Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Pass the Isaca Isaca Certification CISM Questions and answers with CertsForce

Viewing page 8 out of 17 pages
Viewing questions 141-160 out of questions
Questions # 141:

Which of the following is the BEST starting point for a newly hired information security manager who has been tasked with identifying and addressing network vulnerabilities?

Options:

A.

Controls analysis


B.

Emerging risk review


C.

Penetration testing


D.

Traffic monitoring


Expert Solution
Questions # 142:

Which of the following roles is BEST able to influence the security culture within an organization?

Options:

A.

Chief information security officer (CISO)


B.

Chief information officer (CIO)


C.

Chief executive officer (CEO)


D.

Chief operating officer (COO)


Expert Solution
Questions # 143:

Which of the following is the BEST way to determine the effectiveness of an incident response plan?

Options:

A.

Reviewing previous audit reports


B.

Conducting a tabletop exercise


C.

Benchmarking the plan against best practices


D.

Performing a penetration test


Expert Solution
Questions # 144:

Labeling information according to its security classification:

Options:

A.

enhances the likelihood of people handling information securely.


B.

reduces the number and type of countermeasures required.


C.

reduces the need to identify baseline controls for each classification.


D.

affects the consequences if information is handled insecurely.


Expert Solution
Questions # 145:

Which of the following should be done FIRST when developing an information security strategy?

Options:

A.

Identify owners of information assets


B.

Develop security policies and standards


C.

Determine the desired state of information security


D.

Establish an information security steering committee


Expert Solution
Questions # 146:

What is the BEST way to reduce the impact of a successful ransomware attack?

Options:

A.

Perform frequent backups and store them offline.


B.

Purchase or renew cyber insurance policies.


C.

Include provisions to pay ransoms ih the information security budget.


D.

Monitor the network and provide alerts on intrusions.


Expert Solution
Questions # 147:

During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:

Options:

A.

Perform a risk assessment


B.

Perform a gap analysis


C.

Review information security policies


D.

Review the state of security awareness


Expert Solution
Questions # 148:

An incident handler is preparing a forensic image of a hard drive. Which of the following MUST be done to provide evidence that the image is an exact copy of the original?

Options:

A.

Perform a manual verification of file counts.


B.

Encrypt and back up the hard drive before copying.


C.

Use the same hardware for the image as the original.


D.

Perform digital hashing of the original and the image.


Expert Solution
Questions # 149:

Which of the following should be the PRIMARY objective for creating a culture of security within an organization?

Options:

A.

To obtain resources for information security initiatives


B.

To prioritize security within the organization


C.

To reduce risk to acceptable levels


D.

To demonstrate control effectiveness to senior management


Expert Solution
Questions # 150:

Which of the following should be the FIRST consideration for an information security manager after a security incident has been confirmed?

Options:

A.

Executing containment procedures


B.

Determining the root cause


C.

Developing incident reporting criteria


D.

Restoring business operations


Expert Solution
Questions # 151:

Which type of system is MOST effective for monitoring cyber incidents based on impact and tracking them until they are closed?

Options:

A.

Endpoint detection and response (EDR)


B.

Network intrusion detection system (NIDS)


C.

Extended detection and response (XDR)


D.

Security information and event management (SIEM)


Expert Solution
Questions # 152:

Which of the following events is MOST likely to require an organization to revisit its information security framework?

Options:

A.

New services offered by IT


B.

Changes to the risk landscape


C.

A recent cybersecurity attack


D.

A new technology implemented


Expert Solution
Questions # 153:

Which of the following is MOST important for building 4 robust information security culture within an organization?

Options:

A.

Mature information security awareness training across the organization


B.

Strict enforcement of employee compliance with organizational security policies


C.

Security controls embedded within the development and operation of the IT environment


D.

Senior management approval of information security policies


Expert Solution
Questions # 154:

A security incident has been reported within an organization When should an information security manager contact the information owner?

Options:

A.

After the incident has been mitigated


B.

After the incident has been confirmed.


C.

After the potential incident has been togged


D.

After the incident has been contained


Expert Solution
Questions # 155:

Which of the following is MOST likely to reduce the effectiveness of a SIEM system?

Options:

A.

Complex user interface


B.

Misconfiguration of alert thresholds


C.

Weakly encrypted log files


D.

Lack of multi-factor authentication (MFA) for system access


Expert Solution
Questions # 156:

Which of the following is the MOST important reason to involve external forensics experts in evidence collection when responding to a major security breach?

Options:

A.

To ensure evidence is handled by qualified resources


B.

To validate the incident response process


C.

To provide the response team with expert training on evidence handling


D.

To prevent evidence from being disclosed to any internal staff members


Expert Solution
Questions # 157:

Security administration efforts will be greatly reduced following the deployment of which of the following techniques?

Options:

A.

Discretionary access control


B.

Role-based access control


C.

Access control lists


D.

Distributed access control


Expert Solution
Questions # 158:

Which of the following would provide the MOST effective security outcome in an organizations contract management process?

Options:

A.

Performing vendor security benchmark analyses at the request-for-proposal (RFP) stage


B.

Ensuring security requirements are defined at the request-for-proposal (RFP) stage


C.

Extending security assessment to cover asset disposal on contract termination


D.

Extending security assessment to include random penetration testing


Expert Solution
Questions # 159:

An information security manager has become aware that a third-party provider is not in compliance with the statement of work (SOW). Which of the following is the BEST course of action?

Options:

A.

Notify senior management of the issue.


B.

Report the issue to legal personnel.


C.

Initiate contract renegotiation.


D.

Assess the extent of the issue.


Expert Solution
Questions # 160:

Which of the following presents the GREATEST risk associated with the use of an automated security information and event management (SIEM) system?

Options:

A.

Low number of false positives


B.

Low number of false negatives


C.

High number of false positives


D.

High number of false negatives


Expert Solution
Viewing page 8 out of 17 pages
Viewing questions 141-160 out of questions