Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
CISM
Free trial
Verified
Question 126
Before approving the implementation of a new security solution, senior management requires a business case. Which of the following would BEST support the justification for investment?
- A: The solution contributes to business strategy.
- B: The solution improves business risk tolerance levels.
- C: The solution reduces the cost of noncompliance with regulations.
- D: The solution improves business resiliency.
Question 127
When an organization implements an information security governance framework, it is MOST important for executive leadership to have a direct role in:
- A: reviewing the information security policy directing the organization.
- B: developing technical key risk indicators (KRIs) for information security.
- C: implementing information security metrics for the organization.
- D: approving information security standards and procedures for the organization.
Question 128
Which of the following should have the MOST influence on an organization's response to a new industry regulation?
- A: The organization's risk control baselines
- B: The organization's control objectives
- C: The organization's risk management framework
- D: The organization's risk appetite
Question 129
Biometrics are BEST used for:
- A: authorization.
- B: authentication.
- C: auditing.
- D: accounting.
Question 130
Predetermined containment methods to be used in a cybersecurity incident response should be based PRIMARILY on the:
- A: capability of incident handlers.
- B: type of confirmed incident.
- C: predicted incident duration.
- D: number of impacted users.
Question 131
Communicating which of the following would be MOST helpful to gain senior management support for risk treatment options?
- A: Threat analysis
- B: Root cause analysis
- C: Quantitative loss
- D: Industry benchmarks
Question 132
Which of the following is the PRIMARY objective of information asset classification?
- A: Threat minimization
- B: Vulnerability reduction
- C: Risk management
- D: Compliance management
Question 133
Which of the following trends would be of GREATEST concern when reviewing the performance of an organization's intrusion detection systems (IDSs)?
- A: Increase in false negatives
- B: Increase in false positives
- C: Decrease in false positives
- D: Decrease in false negatives
Question 134
Management would like to understand the risk associated with engaging an Infrastructure-as-a-Service (IaaS) provider compared to hosting internally. Which of the following would provide the BEST method of comparing risk scenarios?
- A: Reviewing mitigating and compensating controls for each risk scenario
- B: Mapping the risk scenarios by likelihood and impact on a chart
- C: Performing a risk assessment on the IaaS provider
- D: Mapping risk scenarios according to sensitivity of data
Question 135
The BEST way to avoid session hijacking is to use:
- A: strong password controls.
- B: a firewall.
- C: a reverse lookup.
- D: a secure protocol.
Question 136
Which of the following is the PRIMARY reason to regularly update business continuity and disaster recovery documents?
- A: To ensure audit and compliance requirements are met
- B: To enforce security policy requirements
- C: To maintain business asset inventories
- D: To ensure the availability of business operations
Question 137
Which of the following will have the GREATEST impact on the development of the information classification scheme consisting of various classification levels?
- A: Value of the information
- B: Data format
- C: Owners of the information
- D: Organizational structure
Question 138
To prepare for a third-party forensics investigation following an incident involving malware, the incident response team should:
- A: clean the malware.
- B: isolate the infected systems.
- C: image the infected systems.
- D: preserve the evidence.
Question 139
Of the following, who should own the risk associated with unauthorized access to application data?
- A: Data custodian
- B: Application developer
- C: Application owner
- D: Access administrator
Question 140
The categorization of incidents is MOST important for evaluating which of the following?
- A: Appropriate communication channels
- B: Risk severity and incident priority
- C: Allocation of needed resources
- D: Response and containment requirements
Question 141
An organization learns that a third party has outsourced critical functions to another external provider. Which of the following is the information security manager's MOST important course of action?
- A: Engage an independent audit of the third party's external provider.
- B: Conduct an external audit of the contracted third party.
- C: Recommend canceling the contract with the third party.
- D: Evaluate the third party's agreements with its external provider.
Question 142
An organization has acquired a new system with strict maintenance instructions and schedules. Where should this information be documented?
- A: Standards
- B: Procedures
- C: Guidelines
- D: Policies
Question 143
The PRIMARY benefit of using http secure (https) is that it provides:
- A: confidentiality of data transmitted.
- B: integrity for data at rest.
- C: authentication.
- D: better session traceability.
Question 144
An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?
- A: Employees are trained on the acceptable use policy.
- B: Employees use smartphone tethering when accessing from remote locations.
- C: Employees use the VPN when accessing the organization's online resources.
- D: Employees physically lock PCs when leaving the immediate area.
Question 145
To improve an organization's information security culture, it is MOST important for senior management to:
- A: participate in security training.
- B: review security budget and resources.
- C: demonstrate good security practices.
- D: approve security policies.
Question 146
A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following would
MOST effectively allow the hospital to avoid paying the ransom?
- A: A continual server replication process
- B: Employee training on ransomware
- C: A properly tested offline backup system
- D: A properly configured firewall
Question 147
Which of the following BEST illustrates residual risk within an organization?
- A: Balanced scorecard
- B: Risk management framework
- C: Business impact analysis (BIA)
- D: Heat map
Question 148
Which of the following is the MOST effective way to determine the alignment of an information security program with the business strategy?
- A: Evaluate the results of business continuity testing.
- B: Evaluate the business impact of incidents.
- C: Review key performance indicators (KPIs).
- D: Engage business process owners.
Question 149
An organization experienced a loss of revenue during a recent disaster. Which of the following would BEST prepare the organization to recover?
- A: Business impact analysis (BIA)
- B: Incident response plan
- C: Disaster recovery plan (DRP)
- D: Business continuity plan (BCP)
Question 150
Which of the following is the MOST important success factor when developing an information security strategy?
- A: The delivery of the strategy is adequately funded.
- B: The strategy is aligned with an industry-recognized security control framework.
- C: The strategy is based on proven technologies and industry trends.
- D: The strategy is approved by the board and executive management.
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!