ISACA CRISC Certified in Risk and Information Systems Control Online Training
ISACA CRISC Online Training
The questions for CRISC were last updated at Nov 22,2024.
- Exam Code: CRISC
- Exam Name: Certified in Risk and Information Systems Control
- Certification Provider: ISACA
- Latest update: Nov 22,2024
Which of the following is the PRIMARY reason to perform ongoing risk assessments?
- A . Emerging risk must be continuously reported to management.
- B . New system vulnerabilities emerge at frequent intervals.
- C . The risk environment is subject to change.
- D . The information security budget must be justified.
Numerous media reports indicate a recently discovered technical vulnerability is being actively exploited .
Which of the following would be the BEST response to this scenario?
- A . Assess the vulnerability management process.
- B . Conduct a control serf-assessment.
- C . Conduct a vulnerability assessment.
- D . Reassess the inherent risk of the target.
Which of the following BEST provides an early warning that network access of terminated employees is not being revoked in accordance with the service level agreement (SLA)?
- A . Updating multi-factor authentication
- B . Monitoring key access control performance indicators
- C . Analyzing access control logs for suspicious activity
- D . Revising the service level agreement (SLA)
A risk assessment has identified that departments have installed their own WiFi access points on the enterprise network .
Which of the following would be MOST important to include in a report to senior management?
- A . The network security policy
- B . Potential business impact
- C . The WiFi access point configuration
- D . Planned remediation actions
Which of the following is the MOST important element of a successful risk awareness training program?
- A . Customizing content for the audience
- B . Providing incentives to participants
- C . Mapping to a recognized standard
- D . Providing metrics for measurement
The number of tickets to rework application code has significantly exceeded the established threshold .
Which of the following would be the risk practitioner s BEST recommendation?
- A . Perform a root cause analysis
- B . Perform a code review
- C . Implement version control software.
- D . Implement training on coding best practices
An effective control environment is BEST indicated by controls that:
- A . minimize senior management’s risk tolerance.
- B . manage risk within the organization’s risk appetite.
- C . reduce the thresholds of key risk indicators (KRIs).
- D . are cost-effective to implement
Which of the following is the PRIMARY reason for a risk practitioner to use global standards related to risk management?
- A . To build an organizational risk-aware culture
- B . To continuously improve risk management processes
- C . To comply with legal and regulatory requirements
- D . To identify gaps in risk management practices
Which of the following helps ensure compliance with a nonrepudiation policy requirement for electronic transactions?
- A . Digital signatures
- B . Encrypted passwords
- C . One-time passwords
- D . Digital certificates
Establishing and organizational code of conduct is an example of which type of control?
- A . Preventive
- B . Directive
- C . Detective
- D . Compensating
Latest CRISC Dumps Valid Version with 933 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
