Online Access Free ISACA.CRISC.v2024-06-13.q683 Practice Test (Page 46)

CRISC Exam Question 221

A risk practitioner has determined that a key control does not meet design expectations. Which of the following should be done NEXT?

A.Invoke the incident response plan.

B.Document the finding in the risk register.

C.Modify the design of the control.

D.Re-evaluate key risk indicators.

CRISC Exam Question 222

Which of the following is the BEST key performance indicator (KPI) to measure the ability to deliver uninterrupted IT services?

A.Mean time between failures

B.Unplanned downtime

C.Mean time to recover

D.Planned downtime

CRISC Exam Question 223

The PRIMARY reason for periodic penetration testing of Internet-facing applications is to:

A.assess the proliferation of new threats.

B.ensure policy and regulatory compliance.

C.identify vulnerabilities in the system.

D.verify Internet firewall control settings.

CRISC Exam Question 224

A vulnerability assessment of a vendor-supplied solution has revealed that the software is susceptible to cross-site scripting and SQL injection attacks. Which of the following will BEST mitigate this issue?

A.Monitor the databases for abnormal activity

B.Approve exception to allow the software to continue operating

C.Accept the risk and let the vendor run the software as is

D.Require the software vendor to remediate the vulnerabilities

CRISC Exam Question 225

Your project change control board has approved several scope changes that will drastically alter your project plan. You and the project team set about updating the project scope, the WBS, the WBS dictionary, the activity list, and the project network diagram. There are also some changes caused to the project risks, communication, and vendors. What also should the project manager update based on these scope changes?

A.Stakeholder identification

B.Vendor selection process

C.Quality baseline

D.Process improvement plan

Other Version: 1073ISACA.CRISC.v2025-08-27.q675; 3166ISACA.CRISC.v2025-01-04.q999; 2149ISACA.CRISC.v2024-04-02.q999; 2747ISACA.CRISC.v2023-07-10.q544; 5436ISACA.CRISC.v2022-05-25.q338; 76ISACA.Actual4dump.CRISC.v2022-04-12.by.newman.349q.pdf; 5245ISACA.CRISC.v2022-02-22.q349; 5070ISACA.CRISC.v2021-10-27.q295; 42ISACA.Updatedumps.CRISC.v2021-09-05.by.bonnie.114q.pdf

Latest Upload: 105Microsoft.SC-400.v2025-09-20.q290; 363ISACA.CGEIT.v2025-09-19.q537; 156Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 158Scrum.SAFe-Practitioner.v2025-09-18.q63; 154Workday.Workday-Prism-Analytics.v2025-09-17.q17; 133Oracle.1Z0-1055-24.v2025-09-17.q28; 131Oracle.1Z1-182.v2025-09-17.q32; 256Nutanix.NCP-US-6.5.v2025-09-16.q73; 274Oracle.1z0-071.v2025-09-16.q232; 205Oracle.1Z1-922.v2025-09-16.q125

CRISC Exam Question 221

CRISC Exam Question 222

CRISC Exam Question 223

CRISC Exam Question 224

CRISC Exam Question 225

Download PDF File