Online Access Free CRISC Exam Questions

A risk practitioner has been notified of a social engineering attack using artificial intelligence (AI) technology to impersonate senior management personnel. Which of the following would BEST mitigate the impact of such attacks?

• A.Suspension and takedown of malicious domains or accounts
• B.Subscription to data breach monitoring sites
• C.Increased monitoring of executive accounts
• D.Training and awareness of employees for increased vigilance

When formulating a social media policy lo address information leakage, which of the following is the MOST important concern to address?

• A.Using social media for personal purposes during working hours
• B.Sharing personal information on social media
• C.Using social media to maintain contact with business associates
• D.Sharing company information on social media

Which of the following would MOST effectively reduce risk associated with an increased volume of online transactions on a retailer website?

• A.Transaction limits
• B.Hot backup site
• C.Website activity monitoring
• D.Scalable infrastructure

Who is accountable for risk treatment?

• A.Business process owner
• B.Enterprise risk management team
• C.Risk owner
• D.Risk mitigation manager

The objective of aligning mitigating controls to risk appetite is to ensure that:

• A.exposures are reduced only for critical business systems
• B.insurance costs are minimized
• C.exposures are reduced to the fullest extent
• D.the cost of controls does not exceed the expected loss.