Free Access to ISACA.CRISC.v2022-04-29.q944 with Valid Practice Test (Page 168)

Question 831

Which of the following controls would BEST reduce the likelihood of a successful network attack through social engineering?

A.Automated controls
B.Multifactor authentication
C.Employee sanctions
D.Security awareness training

Question 832

You are using Information system. You have chosen a poor password and also sometimes transmits data over unprotected communication lines. What is this poor quality of password and unsafe transmission refers to?

A.Probabilities
B.Threats
C.Vulnerabilities
D.Impacts
E.Explanation:
Vulnerabilities represent characteristics of information resources that may be exploited by a threat.
The given scenario describes such a situation, hence it is a vulnerability.
F.is incorrect. Threats are circumstances or events with the potential to cause harm to
information resources. This scenario does not describe a threat.
G.is incorrect. Probabilities represent the likelihood of the occurrence of a threat, and this
scenario does not describe a probability.

Question 833

You are the project manager for the NHH project. You are working with your project team to examine the project from four different defined perspectives to increase the breadth of identified risks by including internally generated risks. What risk identification approach are you using in this example?

A.Root cause analysis
B.Influence diagramming techniques
C.SWOT analysis
D.Assumptions analysis

Question 834

The acceptance of control costs that exceed risk exposure MOST likely demonstrates:

A.low risk tolerance
B.corporate culture alignment
C.corporate culture misalignment.
D.high risk tolerance

Question 835

Which of the following is the MAIN reason for analyzing risk scenarios?

A.Assessing loss expectancy
B.Identifying additional risk scenarios
C.Establishing a risk appetite
D.Updating the heat map

Question 831

Question 832

Question 833

Question 834

Question 835

Download PDF File