Who is accountable for approving an information security governance framework?

The chief information security officer (ClSO)

The chief information officer (CIO)

Which of the following is the PRIMARY benefit achieved when an information security governance framework is aligned with corporate governance?

Protection of business value and assets

Identification of core business strategies C, Easier entrance into new businesses and technologies

Improved regulatory compliance posture

The GREATEST challenge when attempting data recovery of a specific file during forensic analysis is when:

the partition table on the disk has been deleted.

all files in the directory have been deleted.

high-level disk formatting has been performed.

Which of the following is the BEST method to protect the confidentiality of data transmitted over the Internet?

Network address translation (NAT)

Which of the following is the FIRST step when conducting a post-incident review?

Assess the costs of the incident.

Assign responsibility for corrective actions.

Which of the following BEST facilitates the effectiveness of cybersecurity incident response?

Increasing communication with all incident response stakeholders.

Utilizing a security information and event management (SIEM) tool.

Utilizing industry-leading network penetration testing tools.

Increasing communication with all incident response stakeholders.

Continuously updating signatures of the anti-malware solution.

Which of the following is the MOST important constraint to be considered when developing an information security strategy?

Legal and regulatory requirements

Established security policies and standards

Compliance with an international security standard

Information security architecture

An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

Escalate to the chief risk officer (CRO).

Conduct a vulnerability analysis.

Determine compensating controls.

What is the role of the information security manager in finalizing contract negotiations with service providers?

To perform a risk analysis on the outsourcing process

To obtain a security standard certification from the provider

To update security standards for the outsourced process

To ensure that clauses for periodic audits are included

Recommendations for enterprise investment in security technology should be PRIMARILY based on:

the organization s risk tolerance

adherence to international standards

availability of financial resources

the organization s risk tolerance

A business impact analysis (BIA) should be periodically executed PRIMARILY to:

verify the effectiveness of controls.

validate vulnerabilities on environmental changes.

analyze the importance of assets.

check compliance with regulations.

verify the effectiveness of controls.

Which of the following roles is PRIMARILY responsible for developing an information classification framework based on business needs?

Information security steering committee

Embedding security responsibilities into job descriptions is important PRIMARILY because it:

strengthens employee accountability.

simplifies development of the security awareness program.

aligns security to the human resources (HR) function.

strengthens employee accountability.

Which of the following is the MOST important consideration when updating procedures for managing security devices?

Updates based on changes m risk technology and process

Updates based on the organization's security framework

Notification to management of the procedural changes

Updates based on changes m risk technology and process

Review and approval of procedures by management

An information security manager learns that business unit leaders are encouraging increased use of social media platforms to reach customers. Which of the following should be done FIRST to help mitigate the risk of confidential information being disclosed by employees on social media?

Establish an organization-wide social media policy.

Develop sanctions for misuse of social media sites.

Monitor social media sites visited by employees.

Restrict social media access on corporate devices.

A technical vulnerability assessment on a personnel information management server should be performed when:

changes are made to the system configuration.

the data owner leaves the organization unexpectedly.

changes are made to the system configuration.

the number of unauthorized access attempts increases.

an unexpected server outage has occurred.

A recent application security assessment identified a number of low- and medium-level vulnerabilities. Which of the following stakeholders is responsible for deciding the appropriate risk treatment option?

Chief information security officer (CISO)

Which of the following would BEST guide the development and maintenance of an information security program?

The organization's risk appetite

An established risk assessment process

The organization's risk appetite

A new regulatory requirement affecting an organization's information security program is released. Which of the following should be the information security manager's FIRST course of action?

Determine the disruption to the business.

Which of the following is MOST important to maintain integration among the incident response plan, business continuity plan (BCP). and disaster recovery plan (DRP)?

Recovery time objectives (RTOs)

Internal audit has reported a number of information security issues that are not in compliance with regulatory requirements. What should the information security manager do FIRST?

Assess the risk to business operations

Perform a vulnerability assessment

Perform a gap analysis to determine needed resources

Assess the risk to business operations

An information security program is BEST positioned for success when it is closely aligned with:

the information security strategy.

information security best practices.

recognized industry frameworks.

the information security strategy.

Which of the following should be established FIRST when implementing an information security governance framework?

Security incident management team

Security awareness training program

Which of the following should an information security manager do FIRST after identifying suspicious activity on a PC that is not in the organization's IT asset inventory?

Determine why the PC is not included in the inventory

Isolate the PC from the network

Determine why the PC is not included in the inventory

Reinforce information security training

An information security team is investigating an alleged breach of an organization's network. Which of the following would be the BEST single source of evidence to review?

Intrusion detection system (IDS)

File integrity monitoring software

Security information and event management (SIEM) tool

Intrusion detection system (IDS)

Which of the following should an organization do FIRST when confronted with the transfer of personal data across borders?

Assess local or regional regulations

Define policies and standards for data processing.

Implement applicable privacy principles

Assess local or regional regulations

Research cyber insurance policies

Which of the following is the MOST important consideration when briefing executives about the current state of the information security program?

Using appropriate language for the target audience

Including a situational forecast

Using appropriate language for the target audience

Including trend charts for metrics

Using a rating system to demonstrate program effectiveness

Determining the risk for a particular threat/vulnerability pair before controls are applied can be expressed as:

a function of the likelihood and impact, should a threat exploit a vulnerability.

the magnitude of the impact, should a threat exploit a vulnerability.

a function of the cost and effectiveness of controls over a vulnerability.

the likelihood of a given threat attempting to exploit a vulnerability

Which of the following is the BEST approach for data owners to use when defining access privileges for users?

Define access privileges based on user roles.

Adopt user account settings recommended by the vendor.

Perform a risk assessment of the users' access privileges.

Implement an identity and access management (IDM) tool.

Following an employee security awareness training program, what should be the expected outcome?

An increase in reported social engineering attempts

A decrease in the number of viruses detected in incoming emails

A decrease in reported social engineering attacks

An increase in reported social engineering attempts

An increase in user-reported false positive incidents

Which of the following is the BEST way to enhance training for incident response teams?

Establish incident key performance indicators (KPIs).

Conduct interviews with organizational units.

Participate in emergency response activities.

Isaca CISM Practice Test 12 - Free Online Exam Questions 441-480

Spam

Selling illegal goods, money scams etc.

Hate Speech

Serious attack on a group.

Harassment and bullying

Harassing an individual (including doxing)

Harmful activities

Threatening or glorifying violence or serious harm, including self-harm

Adult content (Consensual)

Nudity/Sexual content

Sexual exploitation and abuse (child safety)

Sexually explicit or suggestive imagery or writing involving minors

Sexual exploitation and abuse (adults and animals)

Sexually explicit or suggestive imagery or writing involving non-consenting adults or non-humans

Plagiarism

Reusing content without attribution (link and blockquotes)

Poorly written

Not in English or has very bad formatting, grammar, and spelling

Inappropriate credential

Author's credential is offensive, spam, or impersonation

Other

Ex. Illegal content, incomplete question...

Isaca CISM Practice Test 12

Question

Drag and Drop

Hot Area

Isaca CISM Practice Tests

Practice Tests