[May-2023] CISM Dumps Full Questions - Isaca Certification Exam Study Guide
Exam Questions and Answers for CISM Study Guide
There are many types of study materials offered by ISACA, which are available in English, Japanese, Spanish, and Chinese. You can find training videos and eBooks. Thus, you can go for the following guides that are available on Amazon to learn the exam topics:
- CISM Certified Information Security Manager All-in-One Exam Guide 1st Edition by Peter H. Gregory;
- CISM Review Manual.
The vendor also offers virtual instructor-led training, on-site courses, online review courses, and a lot of other resources. Attending an online course a week or two before the exam can also be beneficial. It is intended solely to prepare you for the test and the instructors may sometimes point to the topics you should pay attention to. After its completion, you will have the CISM Self-Assessment exam with 75 questions that will show you how much you are prepared for the actual test. If you have done this assessment well, then you do not have to be worried about the real exam. The online course covers all the objectives and offers you plenty of interactive workbooks, case study activities, and interactive modules.
NEW QUESTION # 57
When a proposed system change violates an existing security standard, the conflict would be BEST resolved by:
- A. enforcing the security standard.
- B. calculating the residual risk.
- C. implementing mitigating controls.
- D. redesigning the system change.
Answer: C
Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
NEW QUESTION # 58
An organization's marketing department has requested access to cloud-based collaboration sites for exchanging media files with external marketing companies. As a result, the information security manager has been asked to perform a risk assessment. Which of the following should be the MOST important consideration?
- A. Methods for transferring the information
- B. The information to be exchanged
- C. Reputations of the external marketing companies
- D. The security of the third-party cloud provider
Answer: B
NEW QUESTION # 59
Which of the following is the MOST important reason to monitor information risk on a continuous basis?
- A. The risk profile can change over time.
- B. The effectiveness of controls can be verified.
- C. Risk assessment errors can be identified.
- D. The cost of controls can be minimized.
Answer: A
NEW QUESTION # 60
Which of the following would be MOST critical to the successful implementation of a biometric authentication system?
- A. User acceptance
- B. Budget allocation
- C. Technical skills of staff
- D. Password requirements
Answer: A
Explanation:
End users may react differently to the implementation, and may have specific preferences. The information security manager should be aware that what is viewed as reasonable in one culture may not be acceptable in another culture. Budget allocation will have a lesser impact since what is rejected as a result of culture cannot be successfully implemented regardless of budgetary considerations. Technical skills of staff will have a lesser impact since new staff can be recruited or existing staff can be trained. Although important, password requirements would be less likely to guarantee the success of the implementation.
NEW QUESTION # 61
The effectiveness of an incident response team will be GREATEST when:
- A. the incident response team members are trained security personnel,
- B. incidents are identified using a security information and event monitoring (SIEM) system.
- C. the incident response process is updated based on lessons learned,
- D. the incident response team meets on a regular basis to review log files
Answer: C
NEW QUESTION # 62
Which of the following would BEST justify spending for a compensating control?
- A. Vulnerability analysis
- B. Risk analysis
- C. Threat analysis
- D. Peer benchmarking
Answer: B
Explanation:
Section: INFORMATION RISK MANAGEMENT
NEW QUESTION # 63
Information classification is a fundamental step in determining:
- A. the security strategy that should be used
- B. who has ownership of information.
- C. whether risk analysis objectives are met.
- D. the type of metrics that should be captured
Answer: A
NEW QUESTION # 64
What should be the information security manager's MOST important consideration when planning a disaster recovery test?
- A. Organization-wide involvement
- B. Stakeholder notification procedures
- C. Impact to production systems
- D. Documented escalation processes
Answer: C
Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
NEW QUESTION # 65
In an organization, information systems security is the responsibility of:
- A. all personnel.
- B. information systems personnel.
- C. functional personnel.
- D. information systems security personnel.
Answer: A
Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
All personnel of the organization have the responsibility of ensuring information systems security-this can include indirect personnel such as physical security personnel. Information systems security cannot be the responsibility of information systems personnel alone since they cannot ensure security. Information systems security cannot be the responsibility of information systems security personnel alone since they cannot ensure security. Information systems security cannot be the responsibility of functional personnel alone since they cannot ensure security.
NEW QUESTION # 66
Senior management has launched an enterprise-wide initiative to streaming internal processes to reduce costs, including security processes. What should the information security manager rely on MOST
to allocate resources efficiently?
- A. Return on investment (ROI)
- B. Internal audit reports
- C. Capability maturity assessment
- D. Risk classification
Answer: D
NEW QUESTION # 67
Which of the following controls would BEST prevent accidental system shutdown from the console or operations area?
