Free Access ISACA.CRISC.v2022-05-05.q821 Practice Test (Page 10)

Question 41

You are the project manager of GHT project. You have implemented an automated tool to analyze and report on access control logs based on severity. This tool generates excessively large amounts of results.
You perform a risk assessment and decide to configure the monitoring tool to report only when the alerts are marked "critical". What you should do in order to fulfill that?

A.Apply risk response

B.Optimize Key Risk Indicator

C.Update risk register

D.Perform quantitative risk analysis

Question 42

What are the key control activities to be done to ensure business alignment?
Each correct answer represents a part of the solution. Choose two.

A.Define the business requirements for the management of data by IT

B.Conduct IT continuity tests on a regular basis or when there are major changes in the IT infrastructure

C.Periodically identify critical data that affect business operations

D.Establish an independent test task force that keeps track of all events

Question 43

Which of the following would be MOST important for a risk practitioner to provide to the internal audit department during the audit planning process?

A.Closed management action plans from the previous audit

B.Annual risk assessment results

C.An updated vulnerability management report

D.A list of identified generic risk scenarios

Question 44

Which of the following vulnerability assessment software can check for weak passwords on the network?

A.Password cracker

B.Antivirus software

C.Anti-spyware software

D.Wireshark

E.Explanation:
A password cracker is an application program that is used to identify an unknown or forgotten password on a computer or network resources. It can also be used to help a humancracker obtain unauthorized access to resources. A password cracker can also check for weak passwords on the network and give notifications to put another password.

Question 45

An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?

A.Process owner

B.Internal auditor

C.Risk manager

D.Project sponsor

Other Version: 3320ISACA.CRISC.v2025-07-19.q999; 6458ISACA.CRISC.v2024-09-11.q999; 7512ISACA.CRISC.v2022-10-10.q527; 12541ISACA.CRISC.v2022-08-23.q834; 66ISACA.Examboosts.CRISC.v2021-09-26.by.erica.460q.pdf

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 160TheSecOpsGroup.CNSP.v2025-09-08.q20; 218CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 183Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 41

Question 42

Question 43

Question 44

Question 45

Download PDF File