New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CGEIT Exam - Topic 3 Question 68 Discussion

Actual exam question for Isaca's CGEIT exam
Question #: 68
Topic #: 3
[All CGEIT Questions]

An audit report has revealed that data scientists are analyzing sensitive "big data" files using an offsite cloud because corporate servers do not have the necessary processing capabilities. A review of policies indicates this practice is not prohibited. Which of the following should be the FIRST strategic action to address the report?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Cecily at Feb 09, 2024, 08:48 AM

Limited Time Offer

25%

Off

Get Premium CGEIT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rebecka
3 months ago
I disagree, a private cloud might not be the best solution right away.
upvoted 0 times
...
Margery
3 months ago
Revising the info security policy should be the top priority.
upvoted 0 times
...
Lauryn
3 months ago
Surprised this practice isn't already prohibited!
upvoted 0 times
...
Cecily
4 months ago
I think updating data governance practices is more important.
upvoted 0 times
...
Jackie
4 months ago
Sounds like a risk analysis is definitely needed first.
upvoted 0 times
...
Arleen
4 months ago
I feel like recommending a private cloud could be a good solution, but it might be premature without understanding the risks first.
upvoted 0 times
...
Arlette
4 months ago
Revising the information security policy sounds like a solid option, but I wonder if we should first assess the risks involved with the current practice.
upvoted 0 times
...
Penney
4 months ago
I’m not entirely sure, but updating data governance practices might be important too. I remember a similar question where governance was key to compliance.
upvoted 0 times
...
Tijuana
5 months ago
I think the first step should be to authorize a risk analysis. It seems like we need to understand the potential risks before making any changes.
upvoted 0 times
...
Eun
5 months ago
I'm a bit confused by this question. There are a few options that seem reasonable, but I'm not sure which one would be the most strategic first step. I'll need to re-read the details carefully.
upvoted 0 times
...
Desmond
5 months ago
Okay, I think the key here is to address the policy issue first. Revising the information security policy seems like the logical first move to set the right framework for addressing this.
upvoted 0 times
...
Dortha
5 months ago
Hmm, this is a tricky one. I'm not sure if a risk analysis or updating data governance is the best first step. I'll need to think this through carefully.
upvoted 0 times
...
Skye
5 months ago
This seems like a straightforward question about addressing a security issue. I'd start by carefully reviewing the options and considering the potential risks and benefits of each approach.
upvoted 0 times
...
Werner
5 months ago
Hmm, I'm a bit unsure about this one. I know Citrix has various access control options, but I'm not sure which one would be the best fit for this specific scenario. I'll need to think it through carefully.
upvoted 0 times
...
Dierdre
5 months ago
Okay, let me think this through step-by-step. The code is creating a vector of `B` objects, then using `transform()` to add 1 to each element, and finally printing them out in reverse order. I think the answer is B, but I'll double-check my work.
upvoted 0 times
...
Monte
5 months ago
Okay, I think I've got a handle on this. The communication of changes to external users under a GNU license seems like the least complex management issue here. The others require more ongoing effort.
upvoted 0 times
...
Kanisha
5 months ago
Hmm, I'm a bit torn between CentOS and Debian GNU/Linux. Both are based on Red Hat, but Debian might be a bit more user-friendly for a small hobby project. I'll have to think this one through a bit more.
upvoted 0 times
...
Sharee
5 months ago
I'm pretty confident the answer is C. Hardware-virtualized GPU seems like the right choice for running 3D applications in a Citrix environment with NVIDIA GRID. The question provides enough information to determine that.
upvoted 0 times
...
Shannon
10 months ago
Oh, big data on the cloud? That's like letting the cat out of the bag, if you ask me. Better tighten up that security policy, pronto!
upvoted 0 times
Tesha
9 months ago
C) Revise the information security policy.
upvoted 0 times
...
Carmelina
9 months ago
B) Update data governance practices.
upvoted 0 times
...
Jenifer
9 months ago
A) Authorize a risk analysis of the practice.
upvoted 0 times
...
...
Royce
10 months ago
Hold up, why aren't they just using the private cloud option? That's a no-brainer, D all the way!
upvoted 0 times
Celestina
9 months ago
It's important to update data governance practices as well.
upvoted 0 times
...
Verdell
9 months ago
I agree, using a private cloud would be a good solution.
upvoted 0 times
...
Norah
9 months ago
They should definitely consider the private cloud option.
upvoted 0 times
...
...
Maile
10 months ago
Interesting scenario. I think option B is the way to go - updating the data governance practices could help ensure proper controls are in place for sensitive data.
upvoted 0 times
Janna
8 months ago
D) Recommend the use of a private cloud.
upvoted 0 times
...
Merissa
9 months ago
C) Revise the information security policy.
upvoted 0 times
...
Barney
9 months ago
B) Update data governance practices.
upvoted 0 times
...
Cletus
10 months ago
A) Authorize a risk analysis of the practice.
upvoted 0 times
...
...
Miesha
10 months ago
Ooh, this is a tough one. I'm leaning towards C - revising the information security policy seems like the most proactive approach to address the issue.
upvoted 0 times
...
Felice
10 months ago
I think updating data governance practices could also help address the issue.
upvoted 0 times
...
Zona
10 months ago
I agree with Vilma, it's important to assess the risks first.
upvoted 0 times
...
Chantell
11 months ago
Hmm, the report sounds concerning. I'd go with option A - a risk analysis is crucial to understand the potential impact and determine the best course of action.
upvoted 0 times
Kate
9 months ago
I agree, we should also ensure our data governance practices are up to date to prevent future issues.
upvoted 0 times
...
Vivienne
9 months ago
B) Update data governance practices.
upvoted 0 times
...
Stevie
9 months ago
That sounds like a good idea. We need to assess the risks before making any decisions.
upvoted 0 times
...
Osvaldo
9 months ago
A) Authorize a risk analysis of the practice.
upvoted 0 times
...
...
Vilma
11 months ago
We should authorize a risk analysis of the practice.
upvoted 0 times
...

Save Cancel