[2025] Pass Key features of CRISC Course with Updated 1519 Questions [Q756-Q772]

QUESTION 756
John works as a project manager for BlueWell Inc. He is determining which risks can affect the project. Which of the following inputs of the identify risks process is useful in identifying risks associated to the time allowances for the activities or projects as a whole, with a width of the range indicating the degrees of risk?

Activity duration estimates

Activity cost estimates

Risk management plan

Schedule management plan

QUESTION 757
Tom works as a project manager for BlueWell Inc. He is determining which risks can affect the project. Which of the following inputs of the identify risks process is useful in identifying risks, and provides a quantitative assessment of the likely cost to complete the scheduled activities?

Activity duration estimates

Risk management plan

Cost management plan

Activity cost estimates

Explanation:
The activity cost estimates review is valuable in identifying risks as it provides a quantitative assessment of the expected cost to complete the scheduled activities and is expressed as a range, with a width of the range indicating the degrees of risk.

QUESTION 758
Which of the following should be the risk practitioner’s FIRST course of action when an organization plans to adopt a cloud computing strategy?

Request a budget for implementation

Conduct a threat analysis.

Create a cloud computing policy.

Perform a controls assessment.

QUESTION 759
Following an acquisition, the acquiring company’s risk practitioner has been asked to update the organization’s IT risk profile What is the MOST important information to review from the acquired company to facilitate this task?

Internal and external audit reports

Risk disclosures in financial statements

Risk assessment and risk register

Business objectives and strategies

QUESTION 760
Which of the following is the MOST important data attribute of key risk indicators (KRIs)?

The data is measurable.

The data is calculated continuously.

The data is relevant.

The data is automatically produced.

QUESTION 761
Which of the following should be a risk practitioner’s NEXT action after identifying a high probability of data loss in a system?

Enhance the security awareness program.

Increase the frequency of incident reporting.

Purchase cyber insurance from a third party.

Conduct a control assessment.

QUESTION 762
Which of the following should be the PRIMARY basis for deciding whether to disclose information related to risk events that impact external stakeholders?

Stakeholder preferences

Contractual requirements

Regulatory requirements

Management assertions

QUESTION 763
Recent penetration testing of an organization’s software has identified many different types of security risks. Which of the following is the MOST likely root cause for the identified risk?

SIEM software is producing faulty alerts.

Threat modeling was not utilized in the software design process.

The configuration management process is not applied consistently during development.

An identity and access management (IAM) tool has not been properly integrated into the software.

QUESTION 764
Which of the following is the BEST way to detect zero-day malware on an end user’s workstation?

An antivirus program

Database activity monitoring

Firewall log monitoring

File integrity monitoring

Zero-day malware is malware that exploits unknown and unprotected vulnerabilities. This novel malware is difficult to detect and defend against, making zero-day attacks a significant threat to enterprise cybersecurity1. The best way to detect zero-day malware on an end user’s workstation is to use file integrity monitoring, which is a technique that monitors and alerts on changes to files and directories that may indicate a malware infection or compromise2. By using file integrity monitoring, the end user can detect zero-day malware that may alter or damage the files or directories on their workstation, and take appropriate actions to remove or isolate the malware. File integrity monitoring can also help to prevent the spread of zero-day malware to other systems or networks, and to restore the integrity and availability of the affected files or directories. Antivirus program, database activity monitoring, and firewall log monitoring are not the best ways to detect zero-day malware on an end user’s workstation, as they are not as effective or reliable as file integrity monitoring. Antivirus program is a software that scans and removes known malware from a system or network3. Antivirus program can help to protect the end user’s workstation from common or known malware, but it may not be able to detect zero-day malware that does not have a signature or a pattern that matches the antivirus program’s database. Database activity monitoring is a technique that monitors and audits the activities and transactions on a database, such as queries, updates, or deletions4. Database activity monitoring can help to protect the end user’s database from unauthorized or malicious access or modification, but it may not be able to detect zero-day malware that does not target or affect the database. Firewall log monitoring is a technique that monitors and analyzes the logs generated by a firewall, which is a device or software that filters and controls the incoming and outgoing network traffic based on predefined rules. Firewall log monitoring can help to protect the end user’s workstation from external or internal network attacks, but it may not be able to detect zero-day malware that bypasses or evades the firewall rules or that originates from the workstation itself. References = 1: What is Zero Day Malware? – Check Point Software2: File Integrity Monitoring – an overview | ScienceDirect Topics3: Antivirus Software – an overview
| ScienceDirect Topics4: Database Activity Monitoring – an overview | ScienceDirect Topics : [Firewall Log Analysis – an overview | ScienceDirect Topics] : [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.1: Control Design, pp. 233-
235.] : [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.2: Control Implementation, pp. 243-245.] : [Risk and Information Systems Control Study Manual, Chapter 5: Information Systems Control Design and Implementation, Section 5.3:
Control Monitoring and Maintenance, pp. 251-253.] : [Zero-day attack detection: a systematic literature review | Artificial Intelligence Review] : [Zero-day Attacks Detection and Prevention Methods | Apriorit]

QUESTION 765
Which of the following is MOST important to update when an organization’s risk appetite changes?

Key risk indicators (KRIs)

Risk reporting methodology

Key performance indicators (KPIs)

Risk taxonomy

QUESTION 766
Suppose you are working in Techmart Inc. which sells various products through its website. Due to some recent losses, you are trying to identify the most important risks to the Website. Based on feedback from several experts, you have come up with a list. You now want to prioritize these risks. Now in which category you would put the risk concerning the modification of the Website by unauthorized parties.

Ping Flooding Attack

Web defacing

Denial of service attack

FTP Bounce Attack

Explanation:
Website defacing is an attack on a website by unauthorized party that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own.

QUESTION 767
Winch of the following can be concluded by analyzing the latest vulnerability report for the it infrastructure?

Likelihood of a threat

Impact of technology risk

Impact of operational risk

Control weakness

QUESTION 768
Which of the following is the BEST course of action for a system administrator who suspects a colleague may be intentionally weakening a system’s validation controls in order to pass through fraudulent transactions?

Implement compensating controls to deter fraud attempts.

Share the concern through a whistleblower communication channel.

Monitor the activity to collect evidence.

Determine whether the system environment has flaws that may motivate fraud attempts.

QUESTION 769
Which among the following acts as a trigger for risk response process?

Risk level increases above risk appetite

Risk level increase above risk tolerance

Risk level equates risk appetite

Risk level equates the risk tolerance

QUESTION 770
You are the project manager of GRT project. You discovered that by bringing on more qualified resources or by providing even better quality than originally planned, could result in reducing the amount of time required to complete the project. If your organization seizes this opportunity, it would be an example of what risk response?

Enhance

Exploit

Accept

Share

QUESTION 771
Which of the following MUST be assessed before considering risk treatment options for a scenario with significant impact?

Risk magnitude

Incident probability

Risk appetite

Cost-benefit analysis

QUESTION 772
An organization has just started accepting credit card payments from customers via the corporate website.
Which of the following is MOST likely to increase as a result of this new initiative?

Risk tolerance

Risk appetite

Inherent risk

Residual risk

Related posts:

admin

You might also like

Leave a Reply Cancel reply