Which type of authorization policy would BEST address this practice?
An organization has adopted a practice of regular staff rotation to minimize the risk of fraud and
encourage crosstraining. Which type of authorization policy would BEST address this practice?
What is the most important benefit of classifying information assets?
What is the most important benefit of classifying information assets?
The PRIMARY objective of implementing corporate governance by an organization’s management is to:
The PRIMARY objective of implementing corporate governance by an organization’s management
is to:
Which of the following is the MOST important reason for an information security review of contracts?
Which of the following is the MOST important reason for an information security review of
contracts? To help ensure that:
Which of the following tasks you would do in reaction to risk event occurrence?
You are the project manager of GHT project. A risk event has occurred in your project and you
have identified it. Which of the following tasks you would do in reaction to risk event occurrence?
Each correct answer represents a part of the solution. Choose three.
Which of the following should an IS auditor recommend to BEST enforce alignment of an IT project portfolio wit
Which of the following should an IS auditor recommend to BEST enforce alignment of an IT
project portfolio with strategic organizational priorities?
Which of the following is the strongest method to ensure that logging onto the network is secure?
For virtual private network (VPN) access to the corporate network, the information security
manager is requiring strong authentication. Which of the following is the strongest method to
ensure that logging onto the network is secure?
Which of the following parameters would affect the prioritization of the risk responses and development of the
Which of the following parameters would affect the prioritization of the risk responses and
development of the risk response plan? Each correct answer represents a complete solution.
Choose three.
An example of a direct benefit to be derived from a proposed IT-related business investment is:
An example of a direct benefit to be derived from a proposed IT-related business investment is:
Which of the following guarantees that data in a file have not changed?
Which of the following guarantees that data in a file have not changed?