Free Access ISACA.CRISC.v2024-09-11.q999 Practice Test (Page 52)

Question 251

A department allows multiple users to perform maintenance on a system using a single set of credentials. A risk practitioner determined this practice to be high-risk. Which of the following is the MOST effective way to mitigate this risk?

A.Single sign-on

B.Data encryption at rest

C.Audit trail review

D.Multi-factor authentication

Question 252

Which of the following is MOST helpful to understand the consequences of an IT risk event?

A.Root cause analysis

B.Fault tree analysis

C.Historical trend analysis

D.Business impact analysis (BIA)

Question 253

Which of the following is the MOST important objective of establishing an enterprise risk management (ERM) function within an organization?

A.To have a standard risk management process for complying with regulations

B.To ensure risk profiles are presented in a consistent format within the organization

C.To have a unified approach to risk management across the organization

D.To optimize risk management resources across the organization

Question 254

Which of the following statements BEST illustrates the relationship between key performance indicators (KPIs) and key control indicators (KCIs)?

A.KCIs are applied at the operational level while KPIs are at the strategic level.

B.KPIs and KCIs both contribute to understanding of control effectiveness.

C.KPIs measure manual controls, while KCIs measure automated controls.

D.A robust KCI program will replace the need to measure KPIs.

Question 255

Which of the following would provide executive management with the BEST information to make risk decisions as a result of a risk assessment?

A.A qualitative presentation of risk assessment results

B.A quantitative presentation of risk assessment results

C.An assessment of organizational maturity levels and readiness

D.A companion of risk assessment results to the desired state

Other Version: 3611ISACA.CRISC.v2025-07-19.q999; 7513ISACA.CRISC.v2022-10-10.q527; 12588ISACA.CRISC.v2022-08-23.q834; 15493ISACA.CRISC.v2022-05-05.q821; 66ISACA.Examboosts.CRISC.v2021-09-26.by.erica.460q.pdf

Latest Upload: 115Genesys.GCX-GCD.v2025-09-13.q25; 115Huawei.H12-725_V4.0.v2025-09-13.q21; 116Oracle.1z0-1196-25.v2025-09-12.q18; 112NetworkAppliance.NS0-162.v2025-09-12.q86; 362OCEG.GRCP.v2025-09-11.q211; 114HP.HPE0-V27.v2025-09-11.q78; 138Oracle.1Z0-1057-23.v2025-09-10.q47; 182Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 148SAP.C-S4EWM-2023.v2025-09-08.q83; 298TheSecOpsGroup.CNSP.v2025-09-08.q20

Question 251

Question 252

Question 253

Question 254

Question 255

Download PDF File