- A. Shutdown alarms
- B. Protective switch covers
- C. Redundant power supplies
- D. Biometric readers
Answer: B
Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation/Reference:
Explanation:
Protective switch covers would reduce the possibility of an individual accidentally pressing the power button on a device, thereby turning off the device. Redundant power supplies would not prevent an individual from powering down a device. Shutdown alarms would be after the fact. Biometric readers would be used to control access to the systems.
NEW QUESTION # 68
The MOST appropriate role for senior management in supporting information security is the:
- A. assessment of risks to the organization.
- B. monitoring adherence to regulatory requirements.
- C. evaluation of vendors offering security products.
- D. approval of policy statements and funding.
Answer: D
Explanation:
Explanation
Since the members of senior management are ultimately responsible for information security, they are the ultimate decision makers in terms of governance and direction. They are responsible for approval of major policy statements and requests to fund the information security practice. Evaluation of vendors, assessment of risks and monitoring compliance with regulatory requirements are day-to-day responsibilities of the information security manager; in some organizations, business management is involved in these other activities, though their primary role is direction and governance.
NEW QUESTION # 69
Which of the following is the BEST course of action when an online company discovers a network attack in progress?
- A. Enable trace logging on ail events
- B. Isolate the affected network segment
- C. Shut off all network access points
- D. Dump all event logs to removable media
Answer: B
Explanation:
Explanation
The BEST course of action when an online company discovers a network attack in progress is to isolate the affected network segment. This prevents the attacker from gaining further access to the network and limits the scope of the attack. Dumping event logs to removable media and enabling trace logging may be useful for forensic purposes, but should not be the first course of action in the midst of an active attack. Shutting off all network access points would be too drastic and would prevent legitimate traffic from accessing the network.
NEW QUESTION # 70
Which of the following steps in conducting a risk assessment should be performed FIRST?
- A. Identity business assets
- B. Evaluate key controls
- C. Assess vulnerabilities
- D. Identify business risks
Answer: A
Explanation:
Risk assessment first requires one to identify the business assets that need to be protected before identifying the threats. The next step is to establish whether those threats represent business risk by identifying the likelihood and effect of occurrence, followed by assessing the vulnerabilities that may affect the security of the asset. This process establishes the control objectives against which key controls can be evaluated.
NEW QUESTION # 71
Which of the following is the MOST effective way to help staff members understand their responsibilities for information security?
- A. Require staff to participate in information security awareness training.
- B. Include information security responsibilities in job descriptions.
- C. Require staff to sign confidentiality agreements.
- D. Communicate disciplinary processes for policy violations.
Answer: A
NEW QUESTION # 72
Ensuring that an organization can conduct security reviews within third-party facilities is PRIMARILY enabled by:
- A. acceptance of the organization's security policies
- B. audit guidelines
- C. service level agreements (SLAs)
- D. contractual agreements
Answer: C
Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
NEW QUESTION # 73
An unauthorized user gained access to a merchant's database server and customer credit card information.
Which of the following would be the FIRST step to preserve and protect unauthorized intrusion activities?
- A. Duplicate the hard disk of the server immediately.
- B. Shut down and power off the server.
- C. Isolate the server from the network.
- D. Copy the database log file to a protected server.
Answer: C
Explanation:
Explanation
Isolating the server will prevent further intrusions and protect evidence of intrusion activities left in memory and on the hard drive. Some intrusion activities left in virtual memory may be lost if the system is shut down.
Duplicating the hard disk will only preserve the evidence on the hard disk, not the evidence in virtual memory, and will not prevent further unauthorized access attempts. Copying the database log file to a protected server will not provide sufficient evidence should the organization choose to pursue legal recourse.
NEW QUESTION # 74
Security awareness training should be provided to new employees:
- A. on an as-needed basis.
- B. before they have access to data.
- C. along with department staff.
- D. during system user training.
Answer: B
Explanation:
Explanation/Reference:
Explanation:
Security awareness training should occur before access is granted to ensure the new employee understands that security is part of the system and business process. All other choices imply that security awareness training is delivered subsequent to the granting of system access, which may place security as a secondary step.
NEW QUESTION # 75
The use of a business case to obtain funding for an information security investment is MOST effective when the business case:
- A. realigns information secunty objectives to organizational strategy,
- B. articulates management s intent and information security directives in clear language.
- C. relates the investment to the organization's strategic plan.
- D. translates information security policies and standards into business requirements.
Answer: C
NEW QUESTION # 76
......
Certified Information Security Manager Free Update With 100% Exam Passing Guarantee: https://examcollection.dumpsvalid.com/CISM-brain-dumps.html