1. Home
  2. Isaca
  3. IT-RISK-FUNDAMENTALS

Isaca IT-RISK-FUNDAMENTALS Online Practice Questions and Exam Preparation

IT-RISK-FUNDAMENTALS Exam Details

  • Exam Code
    :IT-RISK-FUNDAMENTALS
  • Exam Name
    :IT Risk Fundamentals Certificate
  • Certification
    :Isaca Certifications
  • Vendor
    :Isaca
  • Total Questions
    :118 Q&As
  • Last Updated
    :May 26, 2026

Isaca IT-RISK-FUNDAMENTALS Online Questions & Answers

  • Question 71:

    A business continuity plan (BCP) is:

    A. a methodical plan detailing the steps of incident response activities.
    B. a document of controls that reduce the risk of losing critical processes.
    C. a risk-related document that focuses on business impact assessments (BIAs).

  • Question 72:

    Which of the following is the PRIMARY reason to conduct a cost-benefit analysis as part of a risk response business case?

    A. To determine if the reduction in risk is sufficient to justify the cost of implementing the response
    B. To determine the future resource requirements and funding needed to monitor the related risk
    C. To calculate the total return on investment (ROI) over time and benefit to enterprise risk management (ERM)

  • Question 73:

    An alert generated when network bandwidth usage exceeds a predefined level is an example of a:

    A. threat.
    B. risk event.
    C. lag indicator.
    D. key risk indicator (KRI).

  • Question 74:

    Which of the following is MOST important to include when developing a business case for a specific risk response?

    A. Stakeholders responsible for the risk response plan
    B. Communication and status reporting of the related risk
    C. A justification for the expense of the investment

  • Question 75:

    Which of the following is the BEST way to interpret enterprise standards?

    A. A means of implementing policy
    B. An approved code of practice
    C. Documented high-level principles

  • Question 76:

    Which of the following should be found in an IandT asset inventory to help inform the risk identification process?

    A. Loss scenario information for assets
    B. Security classification of assets
    C. Regulatory requirements of assets

  • Question 77:

    Which of the following is MOST likely to expose an organization to adverse threats?

    A. Complex enterprise architecture
    B. Improperly configured network devices
    C. Incomplete cybersecurity training records

  • Question 78:

    When should a consistent risk analysis method be used?

    A. When the goal is to produce results that can be compared over time
    B. When the goal is to aggregate risk at the enterprise level
    C. When the goal is to prioritize risk response plans

  • Question 79:

    Which risk response option has been adopted when an enterprise outsources disaster recovery activities to leverage the skills and expertise of a third-party provider?

    A. Risk mitigation
    B. Risk avoidance
    C. Risk transfer

  • Question 80:

    Which of the following is the BEST control to prevent unauthorized user access in a remote work environment?

    A. Read-only user privileges
    B. Multi-factor authentication
    C. Monthly user access recertification

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IT-RISK-FUNDAMENTALS exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.