ExamGecko
Search Search Login
Home Home / Isaca / CISM

Isaca CISM Practice Test - Questions Answers, Page 78

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following BEST facilitates the effective execution of an incident response plan?
Which of the following BEST enables an incident response team to determine appropriate actions during an initial investigation?
What should a global information security manager do FIRST when informed that a new regulation with significant impact will go into effect soon?
Which of the following BEST demonstrates that an anti-phishing campaign is effective?
Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?
When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
Which of the following roles is BEST suited to validate user access requirements during an annual user access review?
Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?
The PRIMARY goal of a post-incident review should be to:

Question 771

Report
Export
Collapse

An information security manager has learned of an increasing trend in attacks that use phishing emails impersonating an organization's CEO in an attempt to commit wire transfer fraud. Which of the following is the BEST way to reduce the risk associated with this type of attack?

A.
Temporarily suspend wire transfers for the organization.
A.
Temporarily suspend wire transfers for the organization.
Answers
B.
Provide awareness training to the CEO for this type of phishing attack.
B.
Provide awareness training to the CEO for this type of phishing attack.
Answers
C.
Provide awareness training to staff responsible for wire transfers.
C.
Provide awareness training to staff responsible for wire transfers.
Answers
D.
Disable emails for staff responsible for wire transfers.
D.
Disable emails for staff responsible for wire transfers.
Answers
Suggested answer: C

Question 772

Report
Export
Collapse

Which of the following is the BEST indication of an effective disaster recovery planning process?

A.
Hot sites are required for any declared disaster.
A.
Hot sites are required for any declared disaster.
Answers
B.
Chain of custody is maintained throughout the disaster recovery process.
B.
Chain of custody is maintained throughout the disaster recovery process.
Answers
C.
Post-incident reviews are conducted after each event.
C.
Post-incident reviews are conducted after each event.
Answers
D.
Recovery time objectives (RTOs) are shorter than recovery point objectives (RPOs).
D.
Recovery time objectives (RTOs) are shorter than recovery point objectives (RPOs).
Answers
Suggested answer: C

Question 773

Report
Export
Collapse

Which of the following is MOST important for the information security manager to include when presenting changes in the security risk profile to senior management?

A.
Industry benchmarks
A.
Industry benchmarks
Answers
B.
Security training test results
B.
Security training test results
Answers
C.
Performance measures for existing controls
C.
Performance measures for existing controls
Answers
D.
Number of false positives
D.
Number of false positives
Answers
Suggested answer: C

Question 774

Report
Export
Collapse

Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:

A.
quickly resolved and eliminated regardless of cost.
A.
quickly resolved and eliminated regardless of cost.
Answers
B.
tracked and reported on until their final resolution.
B.
tracked and reported on until their final resolution.
Answers
C.
documented in security awareness programs.
C.
documented in security awareness programs.
Answers
D.
noted and re-examined later if similar weaknesses are found.
D.
noted and re-examined later if similar weaknesses are found.
Answers
Suggested answer: D

Question 775

Report
Export
Collapse

The PRIMARY reason to properly classify information assets is to determine:

A.
appropriate encryption strength using a risk-based approach.
A.
appropriate encryption strength using a risk-based approach.
Answers
B.
the business impact if assets are compromised.
B.
the business impact if assets are compromised.
Answers
C.
the appropriate protection based on sensitivity.
C.
the appropriate protection based on sensitivity.
Answers
D.
user access levels based on the need to know.
D.
user access levels based on the need to know.
Answers
Suggested answer: C

Question 776

Report
Export
Collapse

Which of the following should be done FIRST when developing a business continuity plan (BCP)?

A.
Review current recovery policies.
A.
Review current recovery policies.
Answers
B.
Define the organizational strategy.
B.
Define the organizational strategy.
Answers
C.
Prioritize the critical processes.
C.
Prioritize the critical processes.
Answers
D.
Review existing cyber insurance coverage.
D.
Review existing cyber insurance coverage.
Answers
Suggested answer: B

Question 777

Report
Export
Collapse

Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?

A.
Lack of knowledgeable personnel
A.
Lack of knowledgeable personnel
Answers
B.
Lack of communication processes
B.
Lack of communication processes
Answers
C.
Lack of process documentation
C.
Lack of process documentation
Answers
D.
Lack of alignment with organizational goals
D.
Lack of alignment with organizational goals
Answers
Suggested answer: A

Question 778

Report
Export
Collapse

Which of the following processes is MOST important for the success of a business continuity plan (BCP)?

A.
Involving all stakeholders in testing and training
A.
Involving all stakeholders in testing and training
Answers
B.
Scheduling periodic internal and external audits
B.
Scheduling periodic internal and external audits
Answers
C.
Including the board and senior management in plan reviews
C.
Including the board and senior management in plan reviews
Answers
D.
Maintaining copies of the plan at the primary and recovery sites
D.
Maintaining copies of the plan at the primary and recovery sites
Answers
Suggested answer: A

Question 779

Report
Export
Collapse

When analyzing the emerging risk and threat landscape, an information security manager should FIRST:

A.
determine the impact if threats materialize.
A.
determine the impact if threats materialize.
Answers
B.
determine the sources of emerging threats.
B.
determine the sources of emerging threats.
Answers
C.
review historical threats within the industry.
C.
review historical threats within the industry.
Answers
D.
map threats to business assets.
D.
map threats to business assets.
Answers
Suggested answer: B

Question 780

Report
Export
Collapse

What should be the NEXT course of action when an information security manager has identified a department that is repeatedly not following the security policy?

A.
Perform a vulnerability assessment on the systems within the department.
A.
Perform a vulnerability assessment on the systems within the department.
Answers
B.
Introduce additional controls to force compliance with policy.
B.
Introduce additional controls to force compliance with policy.
Answers
C.
Require department users to repeat security awareness training.
C.
Require department users to repeat security awareness training.
Answers
D.
Report the policy violation to senior management.
D.
Report the policy violation to senior management.
Answers
Suggested answer: D
Total 793 questions
Go to page: of 80
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms