ExamGecko
Search Search Login
Home Home / Isaca / CISM

Isaca CISM Practice Test - Questions Answers, Page 56

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following BEST facilitates the effective execution of an incident response plan?
Which of the following BEST enables an incident response team to determine appropriate actions during an initial investigation?
What should a global information security manager do FIRST when informed that a new regulation with significant impact will go into effect soon?
Which of the following BEST demonstrates that an anti-phishing campaign is effective?
Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?
When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:
Which of the following roles is BEST suited to validate user access requirements during an annual user access review?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?

Question 551

Report
Export
Collapse

Which of the following is the MOST effective way to identify changes in an information security environment?

A.
Business impact analysis (BIA)
A.
Business impact analysis (BIA)
Answers
B.
Annual risk assessments
B.
Annual risk assessments
Answers
C.
Regular penetration testing
C.
Regular penetration testing
Answers
D.
Continuous monitoring
D.
Continuous monitoring
Answers
Suggested answer: D

Explanation:

Continuous monitoring is the most effective way to identify changes in an information security environment, as it provides ongoing awareness of the security status, vulnerabilities, and threats that may affect the organization's information assets and risk posture. Continuous monitoring also helps to evaluate the performance and effectiveness of the security controls and processes, and to detect and respond to any deviations or incidents in a timely manner.(From CISM Review Manual 15th Edition and NIST Special Publication 800-1371)

Question 552

Report
Export
Collapse

While conducting a test of a business continuity plan (BCP), which of the following is the MOST important consideration?

A.
The test is scheduled to reduce operational impact.
A.
The test is scheduled to reduce operational impact.
Answers
B.
The test involves IT members in the test process.
B.
The test involves IT members in the test process.
Answers
C.
The test addresses the critical components.
C.
The test addresses the critical components.
Answers
D.
The test simulates actual prime-time processing conditions.
D.
The test simulates actual prime-time processing conditions.
Answers
Suggested answer: C

Explanation:

The test addresses the critical components is the most important consideration while conducting a test of a business continuity plan (BCP), as it ensures that the test covers the essential functions, processes, and resources that are required to maintain or resume the organization's operations in the event of a disruption. The test should also verify that the recovery objectives, such as recovery time objective (RTO) and recovery point objective (RPO), are met. (From CISM Review Manual 15th Edition)

Question 553

Report
Export
Collapse

An organization is considering the feasibility of implementing a big data solution to analyze customer data. In order to support this initiative, the information security manager should FIRST:

A.
inventory sensitive customer data to be processed by the solution.
A.
inventory sensitive customer data to be processed by the solution.
Answers
B.
determine information security resource and budget requirements.
B.
determine information security resource and budget requirements.
Answers
C.
assess potential information security risk to the organization.
C.
assess potential information security risk to the organization.
Answers
D.
develop information security requirements for the big data solution.
D.
develop information security requirements for the big data solution.
Answers
Suggested answer: C

Explanation:

Assessing potential information security risk to the organization is the first step that the information security manager should take when considering the feasibility of implementing a big data solution to analyze customer data, as it helps to identify and evaluate the threats, vulnerabilities, and impacts that may arise from the collection, processing, storage, and sharing of large volumes and varieties of customer data. Assessing risk also helps to determine the risk appetite and tolerance of the organization, and to prioritize the risk treatment options and security controls that are needed to protect the customer data and the big data solution. (From CISM Review Manual 15th Edition)

Question 554

Report
Export
Collapse

Which of the following is MOST important to consider when choosing a shared alternate location for computing facilities?

A.
The organization's risk tolerance
A.
The organization's risk tolerance
Answers
B.
Resource availability
B.
Resource availability
Answers
C.
The organization's mission
C.
The organization's mission
Answers
D.
Incident response team training
D.
Incident response team training
Answers
Suggested answer: A

Explanation:

The organization's risk tolerance is the most important factor to consider when choosing a shared alternate location for computing facilities, because it determines the acceptable level of risk exposure and the required recovery time objectives (RTOs) and recovery point objectives (RPOs) for the organization's critical business processes and information assets. Resource availability, the organization's mission, and incident response team training are also important considerations, but they are secondary to the risk tolerance.

Reference= CISM Review Manual, 16th Edition, page 290

Question 555

Report
Export
Collapse

Which of the following is necessary to ensure consistent protection for an organization's information assets?

A.
Data ownership
A.
Data ownership
Answers
B.
Classification model
B.
Classification model
Answers
C.
Regulatory requirements
C.
Regulatory requirements
Answers
D.
Control assessment
D.
Control assessment
Answers
Suggested answer: B

Explanation:

A classification model is necessary to ensure consistent protection for an organization's information assets, because it defines the criteria for assigning different levels of sensitivity and criticality to the information assets, and determines the appropriate security controls and handling procedures for each level. Data ownership, regulatory requirements, and control assessment are also important aspects of information security management, but they are not sufficient to ensure consistent protection without a classification model.

Reference= CISM Review Manual, 16th Edition, page 67

Question 556

Report
Export
Collapse

Prior to implementing a bring your own device (BYOD) program, it is MOST important to:

A.
select mobile device management (MDM) software.
A.
select mobile device management (MDM) software.
Answers
B.
survey employees for requested applications.
B.
survey employees for requested applications.
Answers
C.
develop an acceptable use policy.
C.
develop an acceptable use policy.
Answers
D.
review currently utilized applications.
D.
review currently utilized applications.
Answers
Suggested answer: C

Explanation:

Before implementing a BYOD program, it is most important to develop an acceptable use policy that defines the roles and responsibilities of the organization and the employees, the security requirements and controls for the devices, the acceptable and unacceptable behaviors and activities, and the consequences of non-compliance. This policy will help to establish a clear and consistent framework for managing the risks and benefits of BYOD.

Reference= CISM Review Manual, 16th Edition, page 197

Question 557

Report
Export
Collapse

Internal audit has reported a number of information security issues that are not in compliance with regulatory requirements. What should the information security manager do FIRST?

A.
Create a security exception.
A.
Create a security exception.
Answers
B.
Perform a gap analysis to determine needed resources.
B.
Perform a gap analysis to determine needed resources.
Answers
C.
Perform a vulnerability assessment.
C.
Perform a vulnerability assessment.
Answers
D.
Assess the risk to business operations.
D.
Assess the risk to business operations.
Answers
Suggested answer: D

Explanation:

The information security manager should first assess the risk to business operations that are caused by the information security issues reported by internal audit. This will help to prioritize the remediation actions and allocate the necessary resources. Creating a security exception, performing a gap analysis, or performing a vulnerability assessment are possible subsequent steps, but they are not the first action to take.

Reference= CISM Review Manual, 16th Edition, page 48

Question 558

Report
Export
Collapse

Which of the following is MOST important to the successful implementation of an information security program?

A.
Adequate security resources are allocated to the program.
A.
Adequate security resources are allocated to the program.
Answers
B.
Key performance indicators (KPIs) are defined.
B.
Key performance indicators (KPIs) are defined.
Answers
C.
A balanced scorecard is approved by the steering committee.
C.
A balanced scorecard is approved by the steering committee.
Answers
D.
The program is developed using global security standards.
D.
The program is developed using global security standards.
Answers
Suggested answer: A

Explanation:

The successful implementation of an information security program depends largely on the availability and allocation of adequate security resources, such as budget, staff, technology, and training. Without sufficient resources, the program may not be able to achieve its objectives, comply with the security strategy, or address the security risks. Key performance indicators (KPIs), a balanced scorecard, and global security standards are also important elements of an information security program, but they are not as critical as the resource allocation.

Reference= CISM Review Manual, 16th Edition, page 69

Question 559

Report
Export
Collapse

Which of the following is MOST important to consider when defining control objectives?

A.
Industry best practices
A.
Industry best practices
Answers
B.
An information security framework
B.
An information security framework
Answers
C.
Control recommendations from a recent audit
C.
Control recommendations from a recent audit
Answers
D.
The organization's risk appetite
D.
The organization's risk appetite
Answers
Suggested answer: D

Explanation:

The organization's risk appetite is the most important factor to consider when defining control objectives, because it reflects the amount and type of risk that the organization is willing to accept or avoid in pursuit of its goals. Control objectives should align with the risk appetite and support the achievement of the organization's objectives. Industry best practices, an information security framework, and control recommendations from a recent audit are also useful sources of guidance, but they are not as critical as the risk appetite.

Reference= CISM Review Manual, 16th Edition, page 75

Question 560

Report
Export
Collapse

Which of the following should be an information security manager's FIRST course of action when one of the organization's critical third-party providers experiences a data breach?

A.
Inform the public relations officer.
A.
Inform the public relations officer.
Answers
B.
Inform customers of the breach.
B.
Inform customers of the breach.
Answers
C.
Invoke the incident response plan.
C.
Invoke the incident response plan.
Answers
D.
Monitor the third party's response.
D.
Monitor the third party's response.
Answers
Suggested answer: C

Explanation:

The information security manager's first course of action when one of the organization's critical third-party providers experiences a data breach should be to invoke the incident response plan that has been established for such scenarios. The incident response plan should define the roles and responsibilities, communication channels, escalation procedures, and recovery actions for dealing with a third-party data breach. Invoking the incident response plan will help to contain the impact, assess the damage, coordinate the response, and restore the normal operations as soon as possible.

Reference= CISM Review Manual, 16th Edition, page 290

Total 793 questions
Go to page: of 80
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms