Professional Documents
Culture Documents
5. Which of the following statement does not fall under the directory?
a. Contacts within companies designated to give equipment, services
and supplies.
b. Contact information for regulatory paperwork.
c. Law enforcement contacts.
d. Insurance company agents.
10. Which of the following is/are the way(s) for risk treatment?
a. Risk mitigation
b. Risk avoidance
c. Risk acceptance
d. All of the above
15. From the following, which is not involved in the personal skills?
a. Integrity
b. Coping with stress
c. Discrimination
d. Time management
18. Which management has the responsibility of carrying out the directives
issued by the board of directors?
a. Consultative management
b. Executive management
c. Security management
d. Data management
25. The risk exposure or level without considering the actions that
management might take or has taken is referred to as ____________.
a. Residual risk
b. Strategic risk
c. Inherent risk
d. Risk management
26. Which management refers to the processes that are used to organise,
assign, and govern information security resources, such as people,
processes, and technology, in order to improve the efficiency and
effectiveness of business solutions.
a. Information security resource management
b. Persuasive management
c. Enterprise information security management
d. End-to-end system management
27. From the following, which is not the responsibility of business process
and business assets owners?
a. Access grants
b. Physical location
c. Functional definition
d. Access cancellation
31. Which of the following negative factors are considered while examining
outsourcing possibilities?
I. The third-party vendor's viability.
II. Lack of transparency into security processes.
III. Gain of critical skills.
IV. Incident management complexity.
a. I and II only
b. I, II, and III only
c. I, II, and IV only
d. I, II, III, and IV
36. Which of the following is/are included in the security concepts of IRTs?
a. Operating systems
b. Malicious code
c. Programming skills
d. All of the above