CompTIA CT0-101 Convergence+ Certification Practice Exam Set 3

When an organization outsourcing security functions, it is below, should be considered in the organization?


Options are :

  • Responsibility of the company's security policy
  • Defining security procedures and guidelines
  • Implementation of the company's security policy
  • In determining the company's security policy
  • None

Answer :Responsibility of the company's security policy

In order to minimize costs, improve service levels should work to outsourcers, which of the following provisions in the contract?


Options are :

  • O / S and hardware refresh rate
  • None
  • Punish failure
  • Profit-sharing bonuses
  • Payments tied to variable hintametriikoita

Answer :Profit-sharing bonuses

CompTIA 220-801 A+ Advanced Certification Practice Exam Set 4

Starting risk management process, so this entry:


Options are :

  • business plan
  • Software design decisions.
  • Security policy decisions
  • None
  • Audit charter.

Answer :Security policy decisions

Password and sending the difference between the selected communication line is unprotected Example:


Options are :

  • Probability.
  • Vulnerability.
  • effect.
  • None
  • Threat

Answer :Vulnerability.

During the audit, the auditors believe that, IT departments is a medium-sized organization does Nonet have an independent risk management function, risk and security risks of the organization document contains only a few commonly used description. In this case what is the most appropriate recommendation?


Options are :

  • Because the current system is suitable for any suggestions medium-sized organization it is necessary.
  • None
  • For conventional IT risk management meetings to identify and assess risks and create mitigation plans to enter into the risk management organization.
  • Creating IT risk management and IT risk management framework for the establishment of departments with the support of external risk management experts.
  • Using a common industry standard tools to share existing risk file into several individual risk, which is easier to handle.

Answer :For conventional IT risk management meetings to identify and assess risks and create mitigation plans to enter into the risk management organization.

CompTIA JK0-015 E2C Security+ Certification Practice Test Set 10

The team is Nonew analyzing the difficulty in predicting the risk of financial loss that may occur in danger. To assess potential losses, the team should:


Options are :

  • Calculation of the depreciation of the underlying assets.
  • Take some time to accurately determine the amount of loss.
  • None
  • Calculated (ROI).
  • Suitable for qualitative

Answer :Suitable for qualitative

Information systems auditor will review IT security risk management program. Security measures should be:


Options are :

  • Taking into account the entire IT environment.
  • Track time as IT strategic planning function.
  • None
  • Response Network all risks.
  • Result in recognition of the vulnerability of tolerance.

Answer :Taking into account the entire IT environment.

Auditors who check the event report Nonetes, important documents in one case remains a work desk employee was taken out and placed in the trash, according to outsourcing cleaning agents. Which of the following should advise management information systems auditor?


Options are :

  • None action is required, because such events did Nonet happen in the past
  • None
  • Welcome to the all-important office files backup strategy should be implemented
  • Tighter control is necessary to organize and cleaning mechanism
  • A clear desk policy should be implemented and strict organization.

Answer :Tighter control is necessary to organize and cleaning mechanism

SY0-401 CompTIA Security+ Certification Practice Exam Set 3

Which of the following is a mechanism to reduce risk?


Options are :

  • Security and surveillance practices
  • None
  • Auditing and Certification
  • Contracts and service level agreements (SLA)
  • Property and liability insurance

Answer :Security and surveillance practices

Which of the following should be considered first, by introducing a risk management plan?


Options are :

  • Understand the risks and potential consequences of compromise
  • A risk mitigation strategy sufficient to result in an acceptable level of risk
  • Understand the organization's threat, vulnerability and risk status
  • None
  • Based on the determination of risk management priorities of the potential consequences of

Answer :Understand the organization's threat, vulnerability and risk status

Which of the following is the most important aspect of the audit is that when an organization outsourcing customer credit evaluation system, third-party service provider? sender:


Options are :

  • Meets or exceeds industry safety standards
  • With the organization's security policies.
  • None
  • Good reputation and experience in the service market.
  • Agreed to a review of external security.

Answer :Agreed to a review of external security.

JK0-802 CompTIA A+ Certification Exam Set 11

Implementation and payments between subsidiaries of the parent bank project information system auditors audit. First is the auditor should ensure that:


Options are :

  • The security feature is there to stand out from the affiliated store
  • None
  • Parent row as the right service provider.
  • Subsidiaries can be associated with co-owner of the payment system.
  • TechNonelogy platform interoperability between the two companies.

Answer :Parent row as the right service provider.

CompTIA Security+ Cert. (SY0-501): Practice Tests 2019 Set 5

Auditors concluded, was stopped in accordance with the IS strategy ID, activate within 90 days of the end user. Information Systems Auditor is:


Options are :

  • None
  • PROPOSED CHANGE IS policies to ensure inactivation of the end-user accounts.
  • Check the necessary permissions have been granted to the foundation
  • We recommend that you stop user activity log periodic review.
  • Reported that the controls are operating effectively, because the inactivation time of occurrence policy

Answer :PROPOSED CHANGE IS policies to ensure inactivation of the end-user accounts.

IT control objectives are useful to auditors, because they form the basis for understanding:


Options are :

  • security strategy.
  • The best security auditing practices related to a particular entity.
  • The object of the desired result or perform a special monitoring system.
  • Technical protection of information.

Answer :The object of the desired result or perform a special monitoring system.

