Question 1

Which activity is commonly linked with analyzing Information and Technology (I&T) related risks?

Options :

A : Estimating the frequency and impact of I&T-related risk scenarios.

B : Identifying potential vulnerabilities within the I&T infrastructure and systems.

C : Documenting IT controls that mitigate similar risk types.

D : Cataloging I&T-related risk scenarios.

Answer: A

Question 2

Why is it highly desirable to have a single integrated business continuity plan?

Options :

A : To ensure that resources committed are used ineffectively

B : To ensure that there is no confidence in surviving a disruption

C : To ensure proper coordination among various plan components and effective resource utilization

D : To ensure that no plan components need coordination

Answer: C

Question 3

How can metrics on training effectiveness and needs for additional training be gathered?

Options :

A : Questionnaires, testing, help desk activity, operational errors

B : Management interviews only

C : Audits only

D : Incident reporting only

Answer: A

Question 4

Who ensures the involvement of the board in major decisions in an enterprise?

Options :

A : CEO

B : CFO

C : Executive committee

D : COO

Answer: C

Question 5

What is the primary focus of I&T risk scenarios?

Options :

A : To describe potential IT-related events and their business impacts

B : To conduct interviews with potential pitfalls

C : To analyze financial assets and their potential risks

D : To identify potential threats and vulnerabilities

Answer: A

Higher Test Marks with Free Online IT-Risk-Fundamentals Exam Practice