ISACA

Which of the following is the primary step in control implementation for a new business application? - correct answer D. Risk assessment When implementing an information security program, in which phase of the implementation should metrics be established to assess the effectiveness of the program over time?" - correct answer Either B. Initiation C. Design Data owners are concerned and responsible for who has access to their resources and therefore need to be concerned with the strategy...

Hash function will address which of the concerns about electronic message: Discuss o A. A. Message confidentiality o B. B. Message integrity o C. C. Message availability. o D. D. Message compression  2. Digital signature will address which of the concerns about electronic message: A. A. Authentication and integrity of data o B. B. Authentication and confidentiality of data o C. C. Confidentiality and integrity of data o D. D. Authentication and availability of data  3. A digital signature...

Contents Course Home screen: ................................................................................................................. 2 Study Plan (Structured): .............................................................................................................. 3 Answering and reviewing questions in the Structured Study Plan: ................................................. 4 Study Plan (Adaptive): .............................................................................

Re-evaluation of ISACA Risk analysis According to De Haes et al. (2020), the use of COBIT implementation in IT governance plays a critical role in risk assessment. The method takes into consideration the probability as well as the direct impact of a threat to help people management make informed decisions. Roldán-Molina et al. (2017) state that proper assessment must incorporate all the potential risks individually. RISK EVENT PROBABILITY IMPACT OVERALL RISK RATING Laptop or mobile device wi...

Enterprises and their executives strive to: • Maintain quality information to support business decisions. • Generate business value from IT-enabled investments, i.e., achieve strategic goals and realise business benefits through effective and innovative use of IT. • Achieve operational excellence through reliable and efficient application of technology. • Maintain IT-related risk at an acceptable level. • Optimise the cost of IT services and technology. How can these benefits...

Exam A QUESTION 1 IS management has decided to rewrite a legacy customer relations system using fourth-generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? A. Inadequate screen/report design facilities B. Complex programming language subsets C. Lack of portability across operating systems D. Inability to perform data intensive operations Correct Answer: D Section: (none) Explanation Explanation/Reference: 4GLs are usu...

Cybersecurity the "preservation of confidentiality, integrity and availability of information in the Cyberspace" Cyberspace the complex environment resulting from the interaction of people, software and services on the Internet by means of technology devices and networks connected to it, which does not exist in any physical form NIST Cybersecurity Framework Identify—Use organizational understanding to minimize risk to systems, assets, data and capabilities. Protect—Design safeguards...

Q.No.1 Which of the following is MOST important for an organization that wants to reduce IT operational risk? A. Increasing senior management's understanding of IT operations B. Increasing the frequency of data backups C. Minimizing complexity of IT infrastructure D. Decentralizing IT infrastructure Q.No.2 Deviation from a mitigation action plan's completion date should be determined by which of the following? A. Benchmarking analysis with similar completed projects B. Change manag...

An information technology audit, or information systems audit, is an examination of the controls within an Information technology (IT) infrastructure. An IT audit is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently to achieve the organization's goals or objec...

Questions - correct answer Answers and Explanations Decisions regarding information security are best supported by - correct answer effective metrics effective metrics are essential to provide information needed to make decisions. Metrics are quantifiable entity that allows the measurement of the achievement of a process goal. A project manager is developing a developer portal and request that the security manager assign a public IP address so that it can be accessed by in house staff an...