Online Access Free ISC.CGRC.v2024-06-23.q151 Practice Test (Page 20)

CGRC Exam Question 91

The process by which a security control baseline is modified based on: (i) the application of scoping guidance; (ii) the specification of compensating security controls, if needed; and (iii) the specification of organization-defined parameters in the security controls via explicit assignment and selection statements.
Response:

A.Scoping

B.Tailoring

C.Guidance

D.Feature

CGRC Exam Question 92

Where can a project manager find risk-rating rules?
Response:

A.Enterprise environmental factors

B.Risk probability and impact matrix

C.Organizational process assets

D.Risk management plan

CGRC Exam Question 93

For which of the following reporting requirements are continuous monitoring documentation reports used?
Response:

A.FBI

B.HIPAA

C.FISMA

D.NIST

CGRC Exam Question 94

Which of the three-tiered approaches to risk management address risk at an Enterprise-wide perspective?
Response:

A.Categorization

B.Authorization

C.Organizational

D.Initiation

CGRC Exam Question 95

Which of the following professionals plays the role of a monitor and takes part in the organization's configuration management process?
Response:

A.Common Control Provider

B.Senior Agency Information Security Officer

C.Chief Information Officer

D.Authorizing Official

Other Version: 1155ISC.CGRC.v2025-02-03.q173

Latest Upload: 135Oracle.1D0-1057-25-D.v2026-06-03.q29; 268NAHQ.CPHQ.v2026-06-03.q396; 252CompTIA.220-1201.v2026-06-03.q196; 152GIAC.GCFE.v2026-06-03.q78; 145HIMSS.CPHIMS.v2026-06-03.q45; 229Google.Professional-Cloud-Architect.v2026-06-03.q165; 143HP.HPE7-A09.v2026-06-02.q48; 153ACDIS.CCDS-O.v2026-06-02.q56; 132Microsoft.AB-730.v2026-06-02.q31; 208ASQ.CSSBB.v2026-06-02.q130

CGRC Exam Question 91

CGRC Exam Question 92

CGRC Exam Question 93

CGRC Exam Question 94

CGRC Exam Question 95

Download PDF File