Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CRISC All Questions

View all questions & answers for the CRISC exam
Go to Exam

Exam CRISC topic 1 question 1787 discussion

Actual exam question from Isaca's CRISC
Question #: 1787
Topic #: 1
[All CRISC Questions]

Management has implemented additional administrative and technical controls to reduce the likelihood of a high-impact risk in a key information system. What is the BEST way to validate the effectiveness of the control implementation?

  • A. Perform a vulnerability scan.
  • B. Perform an audit.
  • C. Perform a penetration test.
  • D. Perform a risk assessment.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Baddest at March 24, 2024, 1:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Sara98
1 month, 2 weeks ago
Selected Answer: B
An audit is a systematic and formal review that evaluates whether the administrative and technical controls have been implemented correctly and are functioning as intended. It includes documentation review, interviews, and testing to ensure that controls are reducing the risk effectively. Audits also provide an independent assessment of the control environment.
upvoted 1 times
...
lferolm
4 months, 2 weeks ago
Selected Answer: B
This tests for exploitable vulnerabilities and the effectiveness of certain technical controls but may not evaluate all administrative controls or the overall control environment.
upvoted 1 times
...
Silvias4
5 months, 3 weeks ago
Selected Answer: C
Agree, it's C
upvoted 1 times
...
Radko96
5 months, 3 weeks ago
Selected Answer: C
Incorrect. C. ________________________ Perform a pentest. By conducting a penetration test, organizations can assess the effectiveness of the newly implemented administrative and technical controls in preventing unauthorized access, data breaches, or other security incidents. The test involves attempting to exploit vulnerabilities in the system to gain unauthorized access, escalate privileges, or compromise sensitive data.
upvoted 1 times
...
Baddest
7 months, 4 weeks ago
Selected Answer: C
C. Perform a penetration test. Penetration testing, also known as pen testing, involves simulating real-world attacks on systems, networks, and applications to identify vulnerabilities that could be exploited by malicious actors. By conducting penetration tests, organizations can assess the effectiveness of their control measures in mitigating potential risks and identify any residual vulnerabilities that may exist despite the implementation of controls.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel