Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the Isaca Isaca Certification CISM Questions and answers with CertsForce

Viewing page 2 out of 17 pages
Viewing questions 21-40 out of questions
Questions # 21:

A proposal designed to gain buy-in from senior management for a new security project will be MOST effective if it includes:

Options:

A.

analysis of current threat landscape.


B.

historical data of reported incidents.


C.

projected return on investment (ROI).


D.

industry benchmarking gap analysis.


Expert Solution
Questions # 22:

Threat and vulnerability assessments are important PRIMARILY because they are:

Options:

A.

used to establish security investments


B.

the basis for setting control objectives.


C.

elements of the organization ' s security posture.


D.

needed to estimate risk.


Expert Solution
Questions # 23:

A risk assessment exercise has identified the threat of a denial of service (DoS) attack Executive management has decided to take no further action related to this risk. The MO ST likely reason for this decision is

Options:

A.

the risk assessment has not defined the likelihood of occurrence


B.

the reported vulnerability has not been validated


C.

executive management is not aware of the impact potential


D.

the cost of implementing controls exceeds the potential financial losses.


Expert Solution
Questions # 24:

Which of the following is the BEST way to align security and business strategies?

Options:

A.

Establish key performance indicators for the business


B.

Integrate information security governance into corporate governance


C.

Ensure the information security program conforms to industry standards


D.

Include security risk as part of ongoing metrics reporting


Expert Solution
Questions # 25:

When developing an asset classification program, which of the following steps should be completed FIRST?

Options:

A.

Categorize each asset.


B.

Create an inventory. &


C.

Create a business case for a digital rights management tool.


D.

Implement a data loss prevention (OLP) system.


Expert Solution
Questions # 26:

An incident response team recently encountered an unfamiliar type of cyber event. Though the team was able to resolve the issue, it took a significant amount of time to identify. What is the BEST way to help ensure similar incidents are identified more quickly in the future?

Options:

A.

Implement a SIEM solution.


B.

Perform a threat analysis.


C.

Establish performance metrics for the team.


D.

Perform a post-incident review.


Expert Solution
Questions # 27:

Which of the following is the BEST way for an organization to ensure that incident response teams are properly prepared?

Options:

A.

Providing training from third-party forensics firms


B.

Obtaining industry certifications for the response team


C.

Conducting tabletop exercises appropriate for the organization


D.

Documenting multiple scenarios for the organization and response steps


Expert Solution
Questions # 28:

Which of the following trends would be of GREATEST concern when reviewing the performance of an organization ' s intrusion detection systems (IDSs)?

Options:

A.

Decrease in false positives


B.

Increase in false positives


C.

Increase in false negatives


D.

Decrease in false negatives


Expert Solution
Questions # 29:

Which of the following BEST supports effective and timely incident response?

Options:

A.

Involving internal and external stakeholders


B.

Having a documented incident response plan in place


C.

Appointing a forensic incident response specialist


D.

Maintaining a SIEM solution


Expert Solution
Questions # 30:

For the information security manager, integrating the various assurance functions of an organization is important PRIMARILY to enable:

Options:

A.

consistent security.


B.

comprehensive audits


C.

a security-aware culture


D.

compliance with policy


Expert Solution
Questions # 31:

Which of the following is the BEST defense against a brute force attack?

Options:

A.

Time-of-day restrictions


B.

Mandatory access control


C.

Discretionary access control


D.

Multi-factor authentication (MFA)


Expert Solution
Questions # 32:

Which of the following should be the PRIMARY focus of a lessons learned exercise following a successful response to a cybersecurity incident?

Options:

A.

Establishing the root cause of the incident


B.

Identifying attack vectors utilized in the incident


C.

When business operations were restored after the incident


D.

How incident management processes were executed


Expert Solution
Questions # 33:

An organization is outsourcing a business function to an external vendor. Which of the following BEST enables management to ensure the vendor continuously complies with security requirements stated in the master contract?

Options:

A.

Organize a training program for the vendor on the organization’s security requirements.


B.

Conduct periodic reviews of the vendor’s third-party accredited assessments.


C.

Establish the right-to-audit security controls at the vendor site.


D.

Conduct periodic re-approval of security clauses in the master contract.


Expert Solution
Questions # 34:

Which of the following is MOST important to the effectiveness of an information security steering committee?

Options:

A.

The committee has strong regulatory knowledge.


B.

The committee is comprised of representatives from senior management.


C.

The committee has cross-organizational representation.


D.

The committee uses a risk management framework.


Expert Solution
Questions # 35:

What is the PRIMARY role of the information security program?

Options:

A.

To perform periodic risk assessments and business impact analyses (BIAs)


B.

To provide guidance in managing organizational security risk


C.

To approve information security requirements related to the business


D.

To educate stakeholders regarding information security requirements


Expert Solution
Questions # 36:

A business impact analysis (BIA) BEST enables an organization to establish:

Options:

A.

annualized loss expectancy (ALE).


B.

recovery methods.


C.

total cost of ownership (TCO).


D.

restoration priorities.


Expert Solution
Questions # 37:

An information security manager has been made aware of a new data protection regulation that will soon go into effect. Which of the following is the BEST way to manage the risk of noncompliance?

Options:

A.

Perform a gap analysis.


B.

Consult with senior management on the best course of action.


C.

Implement a program of work to comply with the new legislation.


D.

Understand the cost of noncompliance.


Expert Solution
Questions # 38:

Which of the following BEST protects against emerging advanced persistent threat (APT) actors?

Options:

A.

Honeypot environment


B.

Updated security awareness materials


C.

Ongoing incident response training


D.

Proactive monitoring


Expert Solution
Questions # 39:

Which of the following is MOST important to verify during a test of an organization’s incident response process?

Options:

A.

Whether users know which numbers to call in the call tree


B.

Whether incident response team members know their responsibilities


C.

Whether incident response team members are cross-trained


D.

Whether senior management endorses the incident response process


Expert Solution
Questions # 40:

When selecting metrics to monitor the effectiveness of an information security program, it is MOST important for an information security manager to:

Options:

A.

consider the organizations business strategy.


B.

consider the strategic objectives of the program.


C.

leverage industry benchmarks.


D.

identify the program ' s risk and compensating controls.


Expert Solution
Viewing page 2 out of 17 pages
Viewing questions 21-40 out of questions