Quiz-summary
0 of 10 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
Information
Practice Questions
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 10 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- Answered
- Review
-
Question 1 of 10
1. Question
Which of the taking after best depicts information security administration?
Correct
ISACA characterizes administration as a set of processes that “[e]nsures that stakeholder needs, conditions, and choices are assessed to determine adjusted, agreed-on enterprise objectives to be accomplished; setting direction through prioritization and choice making, and monitoring execution and compliance against agreed-on course and objectives.”
Incorrect
ISACA characterizes administration as a set of processes that “[e]nsures that stakeholder needs, conditions, and choices are assessed to determine adjusted, agreed-on enterprise objectives to be accomplished; setting direction through prioritization and choice making, and monitoring execution and compliance against agreed-on course and objectives.”
-
Question 2 of 10
2. Question
What is the most excellent strategy for guaranteeing that an organization’s security program accomplishes adequate business arrangement?
Correct
perfect way”>The most perfect way to adjust a data security program to the trade is to discover and understand the organization’s vision statement, mission articulation, objectives, and destinations. Many organizations create and distribute one or more of these explanations. Others take a simpler approach and create key targets for a calendar or financial year. Anything that can be found is valuable: once a security supervisor understands these explanations, at that point he or she can prioritize resources and exercises within the information security program to bolster the vision, mission, goals, or other vital explanations.
Incorrect
perfect way”>The most perfect way to adjust a data security program to the trade is to discover and understand the organization’s vision statement, mission articulation, objectives, and destinations. Many organizations create and distribute one or more of these explanations. Others take a simpler approach and create key targets for a calendar or financial year. Anything that can be found is valuable: once a security supervisor understands these explanations, at that point he or she can prioritize resources and exercises within the information security program to bolster the vision, mission, goals, or other vital explanations.
-
Question 3 of 10
3. Question
Robert has found his organization’s mission statement and a list of key destinations. What steps ought to Robert, take to guarantee that the information security program adjusts with the business?
Correct
The finest to begin with step to adjusting an information security program to the organization’s strategic objectives are to get those objectives fully, counting the resources and exercises that will be utilized to realize them.
Incorrect
The finest to begin with step to adjusting an information security program to the organization’s strategic objectives are to get those objectives fully, counting the resources and exercises that will be utilized to realize them.
-
Question 4 of 10
4. Question
Michael needs to move forward with the chance management process in his organization by making guidelines that will offer assistance administration get it when certain dangers ought to be acknowledged and when certain risks ought to be relieved. The approach that Michael needs to make is known as what?
Correct
A risk appetite statement (now and then known as a hazard resistance articulation or chance capacity statement) gives direction on the sorts of risk and the sum of chance that an organization may be willing to acknowledge, versus what dangers and the organization may instep lean toward to mitigate, avoid, or exchange. Chance craving articulations are most regularly made in money related services organizations, in spite of the fact that they are utilized in other types of organizations as well. They help management look for a more steady approach to chance treatment choices. In portion, this can help administration dodge the appearance of being biased or particular through the utilize of objective or quantifiable implies for risk treatment choices.
Incorrect
A risk appetite statement (now and then known as a hazard resistance articulation or chance capacity statement) gives direction on the sorts of risk and the sum of chance that an organization may be willing to acknowledge, versus what dangers and the organization may instep lean toward to mitigate, avoid, or exchange. Chance craving articulations are most regularly made in money related services organizations, in spite of the fact that they are utilized in other types of organizations as well. They help management look for a more steady approach to chance treatment choices. In portion, this can help administration dodge the appearance of being biased or particular through the utilize of objective or quantifiable implies for risk treatment choices.
-
Question 5 of 10
5. Question
In a hazard administration handle, who is the best person(s) to form a chance treatment choice?
Correct
The office head (or division head or business proprietor, as fitting) related to the commerce action with respect to the risk treatment choice ought to be the individual making the chance treatment choice. This is often since a risk treatment choice could be a trade decision that ought to be made by the individual who is responsible for commerce work.
