Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

CISMFree trial

By isaca

Verified

25Q per page

Question 201

Which of the following is the PRIMARY reason for an information security manager to present the business case for an information security initiative to senior management?

A: To aid management in the decision-making process for purchasing the solution
B: To represent stakeholders who will benefit from enhancements in information security
C: To provide management with the status of the information security program
D: To demonstrate to management the due diligence involved with selecting the solution

—

Question 202

An organization has implemented a new email filter to mitigate risk associated with its email system. Who is BEST suited to be the control owner?

A: Head of IT department
B: Head of compliance
C: Head of corporate communications
D: Head of information security

—

Question 203

When introducing a new information asset, what is the MOST important responsibility of the asset owner?

A: Information backup
B: Information access administration
C: Information disposal
D: Information classification

—

Question 204

When establishing an information security governance framework, it is MOST important for an information security manager to understand:

A: information security best practices.
B: the corporate culture.
C: risk management techniques.
D: the threat environment.

—

Question 205

When updating the information security policy to accommodate a new regulation, the information security manager should FIRST:

A: review key risk indicators (KRIs).
B: consult process owners.
C: update key performance indicators (KPIs).
D: perform a gap analysis.

—

Question 206

Which of the following is the BEST way to align security and business strategies?

A: Establish key performance indicators (KPIs) for the business.
B: Integrate information security governance into corporate governance.
C: Ensure the information security program conforms to industry standards.
D: Include security risk as part of ongoing metrics reporting.

—

Question 207

Which of the following should an information security manager do FIRST when developing a security framework?

A: Document security procedures
B: Conduct an asset inventory
C: Update the security policy
D: Perform a gap analysis

—

Question 208

A Software as a Service (SaaS) application has been implemented to support a critical business process. Which of the following is MOST important to include within the service level agreement (SLA) to ensure timely response to incidents affecting the application?

A: Vendor declarations and warranties
B: Enhanced monitoring of in-scope systems
C: Defined incident response roles and responsibilities
D: Established incident response procedures

—

Question 209

Of the following, who is BEST positioned to perform a business impact analysis (BIA)?

A: The information security team
B: Process owners
C: The IT team
D: Business continuity management auditors

—

Question 210

Which of the following is the BEST indication of an effective disaster recovery planning process?

A: Recovery time objectives (RTOs) are shorter than recovery point objectives (RPOs)
B: Hot sites are required for any declared disaster
C: Post-incident reviews are conducted after each event
D: Chain of custody is maintained throughout the disaster recovery process

—

Question 211

Which of the following provides the BEST input to determine the level of protection needed for an IT system?

A: Vulnerability assessment
B: Asset classification
C: Threat analysis
D: Internal audit findings

—

Question 212

During a security assessment, an information security manager finds a number of security patches were not installed on a server hosting a critical business application. The application owner did not approve the patch installation to avoid interrupting the application. Which of the following should be the information security manager's FIRST course of action?

A: Report the risk to the information security steering committee.
B: Determine mitigation options with IT management.
C: Communicate the potential impact to the application owner.
D: Escalate the risk to senior management.

—

Question 213

Which of the following should be the FIRST consideration for an information security manager after a security incident has been confirmed?

A: Developing incident reporting criteria
B: Executing containment procedures
C: Restoring business operations
D: Determining the root cause

—

Question 214

Which of the following actions will BEST resolve the root cause of a cyber incident involving unauthorized network access due to a critical vulnerability on a web server?

A: Improving the patching process
B: Locking accounts with unauthorized access
C: Isolating affected systems
D: Terminating malicious network connections

—

Question 215

Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:

A: noted and re-examined later if similar weaknesses are found
B: tracked and reported on until their final resolution
C: quickly resolved and eliminated regardless of cost
D: documented in security awareness programs

—

Question 216

Which of the following is an information security manager’s MOST important action during the third-party provider selection process?

A: Determining it the third party is sufficiently staffed
B: Performing a network penetration test
C: Analyzing the third party’s existing control environment
D: Consulting with the third party’s clients

—

Question 217

Which of the following risk assessment findings for an online-only business should be given the HIGHEST priority to address availability concerns?

A: The back office system that processes payments to providers has slowed.
B: The web server for the online store was found to be vulnerable to distributed denial of service (DDoS) attacks.
C: Email authentication through a connector to a single sign-on (SSO) service has a history of failure.
D: The access point for the visitor WiFi network has several unpatched vulnerabilities.

—

Question 218

At which stage of business continuity planning is risk identification performed?

A: Impact analysis
B: Stakeholder meeting
C: Development
D: Project planning

—

Question 219

An information security team plans to strengthen authentication requirements for a customer-facing site, but there are concerns it will negatively impact the user experience. Which of the following is the information security manager's BEST course of action?

A: Refer to industry best practices.
B: Quantify the security risk to the business.
C: Provide security awareness training to customers.
D: Assess business impact against security risk.

—

Question 220

Which of the following is the PRIMARY reason for executive management to be involved in establishing an enterprise’s security management framework?

A: To determine the desired state of enterprise security
B: To satisfy auditors’ recommendations for enterprise security
C: To ensure industry best practices for enterprise security are followed
D: To establish the minimum level of controls needed

—

Question 221

Which of the following is MOST important for an information security manager to consider when determining whether data should be stored?

A: Type and nature of data
B: Business requirements
C: Data storage limitations
D: Data protection regulations

—

Question 222

A business unit recently integrated the organization’s new strong password policy into its business application which requires users to reset passwords every 30 days. The help desk is now flooded with password reset requests. Which of the following is the information security manager’s BEST course of action to address this situation?

A: Conduct a business impact analysis (BIA)
B: Provide end-user training
C: Escalate to senior management
D: Continue to enforce the policy

—

Question 223

Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?

A: The ability to remotely locate devices
B: The ability to centrally manage devices
C: The ability to restrict unapproved applications
D: The ability to classify types of devices

—

Question 224

Which of the following BEST indicates an effective vulnerability management program?

A: Security incidents are reported in a timely manner.
B: Threats are identified accurately.
C: Controls are managed proactively.
D: Risks are managed within acceptable limits.

—

Question 225

Which of the following is the MOST important objective when planning an incident response program?

A: Minimizing business impact
B: Managing resources
C: Recovering from a disaster
D: Ensuring IT resiliency

—

Page 9 of 50 • Questions 201-225 of 1249

←

7 8 9 10 11

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!