512-50 Premium Exam Questions

Page: 5 / 14

Question 20

With respect to the audit management process, management response serves what function?

Options:

placing underperforming units on notice for failing to meet standards

determining whether or not resources will be allocated to remediate a finding

adding controls to ensure that proper oversight is achieved by management

revealing the “root cause” of the process failure and mitigating for all internal and external units

Question 21

Which of the following activities is the MAIN purpose of the risk assessment process?

Options:

Creating an inventory of information assets

Classifying and organizing information assets into meaningful groups

Assigning value to each information asset

Calculating the risks to which assets are exposed in their current setting

Question 22

When a critical vulnerability has been discovered on production systems and needs to be fixed immediately, what is the BEST approach for a CISO to mitigate the vulnerability under tight budget constraints?

Options:

Transfer financial resources from other critical programs

Take the system off line until the budget is available

Deploy countermeasures and compensating controls until the budget is available

Schedule an emergency meeting and request the funding to fix the issue

Question 23

Which of the following BEST describes an international standard framework that is based on the security model Information Technology—Code of Practice for Information Security Management?