Incorrect
The office head (or division head or business proprietor, as fitting) related to the commerce action with respect to the risk treatment choice ought to be the individual making the chance treatment choice. This is often since a risk treatment choice could be a trade decision that ought to be made by the individual who is responsible for commerce work.
-
Question 6 of 10
6. Question
In a U.S. open company, a CISO will generally report the state of the organization’s cybersecurity program to:
Correct
In most U.S. openly traded companies, the CISO will report the state of the organization’s cybersecurity program to people of the review committee of the board of directors. In spite of the fact that this can be the foremost fabulous answer, in a number of organizations, the CIO or CEO may instep report on the cybersecurity program.
Incorrect
In most U.S. openly traded companies, the CISO will report the state of the organization’s cybersecurity program to people of the review committee of the board of directors. In spite of the fact that this can be the foremost fabulous answer, in a number of organizations, the CIO or CEO may instep report on the cybersecurity program.
-
Question 7 of 10
7. Question
A modern CISO in an organization is building its cybersecurity program from the ground up. To ensure collaboration among trade pioneers and department heads within the organization, the CISO should shape and oversee which of the taking after?
Correct
A cybersecurity controlling committee, consisting of senior officials, trade unit leaders, and division heads, when properly facilitated by the CISO, can discuss organization-wide issues related to cybersecurity and make vital decisions about the cyber hazards.
Incorrect
A cybersecurity controlling committee, consisting of senior officials, trade unit leaders, and division heads, when properly facilitated by the CISO, can discuss organization-wide issues related to cybersecurity and make vital decisions about the cyber hazards.
-
Question 8 of 10
8. Question
Who is the leading individual or gather to create cyber-risk treatment choices?
Correct
The cybersecurity steering committee, which should comprise of senior administrators, business unit pioneers, and office heads, should openly talk about, collaborate, and choose on most risk treatment issues in an organization. If decisions are made by people such as the CISO or CRO, at that point trade pioneers, may be less likely to bolster those choices, as they may not have had a portion in decision-making.
Incorrect
The cybersecurity steering committee, which should comprise of senior administrators, business unit pioneers, and office heads, should openly talk about, collaborate, and choose on most risk treatment issues in an organization. If decisions are made by people such as the CISO or CRO, at that point trade pioneers, may be less likely to bolster those choices, as they may not have had a portion in decision-making.
-
Question 9 of 10
9. Question
Which of the taking after is the most excellent definition of custodial duty?
Correct
An overseer is charged with a possibly wide range of choices with respect to the care of an asset. Decisions are based upon the customer’s defined interest. An apropos illustration is an IT department that builds and maintains information frameworks for the sake of internal customers; the IT division will make various decisions almost the plan and operation of an information framework so that the framework will best meet customers’ needs.
Incorrect
An overseer is charged with a possibly wide range of choices with respect to the care of an asset. Decisions are based upon the customer’s defined interest. An apropos illustration is an IT department that builds and maintains information frameworks for the sake of internal customers; the IT division will make various decisions almost the plan and operation of an information framework so that the framework will best meet customers’ needs.
-
Question 10 of 10
10. Question
The Enormous Information Company is altering a few position titles in its IT division to reflect industry standards. Included in thought are two individuals: The primary is mindful of the overall relationships and information streams among its inner and external data frameworks. The moment is responsible for the by and large wellbeing and management of frameworks containing data. Which two job titles are most suitable for these two parts?
Correct
Information designer is the finest position title for someone who is capable of the overall relationships and information streams among the organization’s data frameworks. A database administrator (DBA) is the finest position title for someone who is capable of keeping up the database administration frameworks (DBMSs) throughout the organization.
Incorrect
Information designer is the finest position title for someone who is capable of the overall relationships and information streams among the organization’s data frameworks. A database administrator (DBA) is the finest position title for someone who is capable of keeping up the database administration frameworks (DBMSs) throughout the organization.