CRISC Practice Quiz

Add to Favourites
Post to:

Answer Sheet CRISC Fall 2011 Practice Quiz #1 1) What is the most significant risk for the online retailer? ( ) Criminal Internet hacker (x) Denial of service ( ) PCI DSS non-compliance ( ) Poor change management 2) Preventive controls are most appropriate where ( ) Event frequency is high (x) Impact is high ( ) Timely detect controls are unavailable ( ) Event frequency is low but impact very large 3) Who is most directly responsible to balance IT-related KRI and IT KPI? ( ) Chief Executive Officer ( ) Business process owners ( ) Chief Risk Officer (x) Chief Information Officer 4) Which of the following is the best indicator of operational risk? ( ) Staff turnover ( ) Percentage of unscheduled downtime ( ) Number of security incidents (x) Number of escalated help desk 'trouble tickets' 5) Strategic risk is best mitigated by ( ) Increases in IT budget file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm 1 of 3 12/8/2011 1:32 PM(x) Business management training ( ) Emerging technology skills ( ) Standardized processes 6) Which of the following risk scenarios is least appropriate for an enterprise IT-related risk register? ( ) Project delivery ( ) Service provider performance (3rd Party) ( ) Natural disaster (x) Earthquake 7) Which of the following typically attempts to share risk? I. User agreements (internal) II. End user license agreements (customer) III. Consent agreements IV. Diffie-Hellman [ ] I only [x] II only [ ] II and III [ ] I, II, IV 8) The statement that "Industry surveys report losses of corporate laptops exceeding 10% per annum" does not effectively communicate risk because? (x) Does not calculate the impact of a lost laptop ( ) Fails to account for Enterprise controls ( ) Does not identify rate of recovery ( ) Does not account for Enterprise plan to migrate to smart phones 9) What is the most cost effective mitigation strategy? ( ) Minimize exposure to common risk factors (x) Implement prevent controls for high priority risks ( ) Efficient detect controls and incident response ( ) Accept low priority risk file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm 2 of 3 12/8/2011 1:32 PM10) Which of the following controls is most important to monitor? ( ) Password quality ( ) User acceptance testing (x) Change approval ( ) Firewall file:///C:/Users/bpankey/CRISC/criscPracticeQuiz_fall2011_AnswerSheet.htm 3 of 3 12/8/2011 1:32 PM

Comments

Upload Content

|

Embed Content

Want to learn?

Sign up and browse through relevant courses.

Name:
Your Email:
Password:
Country:
Contact no:


Area code Number
Subjects you are interested in:
Word verification: (Enter the text as in image)


Sign Up Already a member? Sign In
I agree to WizIQ's User Agreement & Privacy Policy
Bill Pankey
5 Members Recommend
5 Followers
Send message

Your Facebook Friends on WizIQ

For sales enquiry, call us at

USA
+1NoSkype-919-647-4727

Europe
+44NoSkype-(0)-20-7193-6503

Asia
+91NoSkype-988-500-3232

or
Let us call you

Give live classes, create & sell online courses

Try it free Plans & Pricing

Connect