Establish security plan initial stages are:


Options are :

  • Buy security access control software.
  • Development and implementation of information security standards manual
  • Approved information security policy statement of the company.
  • None
  • A comprehensive safety inspection of the performance review, information systems auditor.

Answer :Approved information security policy statement of the company.

CompTIA JK0-022 E2C Security+ Compliance & Operational Exam Set 8

After the merger of these two organizations, a number of legacy applications developed by the two companies is replaced by a new common platform. Which of the following is the biggest risk?


Options are :

  • Change jobs without the integration of resource allocation in the portfolio management of multiple independent projects.
  • Project Management and Reporting Project Management Office, which is driven by an external consultant progress of compounds.
  • Assigned to each inefficient organizational resources, when they are familiar with the company's other legacy systems
  • None
  • The new platform will force the two organizations in the field of business change work processes, resulting in a wide range of training needs.

Answer :Change jobs without the integration of resource allocation in the portfolio management of multiple independent projects.

The main objective of the implementation of the operation and management of the organization responsible for:


Options are :

  • Strategic Direction.
  • None
  • Control business.
  • The implementation of best practices.
  • And business alignment

Answer :Strategic Direction.

In an effective security mechanism, its main concern is the background value delivery are:


Options are :

  • None
  • Way to begin a standard-based solutions.
  • Optimize security investments to support business goals.
  • Using a standard set of security practices.
  • . Adopt a continuous improvement culture

Answer :Optimize security investments to support business goals.

CompTIA IT Fundamentals (Exam FC0-U61) Practice Tests Set 1

Which of the following would most likely show that customer data warehouse should be kept internal, rather than outsourcing offshore activities?


Options are :

  • None
  • Time zone differences may hinder communication between the IT team
  • Software development may require more detailed requirements.
  • Telecommunications costs can be much higher in the first year
  • Privacy Act prevents the cross-border exchange of information.

Answer :Privacy Act prevents the cross-border exchange of information.

Which of the following should be proposed to adjust the IT project portfolio BEST monitoring in information systems auditor, what is the strategic focus of the organization?


Options are :

  • None
  • Editing determine the portfolio each year
  • According to the interests of business and the risk of selecting projects
  • Consider the key to user satisfaction (KPI)
  • Balanced Scorecard defined (BSC), for measuring the performance

Answer :According to the interests of business and the risk of selecting projects

Which provides the best support for new IT projects the following priorities?


Options are :

  • Internal control self-assessment (CSA)
  • None
  • Information Systems Audit
  • Business Risk Assessment
  • This portfolio analysis models

Answer :This portfolio analysis models

CT0-101 Convergence+ Certification Practice Exam Set 12

Which of the following is the best proof of the adequacy of security awareness program?


Options are :

  • In the company's coverage of all parts of education
  • The number of interest groups, including different levels of staff training
  • On a regular basis, and compared with best practices,
  • Safety equipment from different vendors to achieve
  • None

Answer :On a regular basis, and compared with best practices,

When developing security architecture, the following steps should be performed first?


Options are :

  • Define roles and responsibilities
  • Define a security policy
  • Through the development of safety procedures
  • Configuring access control method
  • None

Answer :Define a security policy

Which of the following is the IS management is the most important function to perform, the service has been outsourced?


Options are :

  • None
  • By participating in the design of system suppliers
  • By renegotiation fee
  • Outsourcing monitoring supplier performance
  • Ensure bill payment to the supplier

Answer :Outsourcing monitoring supplier performance

CompTIA JK0-801 A+ Networking & PC Hardware Practice Exam Set 9

To help organize and plan IT investments, information systems auditors recommended:


Options are :

  • Tactical planning
  • Project management tools.
  • Enterprise Architecture (EA).
  • None
  • Object-oriented architecture.

Answer :Enterprise Architecture (EA).

Retail stores bring radio frequency identification (RFID) tags for all products to create a unique serial number. Which of the following is a major problem associated with this initiative?


Options are :

  • The issue of privacy
  • RFID tags can be transferred
  • RFID eliminate line of sight reading
  • None
  • Wavelength can be absorbed into the body

Answer :The issue of privacy

Top-down approach to development practices to help ensure that:


Options are :

  • Its implementation as part of risk assessment.
  • Comply with all relevant policies
  • They are consistent throughout the organization.
  • None
  • They regularly revised.

Answer :They are consistent throughout the organization.

CompTIA JK0-022 Security Cryptography Certification Exam Set 3

Advantage of the open architecture of the system is that it:


Options are :

  • To integrate the promotion of private assembly
  • To facilitate interoperability
  • None
  • The basis of volume discounts from manufacturers of equipment
  • Larger equipment to achieve ecoNonemies of scale allowed.

Answer :To facilitate interoperability

Information systems auditor to examine IT outsourcing contract facilities expect it to be defined:


Options are :

  • Intellectual property.
  • Hardware Configuration
  • Application development methodology.
  • None
  • Access control software.

Answer :Intellectual property.

As an example of direct benefit to the business investment is related to information techNonelogy derived from a proposal:


Options are :

  • Increase market share.
  • None
  • Improved reputation.
  • Introduction of new techNonelogies.
  • Enhanced employee morale.

Answer :Increase market share.

CL0-001 CompTIA Cloud Essentials Practice Test Set 4

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions