Free CRISC Exam Braindumps

- (Exam Topic 3)
Which of the following is the MOST important factor when deciding on a control to mitigate risk exposure?

1. A. Relevance to the business process
2. B. Regulatory compliance requirements
3. C. Cost-benefit analysis
4. D. Comparison against best practice

Correct Answer: B

- (Exam Topic 3)
A risk practitioner has been asked to advise management on developing a log collection and correlation strategy. Which of the following should be the MOST important consideration when developing this strategy?

1. A. Ensuring time synchronization of log sources.
2. B. Ensuring the inclusion of external threat intelligence log sources.
3. C. Ensuring the inclusion of all computing resources as log sources.
4. D. Ensuring read-write access to all log sources

Correct Answer: A

- (Exam Topic 1)
A risk practitioner has observed that there is an increasing trend of users sending sensitive information by email without using encryption. Which of the following would be the MOST effective approach to mitigate the risk associated with data loss?

1. A. Implement a tool to create and distribute violation reports
2. B. Raise awareness of encryption requirements for sensitive data.
3. C. Block unencrypted outgoing emails which contain sensitive data.
4. D. Implement a progressive disciplinary process for email violations.

Correct Answer: C

- (Exam Topic 3)
it was determined that replication of a critical database used by two business units failed. Which of the following should be of GREATEST concern1?

1. A. The underutilization of the replicated Iink
2. B. The cost of recovering the data
3. C. The lack of integrity of data
4. D. The loss of data confidentiality

Correct Answer: C

- (Exam Topic 2)
Which of the following would BEST help secure online financial transactions from improper users?

1. A. Review of log-in attempts
2. B. Multi-level authorization
3. C. Periodic review of audit trails
4. D. Multi-factor authentication

Correct Answer: D