ISACA
Looking for study notes at ISACA? On Stuvia you will find more than 23 summaries, study notes and other study resources for all courses at ISACA.
-
23
- 0
-
2
Courses at ISACA
Notes available for the following courses at ISACA
Majors at ISACA
Notes available for the following studies at ISACA
-
ISACA 23
Latest notes & summaries ISACA
Three common controls used to protect availablity. 
a) redundancy, backups and access control 
b. Encryption, file permissions and access controls. 
c. Access controls, logging and digital signatures. 
d. Hashes, logging and backups. - A. Redundancy, backups and access control 
Governance has several goals including: 
a. providing strategic direction 
b. ensuring that objectives are achieved 
c. verifying that organizational resources are being used appropriately 
d. directing and monitoring sec...
- Exam (elaborations)
- • 24 pages's •
-
ISACA•ISACA
Preview 3 out of 24 pages
Three common controls used to protect availablity. 
a) redundancy, backups and access control 
b. Encryption, file permissions and access controls. 
c. Access controls, logging and digital signatures. 
d. Hashes, logging and backups. - A. Redundancy, backups and access control 
Governance has several goals including: 
a. providing strategic direction 
b. ensuring that objectives are achieved 
c. verifying that organizational resources are being used appropriately 
d. directing and monitoring sec...
Topic 1, Main Questions (240 Main Questions) 
 
 
 
IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? 
 
A.	Inadequate screen/report design facilities 
B.	Complex programming language subsets 
C.	Lack of portability across operating systems 
D.	Inability to perform data intensive operations 
 
Answer: D Explanation: 
4GLs are usually not suitab...
- Package deal
- Exam (elaborations)
- • 153 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 4 out of 153 pages
Topic 1, Main Questions (240 Main Questions) 
 
 
 
IS management has decided to rewrite a legacy customer relations system using fourth generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? 
 
A.	Inadequate screen/report design facilities 
B.	Complex programming language subsets 
C.	Lack of portability across operating systems 
D.	Inability to perform data intensive operations 
 
Answer: D Explanation: 
4GLs are usually not suitab...
Confidentiality 
Protection from unauthorized access 
integrity 
Protection from unauthorized modification 
Availability 
protection from disruptions in access 
Cybersecurity 
the protection of information assets (digital assets) by addressing threats to information processed, stored, and transported by internetworked information systems 
NIST Functions to Protect Digital Assets 
IPDRR 1) Identify 2) Protect 3) Detect 4) Respond 5) Recover 
Nonrepudiation 
Def: ensuring that a message or other p...
- Package deal
- Exam (elaborations)
- • 18 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 3 out of 18 pages
Confidentiality 
Protection from unauthorized access 
integrity 
Protection from unauthorized modification 
Availability 
protection from disruptions in access 
Cybersecurity 
the protection of information assets (digital assets) by addressing threats to information processed, stored, and transported by internetworked information systems 
NIST Functions to Protect Digital Assets 
IPDRR 1) Identify 2) Protect 3) Detect 4) Respond 5) Recover 
Nonrepudiation 
Def: ensuring that a message or other p...
NEW QUESTION 1 
- (Exam Topic 3) 
Which of the following would be a risk practitioner's BEST course of action when a project team has accepted a risk outside the established risk appetite? 
A.	Reject the risk acceptance and require mitigating controls. 
B.	Monitor the residual risk level of the accepted risk. 
C.	Escalate the risk decision to the project sponsor for review. 
D.	Document the risk decision in the project risk register. 
NEW QUESTION 2 
- (Exam Topic 3) 
Which of the following con...
- Package deal
- Exam (elaborations)
- • 42 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 4 out of 42 pages
NEW QUESTION 1 
- (Exam Topic 3) 
Which of the following would be a risk practitioner's BEST course of action when a project team has accepted a risk outside the established risk appetite? 
A.	Reject the risk acceptance and require mitigating controls. 
B.	Monitor the residual risk level of the accepted risk. 
C.	Escalate the risk decision to the project sponsor for review. 
D.	Document the risk decision in the project risk register. 
NEW QUESTION 2 
- (Exam Topic 3) 
Which of the following con...
Which of the following is the primary step in control implementation for a new business application? - correct answer D. Risk assessment 
 
When implementing an information security program, in which phase of the implementation should metrics be established to assess the effectiveness of the program over time?" - correct answer Either 
B. Initiation 
C. Design 
 
Data owners are concerned and responsible for who has access to their resources and therefore need to be concerned with the strategy...
- Package deal
- Exam (elaborations)
- • 5 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 2 out of 5 pages
Which of the following is the primary step in control implementation for a new business application? - correct answer D. Risk assessment 
 
When implementing an information security program, in which phase of the implementation should metrics be established to assess the effectiveness of the program over time?" - correct answer Either 
B. Initiation 
C. Design 
 
