ISACA

Exam A QUESTION 1 IS management has decided to rewrite a legacy customer relations system using fourth-generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? A. Inadequate screen/report design facilities B. Complex programming language subsets C. Lack of portability across operating systems D. Inability to perform data intensive operations Correct Answer: D Section: (none) Explanation Explanation/Reference: 4GLs are usu...

Cybersecurity the "preservation of confidentiality, integrity and availability of information in the Cyberspace" Cyberspace the complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form NIST Cybersecurity Framework Identify—Use organizational understanding to minimize risk to systems, assets, data and capabilities. Protect—Design safeguards...

Q.No.1 Which of the following is MOST important for an organization that wants to reduce IT operational risk? A. Increasing senior management's understanding of IT operations B. Increasing the frequency of data backups C. Minimizing complexity of IT infrastructure D. Decentralizing IT infrastructure Q.No.2 Deviation from a mitigation action plan's completion date should be determined by which of the following? A. Benchmarking analysis with similar completed projects B. Change manag...

An information technology audit, or information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. An IT audit is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization's goals or objec...

Questions - correct answer Answers and Explanations Decisions regarding information security are best supported by - correct answer effective metrics effective metrics are essential to provide information needed to make decisions. Metrics are quantifiable entity that allows the measurement of the achievement of a process goal. A project manager is developing a developer portal and request that the security manager assign a public IP address so that it can be accessed by in house staff an...

ISACA : CRISC ACTUAL EXAM

List of Abbreviations..............................................................................xi Foreword.............................................................................................. xiii Preface.................................................................................................... xv Working at the Intersection.................................................................xix Introduction ����������������������...

Introduction ▪ Risk management refers to the co-ordinated activities taken by an enterprise to direct and control activities pertaining to risk. ▪ Risk management is an active process, not simply a form of elaborate observation. o ‘Control’, when used as a verb in the context of risk management, is often used as a synonym for ‘measure’. o However, the results of measurement must be used as the basis for directing actions and activities. ▪ Comprehensive risk management incl...

TABLE OF CONTENTS Introduction...................................................................................................................................................................3 Purpose of This Publication.........................................................................................................................................3 Audience...................................................................................................................................

INTRODUCTION Cyber security is receiving increased attention from the boards of many organizations today in large part due to the bad publicity generated from recent large data breaches. Senior members of management and corporate boards have lost their positions, and organizations have had to spend valuable resources in post-breach cleanup and to make their clients and customers “whole.” Infrastructure spending has increased as organizations attempt to prevent the breaches from occur...