Free ISACA CRISC Übungsprüfungen - Seite 29 von 65

Question #281

What are the MOST important criteria to consider when developing a data classification scheme to facilitate risk assessment and the prioritization of risk mitigation activities?

A . Mitigation and control value
B . Volume and scope of data generated daily
C . Business criticality and sensitivity
D . Recovery point objective (RPO) and recovery time objective (RTO)

Lösung einblenden Lösung ausblenden

Question #282

Which of the following is the PRIMARY reason for conducting peer reviews of risk analysis?

A . To enhance compliance with standards
B . To minimize subjectivity of assessments
C . To increase consensus among peers
D . To provide assessments for benchmarking

Lösung einblenden Lösung ausblenden

Question #283

A chief information officer (CIO) has identified risk associated with shadow systems being maintained by business units to address specific functionality gaps in the organization’s enterprise resource planning (ERP) system.

What is the BEST way to reduce this risk going forward?

A . Align applications to business processes.
B . Implement an enterprise architecture (EA).
C . Define the software development life cycle (SDLC).
D . Define enterprise-wide system procurement requirements.

Lösung einblenden Lösung ausblenden

Richtige Antwort: B
B

Explanation:

Shadow systems are IT systems, solutions, devices, or technologies used within an organization without the knowledge and approval of the corporate IT department1. They are often the result of employees trying to address specific functionality gaps in the organization’s official systems, such as the ERP system. However, shadow systems can pose significant risks to the organization, such as: Data security and privacy breaches, as shadow systems may not comply with the organization’s security policies and standards, or may expose sensitive data to unauthorized parties2.

Data quality and integrity issues, as shadow systems may not synchronize or integrate with the organization’s official systems, or may create data inconsistencies or redundancies3.

Compliance and regulatory violations, as shadow systems may not adhere to the organization’s legal or contractual obligations, or may create audit or reporting challenges4.

Cost and resource inefficiencies, as shadow systems may duplicate or conflict with the organization’s official systems, or may consume more IT resources than necessary5.

The best way to reduce the risk associated with shadow systems is to implement an enterprise architecture (EA), which is a comprehensive framework that defines the structure, processes, principles, and standards of the organization’s IT environment6. By implementing an EA, the organization can:

Align the IT systems with the organization’s goals and strategy, and ensure that they support the business needs and requirements6.

Establish a governance structure and process for IT decision making, and ensure that all IT systems are approved, monitored, and controlled by the IT department7.

Enhance the communication and collaboration between the IT department and the business units,

and ensure that the IT systems meet the expectations and preferences of the end users5.

Optimize the performance and efficiency of the IT systems, and ensure that they are scalable, flexible, and interoperable6.

Reference: =

Shadow IT: What Are the Risks and How Can You Mitigate Them? – Ekran System

How to Reduce Risks of Shadow IT by Applying Governance to Public Clouds C BMC Software | Blogs What is shadow IT? – Article | SailPoint

The Risks of Shadow IT and How to Avoid Them | SiteSpect

Start reducing your organization’s Shadow IT risk in 3 steps

What is enterprise architecture (EA)? – Definition from WhatIs.com

Enterprise Architecture Governance – CIO Wiki

Question #284

Which of the following is the BEST way to detect zero-day malware on an end user’s workstation?

A . An antivirus program
B . Database activity monitoring
C . Firewall log monitoring
D . File integrity monitoring

Lösung einblenden Lösung ausblenden

Richtige Antwort: D
D

Explanation:

Zero-day malware is malware that exploits unknown and unprotected vulnerabilities. This novel malware is difficult to detect and defend against, making zero-day attacks a significant threat to enterprise cybersecurity1. The best way to detect zero-day malware on an end user’s workstation is to use file integrity monitoring, which is a technique that monitors and alerts on changes to files and directories that may indicate a malware infection or compromise2. By using file integrity monitoring, the end user can detect zero-day malware that may alter or damage the files or directories on their workstation, and take appropriate actions to remove or isolate the malware. File integrity monitoring can also help to prevent the spread of zero-day malware to other systems or networks, and to restore the integrity and availability of the affected files or directories. Antivirus program, database activity monitoring, and firewall log monitoring are not the best ways to detect zero-day malware on an end user’s workstation, as they are not as effective or reliable as file integrity monitoring. Antivirus program is a software that scans and removes known malware from a system or network3. Antivirus program can help to protect the end user’s workstation from common or known malware, but it may not be able to detect zero-day malware that does not have a signature or a pattern that matches the antivirus program’s database. Database activity monitoring is a technique that monitors and audits the activities and transactions on a database, such as queries, updates, or deletions4. Database activity monitoring can help to protect the end user’s database from unauthorized or malicious access or modification, but it may not be able to detect zero-day malware that does not target or affect the database. Firewall log monitoring is a technique that monitors and analyzes the logs generated by a firewall, which is a device or software that filters and controls the incoming and outgoing network traffic based on predefined rules. Firewall log monitoring can help to protect the end user’s workstation from external or internal network attacks, but it may not be able to detect zero-day malware that bypasses or evades the firewall rules or that originates from the workstation itself.

Reference: = 1: What is Zero Day Malware? – Check Point Software2: File Integrity Monitoring – an overview | ScienceDirect Topics3: Antivirus Software – an overview | ScienceDirect Topics4: Database Activity Monitoring – an overview | ScienceDirect Topics: [Firewall Log Analysis – an overview | ScienceDirect Topics]: [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.1: Control Design, pp. 233-235.]: [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.2: Control Implementation, pp. 243-245.]: [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.3: Control Monitoring and Maintenance, pp. 251-253.]: [Zero-day attack detection: a systematic literature review | Artificial Intelligence Review]: [Zero-day Attacks Detection and Prevention Methods | Apriorit]

Question #285

Once a risk owner has decided to implement a control to mitigate risk, it is MOST important to develop: