ExamGecko
Search Search Login
Home Home / Isaca / CISM

Isaca CISM Practice Test - Questions Answers, Page 76

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following BEST facilitates the effective execution of an incident response plan?
Which of the following BEST enables an incident response team to determine appropriate actions during an initial investigation?
What should a global information security manager do FIRST when informed that a new regulation with significant impact will go into effect soon?
Which of the following BEST demonstrates that an anti-phishing campaign is effective?
Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?
When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
Which of the following roles is BEST suited to validate user access requirements during an annual user access review?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?
The PRIMARY goal of a post-incident review should be to:

Question 751

Report
Export
Collapse

Which of the following is the BEST defense against a brute force attack?

A.
Time-of-day restrictions
A.
Time-of-day restrictions
Answers
B.
Mandatory access control
B.
Mandatory access control
Answers
C.
Discretionary access control
C.
Discretionary access control
Answers
D.
Multi-factor authentication (MFA)
D.
Multi-factor authentication (MFA)
Answers
Suggested answer: D

Question 752

Report
Export
Collapse

Which of the following should be the NEXT step after a security incident has been reported?

A.
Recovery
A.
Recovery
Answers
B.
Investigation
B.
Investigation
Answers
C.
Escalation
C.
Escalation
Answers
D.
Containment
D.
Containment
Answers
Suggested answer: D

Question 753

Report
Export
Collapse

Which of the following is the BEST source of information to support an organization's information security vision and strategy?

A.
Metrics dashboard
A.
Metrics dashboard
Answers
B.
Governance policies
B.
Governance policies
Answers
C.
Capability maturity model
C.
Capability maturity model
Answers
D.
Enterprise information security architecture
D.
Enterprise information security architecture
Answers
Suggested answer: D

Question 754

Report
Export
Collapse

Which of the following is MOST important to ensuring that incident management plans are executed effectively?

A.
Management support and approval has been obtained.
A.
Management support and approval has been obtained.
Answers
B.
The incident response team has the appropriate training.
B.
The incident response team has the appropriate training.
Answers
C.
An incident response maturity assessment has been conducted.
C.
An incident response maturity assessment has been conducted.
Answers
D.
A reputable managed security services provider has been engaged.
D.
A reputable managed security services provider has been engaged.
Answers
Suggested answer: A

Question 755

Report
Export
Collapse

Which of the following is the PRIMARY reason to conduct a post-incident review?

A.
To aid in future risk assessments
A.
To aid in future risk assessments
Answers
B.
To improve the response process
B.
To improve the response process
Answers
C.
To determine whether digital evidence is admissible
C.
To determine whether digital evidence is admissible
Answers
D.
To notify regulatory authorities
D.
To notify regulatory authorities
Answers
Suggested answer: B

Question 756

Report
Export
Collapse

How does an organization PRIMARILY benefit from the creation of an information security steering committee?

A.
An increase in information security risk awareness
A.
An increase in information security risk awareness
Answers
B.
An increased alignment with industry security trends that impact the business
B.
An increased alignment with industry security trends that impact the business
Answers
C.
An increased focus on information security resource management
C.
An increased focus on information security resource management
Answers
D.
An increased alignment of information security with the business
D.
An increased alignment of information security with the business
Answers
Suggested answer: D

Question 757

Report
Export
Collapse

Unintentional behavior by an employee caused a major data loss incident. Which of the following is the BEST way for the information security manager to prevent recurrence within the organization?

A.
Implement compensating controls.
A.
Implement compensating controls.
Answers
B.
Communicate consequences for future instances.
B.
Communicate consequences for future instances.
Answers
C.
Enhance the data loss prevention (DLP) solution.
C.
Enhance the data loss prevention (DLP) solution.
Answers
D.
Improve the security awareness training program.
D.
Improve the security awareness training program.
Answers
Suggested answer: D

Question 758

Report
Export
Collapse

Business objectives and organizational risk appetite are MOST useful inputs to the development of information security:

A.
strategy.
A.
strategy.
Answers
B.
risk assessments.
B.
risk assessments.
Answers
C.
key performance indicators (KPIs).
C.
key performance indicators (KPIs).
Answers
D.
standards.
D.
standards.
Answers
Suggested answer: A

Question 759

Report
Export
Collapse

An information security team plans to strengthen authentication requirements for a customer-facing site, but there are concerns it will negatively impact the user experience. Which of the following is the information security manager's BEST course of action?

A.
Assess business impact against security risk.
A.
Assess business impact against security risk.
Answers
B.
Provide security awareness training to customers.
B.
Provide security awareness training to customers.
Answers
C.
Refer to industry best practices.
C.
Refer to industry best practices.
Answers
D.
Quantify the security risk to the business.
D.
Quantify the security risk to the business.
Answers
Suggested answer: A

Question 760

Report
Export
Collapse

When establishing classifications of security incidents for the development of an incident response plan, which of the following provides the MOST valuable input?

A.
Business impact analysis (BIA) results
A.
Business impact analysis (BIA) results
Answers
B.
Vulnerability assessment results
B.
Vulnerability assessment results
Answers
C.
The business continuity plan (BCP)
C.
The business continuity plan (BCP)
Answers
D.
Recommendations from senior management
D.
Recommendations from senior management
Answers
Suggested answer: A
Total 793 questions
Go to page: of 80
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms