Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CRISC Updated Exam

Page: 51 / 118
Total 1575 questions

Certified in Risk and Information Systems Control Questions and Answers

Question 201

A web-based service provider with a low risk appetite for system outages is reviewing its current risk profile for online security. Which of the following observations would be MOST relevant to escalate to senior management?

Options:

A.

An increase in attempted distributed denial of service (DDoS) attacks

B.

An increase in attempted website phishing attacks

C.

A decrease in achievement of service level agreements (SLAs)

D.

A decrease in remediated web security vulnerabilities

Question 202

An organization has identified a risk exposure due to weak technical controls in a newly implemented HR system. The risk practitioner is documenting the risk in the risk register. The risk should be owned by the:

Options:

A.

chief risk officer.

B.

project manager.

C.

chief information officer.

D.

business process owner.

Question 203

Which of the following is the BEST key performance indicator (KPI) to measure the maturity of an organization's security incident handling process?

Options:

A.

The number of security incidents escalated to senior management

B.

The number of resolved security incidents

C.

The number of newly identified security incidents

D.

The number of recurring security incidents

Question 204

Calculation of the recovery time objective (RTO) is necessary to determine the:

Options:

A.

time required to restore files.

B.

point of synchronization

C.

priority of restoration.

D.

annual loss expectancy (ALE).

Page: 51 / 118
Total 1575 questions