BCS - CISMP EXAM QUESTIONS AND ANSWERS WITH
COMPLETE SOLTIONS GUARANTEED PASS
A chief information security officer (CISO) at a large organization documented a
policy that establishes the acceptable use of cloud environments for all staff. This
is an example of a:
A) Management/Administrative control
B) Technical control
C) Physical control
D) Cloud control
A) Management/Administrative control
Is it possible to avoid risk?
A) Yes
B) No
C) Sometimes
D) Never
A) Yes
What is meant by non-repudiation?
A) If a user does something, they can't later claim that they didn't do it.
, B) Controls to protect the organization's reputation from harm due to
inappropriate social media postings by employees, even if on their private
accounts and personal time.
C) It is part of the rules set by administrative controls.
D) It is a security feature that prevents session replay attacks.
A) If a user does something, they can't later claim that they didn't do it.
Which of the following is NOT one of the four typical ways of managing risk?
A) Avoid
B) Accept
C) Mitigate
D) Conflate
D) Conflate
Siobhan is deciding whether to make a purchase online; the vendor wants
Siobhan to create a new user account, and is requesting Siobhan's full name,
home address, credit card number, phone number, email address, the ability to
send marketing messages to Siobhan, and permission to share this data with
other vendors. Siobhan decides that the item for sale is not worth the value of
Siobhan's personal information, and decides to not make the purchase. What
kind of risk management approach did Siobhan make?
A) Avoidance
COMPLETE SOLTIONS GUARANTEED PASS
A chief information security officer (CISO) at a large organization documented a
policy that establishes the acceptable use of cloud environments for all staff. This
is an example of a:
A) Management/Administrative control
B) Technical control
C) Physical control
D) Cloud control
A) Management/Administrative control
Is it possible to avoid risk?
A) Yes
B) No
C) Sometimes
D) Never
A) Yes
What is meant by non-repudiation?
A) If a user does something, they can't later claim that they didn't do it.
, B) Controls to protect the organization's reputation from harm due to
inappropriate social media postings by employees, even if on their private
accounts and personal time.
C) It is part of the rules set by administrative controls.
D) It is a security feature that prevents session replay attacks.
A) If a user does something, they can't later claim that they didn't do it.
Which of the following is NOT one of the four typical ways of managing risk?
A) Avoid
B) Accept
C) Mitigate
D) Conflate
D) Conflate
Siobhan is deciding whether to make a purchase online; the vendor wants
Siobhan to create a new user account, and is requesting Siobhan's full name,
home address, credit card number, phone number, email address, the ability to
send marketing messages to Siobhan, and permission to share this data with
other vendors. Siobhan decides that the item for sale is not worth the value of
Siobhan's personal information, and decides to not make the purchase. What
kind of risk management approach did Siobhan make?
A) Avoidance
