Isaca CISM Practice Test - Questions Answers, Page 35

Which of the following should an information security manager do FIRST when creating an organization's disaster recovery plan (DRP)?

Regular vulnerability scanning on an organization's internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?

An incident management team leader sends out a notification that the organization has successfully recovered from a cyberattack. Which of the following should be done NEXT?

The contribution of recovery point objective (RPO) to disaster recovery is to:

Senior management has just accepted the risk of noncompliance with a new regulation What should the information security manager do NEX*P

The PRIMARY goal of the eradication phase in an incident response process is to:

An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:

* A bad actor broke into a business-critical FTP server by brute forcing an administrative password

* The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored

* The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server

* After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail

Which of the following could have been prevented by conducting regular incident response testing?

Which of the following is the BEST option to lower the cost to implement application security controls?

Which of the following would provide the MOST effective security outcome in an organizations contract management process?