Free CRISC Exam Braindumps

- (Exam Topic 3)
Which of the following is the BEST way to assess the effectiveness of an access management process?

1. A. Comparing the actual process with the documented process
2. B. Reviewing access logs for user activity
3. C. Reconciling a list of accounts belonging to terminated employees
4. D. Reviewing for compliance with acceptable use policy

Correct Answer: B

- (Exam Topic 3)
An organization has experienced several incidents of extended network outages that have exceeded tolerance. Which of the following should be the risk practitioner's FIRST step to address this situation?

1. A. Recommend additional controls to address the risk.
2. B. Update the risk tolerance level to acceptable thresholds.
3. C. Update the incident-related risk trend in the risk register.
4. D. Recommend a root cause analysis of the incidents.

Correct Answer: D

- (Exam Topic 3)
Upon learning that the number of failed back-up attempts continually exceeds the current risk threshold, the risk practitioner should:

1. A. inquire about the status of any planned corrective actions
2. B. keep monitoring the situation as there is evidence that this is normal
3. C. adjust the risk threshold to better reflect actual performance
4. D. initiate corrective action to address the known deficiency

Correct Answer: D

- (Exam Topic 3)
The BEST key performance indicator (KPI) for monitoring adherence to an organization's user accounts provisioning practices is the percentage of:

1. A. accounts without documented approval
2. B. user accounts with default passwords
3. C. active accounts belonging to former personnel
4. D. accounts with dormant activity.

Correct Answer: A

- (Exam Topic 3)
Which of the following is the BEST evidence that a user account has been properly authorized?

1. A. An email from the user accepting the account
2. B. Notification from human resources that the account is active
3. C. User privileges matching the request form
4. D. Formal approval of the account by the user's manager

Correct Answer: C