Data owners are concerned and responsible for who has access to their resources and therefore need to be concerned with the strategy...
Hash function will address which of the concerns about electronic message: Discuss o A. A. Message confidentiality o B. B. Message integrity o C. C. Message availability. o D. D. Message compression 2. Digital signature will address which of the concerns about electronic message: 
A. A. Authentication and integrity of data o B. B. Authentication and confidentiality of data o C. C. Confidentiality and integrity of data o D. D. Authentication and availability of data 3. A digital signature...
- Package deal
- Exam (elaborations)
- • 45 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 4 out of 45 pages
Hash function will address which of the concerns about electronic message: Discuss o A. A. Message confidentiality o B. B. Message integrity o C. C. Message availability. o D. D. Message compression 2. Digital signature will address which of the concerns about electronic message: 
A. A. Authentication and integrity of data o B. B. Authentication and confidentiality of data o C. C. Confidentiality and integrity of data o D. D. Authentication and availability of data 3. A digital signature...
Contents 
Course Home screen: ................................................................................................................. 2 
Study Plan (Structured): .............................................................................................................. 3 
Answering and reviewing questions in the Structured Study Plan: ................................................. 4 
Study Plan (Adaptive): .............................................................................
- Package deal
- Summary
- • 17 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 3 out of 17 pages
Contents 
Course Home screen: ................................................................................................................. 2 
Study Plan (Structured): .............................................................................................................. 3 
Answering and reviewing questions in the Structured Study Plan: ................................................. 4 
Study Plan (Adaptive): .............................................................................
Re-evaluation of ISACA Risk analysis 
According to De Haes et al. (2020), the use of COBIT implementation in IT governance plays a critical role in risk assessment. The method takes into consideration the probability as well as the direct impact of a threat to help people management make informed decisions. Roldán-Molina et al. (2017) state that proper assessment must incorporate all the potential risks individually. 
RISK EVENT	PROBABILITY	IMPACT	OVERALL RISK RATING 
Laptop or mobile device wi...
- Package deal
- Exam (elaborations)
- • 6 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 2 out of 6 pages
Re-evaluation of ISACA Risk analysis 
According to De Haes et al. (2020), the use of COBIT implementation in IT governance plays a critical role in risk assessment. The method takes into consideration the probability as well as the direct impact of a threat to help people management make informed decisions. Roldán-Molina et al. (2017) state that proper assessment must incorporate all the potential risks individually. 
RISK EVENT	PROBABILITY	IMPACT	OVERALL RISK RATING 
Laptop or mobile device wi...
Enterprises and their executives strive to: 
• Maintain quality information to support business 
decisions. 
• Generate business value from IT-enabled investments, 
i.e., achieve strategic goals and realise business benefits 
through effective and innovative use of IT. 
• Achieve operational excellence through reliable and 
efficient application of technology. 
• Maintain IT-related risk at an acceptable level. 
• Optimise the cost of IT services and technology. 
How can these benefits...
- Package deal
- Summary
- • 54 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 4 out of 54 pages
Enterprises and their executives strive to: 
• Maintain quality information to support business 
decisions. 
• Generate business value from IT-enabled investments, 
i.e., achieve strategic goals and realise business benefits 
through effective and innovative use of IT. 
• Achieve operational excellence through reliable and 
efficient application of technology. 
• Maintain IT-related risk at an acceptable level. 
• Optimise the cost of IT services and technology. 
How can these benefits...
Exam A 
QUESTION 1 
IS management has decided to rewrite a legacy customer relations system using 
fourth-generation languages (4GLs). Which of the following risks is MOST often 
associated with system development using 4GLs? 
A. Inadequate screen/report design facilities 
B. Complex programming language subsets 
C. Lack of portability across operating systems 
D. Inability to perform data intensive operations 
Correct Answer: D 
Section: (none) 
Explanation 
Explanation/Reference: 
4GLs are usu...
- Package deal
- Exam (elaborations)
- • 324 pages's •
-
ISACA•ISACA
-
A PACKAGE DEAL FOR ISACA CRISC EXAM QUESTIONS AND ANSWERS 2023/24/NOTES/STUDY GUIDES• By THEEXCELLENCELIBRARY
Preview 4 out of 324 pages
Exam A 
QUESTION 1 
IS management has decided to rewrite a legacy customer relations system using 
fourth-generation languages (4GLs). Which of the following risks is MOST often 
associated with system development using 4GLs? 
A. Inadequate screen/report design facilities 
B. Complex programming language subsets 
C. Lack of portability across operating systems 
D. Inability to perform data intensive operations 
Correct Answer: D 
Section: (none) 
Explanation 
Explanation/Reference: 
4GLs are usu...