INFORMATION ASSURANCE

PLEASE DO NOT USE CHATGPT OR ANY AI

1. An organization's HR department is writing a job description for a new CRO position. Which of the following best describes the CRO's role?

Group of answer choices

Build and manage the information security program

Build and manage product development

Build and manage the ERM program

Build and manage the information security program

2. Which overarching program includes monitoring project schedules, budgets, resource allocation, conflicts, and the preparation of status reports for senior management?

Group of answer choices

Configuration management

Program management

IT management

Incident management

3. Which of the following make up the best selection of members for an IT steering committee?

Group of answer choices

Customers

End users

Board members

Senior executives and department heads

4. A security steering committee consisting of senior executives has refused to consider a risk recently added to the risk register by the CISO. What risk treatment has been taken?

Group of answer choices

Risk transfer

Risk acceptance

Residual risk

Risk avoidance

5. A systems analyst is troubleshooting a chronic batch program malfunction, where the software application is aborting because alphanumeric data is being copied to a numeric date field. What kind of solution would resolve these incidents?

Group of answer choices

Type checking

Range and value checking

Spell checking

Batch totals

6. A CIO is finding it difficult to align the IT group with the greater organization. What should the CIO implement to resolve this?

Group of answer choices

Balanced scorecard

IT steering committee

Control self-assessments

Benchmarking

7. An organization has just completed the implementation of a new business system. The CIO wants to measure and report on the new system's business benefits. Why should the CIO not report on business benefits right away?

Group of answer choices

Metrics will improve after external resources have rolled off.

Benefits will improve after post-implementation issues are resolved.

To provide time to collect and measure.

Benefits will improve after the shakedown period.

8. A new CIO is finding it difficult to understand the effectiveness of IT processes in the organization. What should the CIO implement to provide better visibility?

Group of answer choices

Control self-assessments

Benchmarks

Balanced scorecard

Zachman scorecard

9. Which monitoring processes take place after the implementation phase of the SDLC?

Group of answer choices

Event management and capacity management

Problem management

Service management and configuration management

Maintenance management and change management

10. Which software development methodology is characterized by small, highly experienced development teams; integrated development tools; and frequent design sessions with end-users?

Group of answer choices

Rapid application development (RAD)

Data-oriented system development (DOSD)

Component-based development

Object-oriented (OO) system development