Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
CISM
Free trial
Verified
Question 26
Which of the following is the BEST way to reduce the risk of security incidents from targeted email attacks?
- A: Conduct awareness training across the organization.
- B: Require acknowledgment of the acceptable use policy.
- C: Disable all incoming cloud mail services.
- D: Implement a data loss prevention (DLP) system.
Question 27
Which of the following is the PRIMARY benefit of an information security awareness training program?
- A: Evaluating organizational security culture
- B: Enforcing security policy
- C: Influencing human behavior
- D: Defining risk accountability
Question 28
Which of the following MOST effectively supports an organization's security culture?
- A: Business unit security metrics
- B: An information governance framework
- C: Stakeholder involvement
- D: A security mission statement
Question 29
A new type of ransomware has infected an organization's network. Which of the following would have BEST enabled the organization to detect this situation?
- A: Periodic information security training for end users
- B: Use of integrated patch deployment tools
- C: Regular review of the threat landscape
- D: Monitoring of anomalies in system behavior
Question 30
Which of the following should an information security manager do FIRST upon notification of a potential security risk associated with a third-party service provider?
- A: Determine risk treatment options.
- B: Conduct a vulnerability analysis.
- C: Escalate to the third-party provider.
- D: Conduct a risk analysis.
Question 31
A security incident has been reported within an organization. When should an information security manager contact the information owner?
- A: After the potential incident has been logged
- B: After the incident has been contained
- C: After the incident has been confirmed
- D: After the incident has been mitigated
Question 32
An incident management team leader sends out a notification that the organization has successfully recovered from a cyberattack. Which of the following should be done NEXT?
- A: Secure and preserve digital evidence for analysis.
- B: Gather feedback on business impact.
- C: Conduct a meeting to capture lessons learned.
- D: Prepare an executive summary for senior management.
Question 33
Which of the following defines the MOST comprehensive set of security requirements for a newly developed information system?
- A: Baseline controls
- B: Audit findings
- C: Risk assessment results
- D: Key risk indicators (KRIs)
Question 34
Which of the following information security practices would BEST prevent a SQL injection attack?
- A: Adopting agile development
- B: Enhancing the patching program
- C: Training developers on secure coding practices to reduce vulnerabilities
- D: Performing vulnerability testing before each version release
Question 35
Which of the following is a viable containment strategy for a distributed denial of service (DDoS) attack?
- A: Block IP addresses used by the attacker.
- B: Disable firewall ports exploited by the attacker.
- C: Power oft affected servers.
- D: Redirect the attacker's traffic.
Question 36
In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?
- A: Non-standard event logs
- B: Access to the hardware
- C: Data encryption
- D: Compressed customer data
Question 37
A data discovery project uncovers an unclassified process document. Of the following, who is BEST suited to determine the classification?
- A: Creator of the document
- B: Data custodian
- C: Information security manager
- D: Security policy author
Question 38
Which of the following is MOST important to include in a post-incident report?
- A: Forensic analysis results
- B: List of potentially compromised assets
- C: Root cause analysis
- D: Service level agreements (SLAs)
Question 39
When creating an incident response plan, the triggers for the business continuity plan (BCP) MUST be based on:
- A: a threat assessment.
- B: recovery time objectives (RTOs).
- C: a business impact analysis (BIA).
- D: a risk assessment.
Question 40
An organization's information security strategy should be the PRIMARY input to which of the following?
- A: Security governance framework design
- B: Enterprise risk scenario development
- C: Security program metrics
- D: Organizational risk appetite
Question 41
Which of the following BEST enables an organization to enhance its incident response plan processes and procedures?
- A: Information security audits
- B: Security risk assessments
- C: Lessons learned analysis
- D: Key performance indicators (KPIs)
Question 42
Which of the following is BEST used to determine the maturity of an information security program?
- A: Organizational risk appetite
- B: Risk assessment results
- C: Security metrics
- D: Security budget allocation
Question 43
Which of the following should be done FIRST when developing an information security strategy that is aligned with organizational goals?
- A: Establish a security risk framework with key risk indicators (KRIs).
- B: Determine information security's impact on the achievement of organizational goals.
- C: Assess information security risk associated with the organizational goals
- D: Select information security projects related to the organizational goals.
Question 44
A business impact analysis (BIA) BEST enables an organization to establish:
- A: annualized loss expectancy (ALE).
- B: recovery methods.
- C: restoration priorities.
- D: total cost of ownership (TCO).
Question 45
Which of the following is the PRIMARY objective of developing an information security program that aligns with the information security strategy?
- A: To define the resources required to achieve information security goals
- B: To define a bottom-up approach for implementing information security policies
- C: To define standards to be implemented
- D: To define risk mitigation plans for security technologies
Question 46
Which of the following is MOST important to include in an information security framework?
- A: Guidance for designing information security controls
- B: Information security organizational structure
- C: Industry benchmarks of information security metrics
- D: Information security risk assessment
Question 47
The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process is to:
- A: obtain the support of executive management.
- B: document the disaster recovery process.
- C: map the business process to supporting IT and other corporate resources.
- D: identify critical processes and the degree of reliance on support services.
Question 48
An organization learns that a service provider experienced a breach last month and did not notify the organization. Which of the following should be the information security manager's FIRST course of action?
- A: Terminate the provider contract.
- B: Conduct a business impact analysis (BIA).
- C: Inform senior management.
- D: Review the provider contract.
Question 49
Which of the following approaches to communication with senior management BEST enables an information security manager to maximize the effectiveness of the information security program?
- A: Reporting on industry security threats with potential impact to business objectives
- B: Conducting periodic one-on-one meetings to align security with business objectives
- C: Participating in operational review meetings to discuss daily operations and dependencies
- D: Providing regular status of updates to security policies and standards
Question 50
Which of the following control types should be considered FIRST for aligning employee behavior with an organization's information security objectives?
- A: Administrative security controls
- B: Access security controls
- C: Technical security controls
- D: Physical security controls
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!