Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CISMFree trial

By isaca

Verified

25Q per page

Question 151

Which of the following BEST demonstrates a security-conscious organizational culture?

A: Security incidents are reported directly to senior management.
B: Security awareness metrics have been established and tracked.
C: Phishing simulations are part of information security training.
D: Employees identify potential incidents and report them.

—

Question 152

Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?

A: Email must be stored in an encrypted format on the mobile device.
B: Users must agree to the use of biometric multi-factor authentication (MFA).
C: A senior manager must approve each new connection.
D: Email synchronization must be prevented when connected to a public Wi-Fi hotspot.

—

Question 153

Which of the following should be the FIRST step when performing triage of a malware incident?

A: Preserving the forensic image
B: Containing the affected system
C: Comparing backup against production
D: Removing the malware

—

Question 154

Which of the following BEST helps to enable the desired information security culture within an organization?

A: Information security awareness training and campaigns
B: Incentives for appropriate information security-related behavior
C: Effective information security policies and procedures
D: Delegation of information security roles and responsibilities

—

Question 155

Which of the following should be the GREATEST concern for an information security manager when an annual audit reveals the organization's business continuity plan (BCP) has not been reviewed or updated in more than a year?

A: The organization may suffer reputational damage for not following industry best practices.
B: The audit finding may impact the overall risk rating of the organization.
C: An outdated BCP may result in less efficient recovery if an actual incident occurs.
D: The lack of updates to the BCP may result in noncompliance with internal policies.

—

Question 156

Which of the following is the MOST important goal of an information security program?

A: Optimizing resources
B: Reducing risk factors
C: Managing controls
D: Enhancing business decision making

—

Question 157

Which of the following functions is MOST critical when initiating the removal of system access for terminated employees?

A: Help desk
B: Legal
C: Information security
D: Human resources (HR)

—

Question 158

Which of the following BEST helps to ensure the effective execution of an organization's disaster recovery plan (DRP)?

A: The plan is based on industry best practices.
B: The plan is reviewed by senior and IT operational management.
C: Procedures are available at the primary and failover location.
D: Process steps are documented by the disaster recovery team.

—

Question 159

Which of the following would be MOST effective in reducing the impact of a distributed denial of service (DDoS) attack?

A: Impose state limits on servers.
B: Spread a site across multiple ISPs.
C: Harden network security.
D: Block the attack at the source.

—

Question 160

The PRIMARY reason for senior management to monitor information security metrics is to ensure:

A: alignment of the information security budget to corporate funding.
B: alignment of information security with corporate governance.
C: alignment of security and IT objectives.
D: alignment with risk mitigation efforts.

—

Question 161

Which of the following is the MOST important reason to perform a privacy impact assessment?

A: To provide assurance to senior management
B: To ensure business data processing has been assessed for risk
C: To ensure compensating controls are in place for key information assets
D: To reduce threats associated with business data processing

—

Question 162

When reporting information security risk to senior management, it is MOST important to include:

A: control risk.
B: inherent risk.
C: detection risk.
D: residual risk.

—

Question 163

Which of the following is MOST likely to improve an organization's security culture?

A: Involving stakeholders in security planning
B: Enforcing penalties for security incidents
C: Communicating security incidents within the industry
D: Incentivizing managers based on security metrics

—

Question 164

Which of the following is MOST important to complete during the recovery phase of an incident response process before bringing affected systems back online?

A: Test and verify that compromised systems are clean.
B: Document recovery steps for senior management reporting.
C: Record and close security incident tickets.
D: Capture and preserve forensic images of affected systems.

—

Question 165

What is the BEST way for an information security manager to improve the effectiveness of risk management in an organization that currently manages risk at the departmental level?

A: Deploy security risk management software in all departments.
B: Determine whether the organization has defined its risk tolerance and risk appetite.
C: Subscribe to external risk reports relevant to each department.
D: Propose that security risk be integrated under a common risk register.

—

Question 166

Which of the following is MOST helpful to an information security manager when determining service level requirements for an outsourced application?

A: Supplier business continuity plan (BCP)
B: Information security policy
C: Application capabilities
D: Data classification

—

Question 167

Which of the following is MOST important to consider when planning the eradication of a cyberattack?

A: The skills and competencies of the eradication team
B: The cost of tools and efforts required for the process
C: Obtain a clean backup of the operating system
D: Knowledge about the type and source of the threat

—

Question 168

The authorization to transfer the handling of an internal security incident to a third-party support provider is PRIMARILY defined by the:

A: escalation procedures.
B: information security manager.
C: chain of custody.
D: disaster recovery plan (DRP).

—

Question 169

Which of the following BEST enables an information security manager to identify changes in the threat landscape due to emerging technologies?

A: Input from external experts
B: Annual security assessments
C: Periodic risk assessments
D: Benchmarking against industry peers

—

Question 170

An enterprise has decided to procure security services from a third-party vendor to support its information security program. Which of the following is MOST important to include in the vendor selection criteria?

A: The maturity of the vendor's internal control environment
B: Feedback from the vendor's previous clients
C: Alignment of the vendor's business objectives with enterprise security goals
D: Penetration testing against the vendor's network

—

Question 171

The resilience requirements of an application are BEST determined by:

A: a cost-benefit analysis.
B: a threat assessment.
C: a business impact analysis (BIA).
D: a risk assessment.

—

Question 172

Which of the following BEST facilitates recovery of data lost as a result of a cybersecurity incident?

A: Disaster recovery plan (DRP)
B: Offsite data backups
C: Encrypted data drives
D: Removable storage media

—

Question 173

Which of the following is MOST important to the successful implementation of a new information security program?

A: Evaluating current information security processes
B: Gaining commitment from senior management
C: Conducting regular external benchmarking
D: Monitoring key performance indicators (KPIs)

—

Question 174

An information security team has confirmed that threat actors are taking advantage of a newly announced critical vulnerability within an application. Which of the following should be done FIRST?

A: Notify senior management.
B: Prevent access to the application.
C: Invoke the incident response plan.
D: Install additional application controls.

—

Question 175

Which of the following is the MOST important consideration when evaluating the performance of existing security controls?

A: Interviewing control owners to accurately collect metrics data
B: Establishing testing scenarios based on international standards
C: Selecting testing methods that match the purpose of the testing
D: Obtaining senior management support to facilitate testing

—

Page 7 of 50 • Questions 151-175 of 1249

←

5 6 7 8 9

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!