100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CRISC EXAM TOPIC 2 LONG PRACTICE QUESTIONS AND ANSWERS £11.01   Add to cart

Exam (elaborations)

CRISC EXAM TOPIC 2 LONG PRACTICE QUESTIONS AND ANSWERS

 9 views  0 purchase
  • Module
  • CRISC
  • Institution
  • CRISC

CRISC EXAM TOPIC 2 LONG PRACTICE QUESTIONS AND ANSWERSCRISC EXAM TOPIC 2 LONG PRACTICE QUESTIONS AND ANSWERS Question #:2 - (Exam Topic 2) A recent audit identified high-risk issues in a business unit though a previous control self-assessment (CSA) had good results. Which of the following is t...

[Show more]

Preview 4 out of 59  pages

  • August 18, 2024
  • 59
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CRISC
  • CRISC
avatar-seller
©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM



CRISC EXAM TOPIC 2 LONG PRACTICE
QUESTIONS AND ANSWERS


Question #:2 - (Exam Topic 2)

A recent audit identified high-risk issues in a business unit though a previous

control self-assessment (CSA) had good results. Which of the following is the

MOST likely reason for the difference?




A. The audit had a broader scope than the CSA.

B. The CSA was not sample-based.

C. The CSA did not test control effectiveness.


D. The CSA was compliance-based, while the audit was risk-based. - Answer✔️✔️-

D. The CSA was compliance-based, while the audit was risk-based.

Question #:4 - (Exam Topic 2)

An organization's HR department has implemented a policy requiring staff

members to take a minimum of five consecutive days leave per year to mitigate the




1

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


risk of malicious insider activities. Which of the following is the BEST key

performance indicator (KPI) of the effectiveness of this policy?




A. Number of malicious activities occurring during staff members leave

B. Percentage of staff members seeking exception to the policy

C. Percentage of staff members taking leave according to the policy

D. Financial loss incurred due to malicious activities during staff members' leave -

Answer✔️✔️-C. Percentage of staff members taking leave according to the policy


Question #:7 - (Exam Topic 2)

An organization has decided to implement an emerging technology and incorporate

the new capabilities into its strategic business plan. Business operations for the

technology will be outsourced. What will be the risk practitioner's PRIMARY role

during the change?




A. Managing third-party risk

B. Developing risk scenarios

C. Managing the threat landscape




2

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


D. Updating risk appetite - Answer✔️✔️-B. Developing risk scenarios


Question #:12 - (Exam Topic 2)

A risk practitioner recently discovered that sensitive data from the production

environment is required for testing purposes in non-production environments.

Which of the following the BEST recommendation to address this situation?




A. Enable data encryption in the test environment

B. Implement equivalent security in the test environment.

C. Prevent the use of production data for test purposes


D. Mask data before being transferred to the test environment. - Answer✔️✔️-B.

Implement equivalent security in the test environment.

Question #:17 - (Exam Topic 2)

An organization has just implemented changes to close an identified vulnerability

that impacted a critical business process. What should be the NEXT course of

action?




A. Redesign the heat map.



3

, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


B. Review the risk tolerance.

C. Perform a business impact analysis (BIA)


D. Update the risk register. - Answer✔️✔️-D. Update the risk register.


Question #:19 - (Exam Topic 2)

After migrating a key financial system to a new provider, it was discovered that a

developer could gain access to the production environment. Which of the following

is the BEST way to mitigate the risk in this situation?




A. Escalate the issue to the service provider.

B. Re-certify the application access controls.

C. Remove the developer's access.


D. Review the results of pre-migration testing. - Answer✔️✔️-B. Re-certify the

application access controls.

Question #:22 - (Exam Topic 2)

When assessing the maturity level of an organization's risk management

framework, which of the following deficiencies should be of GREATEST concern

to a risk practitioner?



4

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £11.01. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

77254 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£11.01
  • (0)
  Add to cart