptance of exposures
deployment of counter measures.
deployment of counter measures.
Most voted
(1)
Most voted
enterprise architecture implementation.
enterprise architecture implementation.
Suggested answer: B
asked 18/09/2024
Junaid Sahebzada
40 questions

Question 55

Report Export Collapse

Which of the following is MOST helpful to ensure effective security controls for a cloud service provider?

A control self-assessment
A control self-assessment
A third-party security assessment report
A third-party security assessment report
Internal audit reports from the vendor
Internal audit reports from the vendor
Service level agreement monitoring
Service level agreement monitoring
Suggested answer: B
asked 18/09/2024
kinshuk choubisa
35 questions

Question 56

Report Export Collapse

Improvements in the design and implementation of a control will MOST likely result in an update to:

inherent risk.
inherent risk.
residual risk.
residual risk.
risk appetite
risk appetite
risk tolerance
risk tolerance
Suggested answer: B
asked 18/09/2024
Felix Imafidon
37 questions

Question 57

Report Export Collapse

A risk practitioner has determined that a key control does not meet design expectations. Which of the following should be done NEXT?

Document the finding in the risk register.
Document the finding in the risk register.
Invoke the incident response plan.
Invoke the incident response plan.
Re-evaluate key risk indicators.
Re-evaluate key risk indicators.
Modify the design of the control.
Modify the design of the control.
Suggested answer: A
asked 18/09/2024
dennis schouwenaars
42 questions

Question 58

Report Export Collapse

Which of the following is a PRIMARY benefit of engaging the risk owner during the risk assessment process?

Identification of controls gaps that may lead to noncompliance
Identification of controls gaps that may lead to noncompliance
Prioritization of risk action plans across departments
Prioritization of risk action plans across departments
Early detection of emerging threats
Early detection of emerging threats
Accurate measurement of loss impact
Accurate measurement of loss impact
Suggested answer: D
asked 18/09/2024
Luke Smith
38 questions

Question 59

Report Export Collapse

Which of the following should be the risk practitioner s PRIMARY focus when determining whether controls are adequate to mitigate risk?

Sensitivity analysis
Sensitivity analysis
Level of residual risk
Level of residual risk
Cost-benefit analysis
Cost-benefit analysis
Risk appetite
Risk appetite
Suggested answer: C
asked 18/09/2024
Ali Reza Azmi
51 questions

Question 60

Report Export Collapse

Which of the following would BEST provide early warning of a high-risk condition?

Risk register
Risk register
Risk assessment
Risk assessment
Key risk indicator (KRI)
Key risk indicator (KRI)
Key performance indicator (KPI)
Key performance indicator (KPI)
Suggested answer: C
asked 18/09/2024
cristian vargas
45 questions
Total 1.573 questions
Go to page: of 158
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is MOST important to determine when assessing the potential risk exposure of a loss event involving personal data?
Which of the following is a risk practitioner's BEST course of action after identifying risk scenarios related to noncompliance with new industry regulations?
When reviewing management's IT control self-assessments, a risk practitioner noted an ineffective control that links to several low residual risk scenarios. What should be the NEXT course of action?
An effective control environment is BEST indicated by controls that:
A global organization is considering the acquisition of a competitor. Senior management has requested a review of the overall risk profile from the targeted organization. Which of the following components of this review would provide the MOST useful information?
Which of the following is the MOST effective way to integrate business risk management with IT operations?
During testing, a risk practitioner finds the IT department's recovery time objective (RTO) for a key system does not align with the enterprise's business continuity plan (BCP). Which of the following should be done NEXT?
The BEST key performance indicator (KPI) to measure the effectiveness of a backup process would be the number of:
During an IT risk scenario review session, business executives question why they have been assigned ownership of IT-related risk scenarios. They feel IT risk is technical in nature and therefore should be owned by IT. Which of the following is the BEST way for the risk practitioner to address these concerns?
Which of the following is the BEST course of action when an organization wants to reduce likelihood in order to reduce a risk level?