Free Isaca IT-Risk-Fundamentals Exam Questions

Become Isaca Certified with updated IT-Risk-Fundamentals exam questions and correct answers

Page: 1 / 68

Total 336 Questions | Updated On: Apr 28, 2026

Add To Cart

Question 1

Which of the following is an example of an inductive method to gather information?

A : Vulnerability analysis

B : Controls gap analysis

C : Penetration testing

Answer: C

Question 2

How can metrics on training effectiveness and needs for additional training be gathered?

A : estionnaires, testing, help desk activity, operational errors

B : nagement interviews only

C : dits only

D : cident reporting only

Answer: A

Question 3

Which of the following presents the GREATEST risk for the continued existence of an enterprise?

A : When its risk appetite and tolerance are reviewed annually

B : When its actual risk eventually exceeds organizational risk appetite

C : When its risk appetite and actual risk exceed its risk capacity

Answer: C

Question 4

What does risk analysis assess in the context of risk scenario development?

A : detectability and reactiveness of the enterprise

B : frequency and impact of identified scenarios

C : development of relevant and manageable risk scenarios

D : identification of systemic and contagious risks

Answer: B

Question 5

Why is it highly desirable to have a single integrated business continuity plan?

A : ensure that resources committed are used ineffectively

B : ensure that there is no confidence in surviving a disruption

C : ensure proper coordination among various plan components and effective resource utilization

D : ensure that no plan components need coordination

Answer: C

Page: 1 / 68

Total 336 Questions | Updated On: Apr 28, 2026

Add To Cart