CISMPreview

Which of the following is ESSENTIAL to ensuring effective incident response?

Which of the following is the BEST method for managing information security compliance of third-party suppliers?

A forensic examination of a PC is required, but the PC has been switched off. Which of the following should be done FIRST?

Which of the following is the FIRST step when conducting a post-incident review?

Which of the following is the MOST important reason to consider organizational culture when developing an information security program?

Following a significant change to the underlying code of an application, it is MOST important for the information security manager to:

Which of the following should be an information security managers PRIMARY focus during the development of a critical system storing highly confidential data?

Management of a financial institution accepted an operational risk that consequently led to the temporary deactivation of a critical monitoring process. Which of the following should be the information security manager's GREATEST concern with this situation?

Which of the following should an information security manager do FIRST after discovering that a business unit has implemented a newly purchased application and bypassed the change management process?

Which of the following should be established FIRST when implementing an Information security governance framework?

Which of the following is MOST important to maintain integration among the incident response plan, business continuity plan (BCP), and disaster recovery plan (DRP)?

Which of the following BEST indicates effective information security governance?

Which of the following BEST enables an organization to measure the total time that operations can be sustained at an alternative site designated in the business continuity plan (BCP)?

Which of the following has the GREATEST influence on the successful integration of information security within the business?

Which of the following BEST mitigates the risk or information loss caused by a cloud service provider becoming insolvent?

Which of the following is the BEST way to protect against unauthorized access to an encrypted file sent via email?

A business impact analysis (BIA) should be periodically executed PRIMARILY to:

Which of the following would BEST justify spending for a compensating control?

Which of the following is the MOST important consideration for reporting risk assessment results to senior management?

An information security manager has completed a risk assessment and has determined the residual risk. Which of the following should be the NEXT step?

Which of the following BEST enables an organization to maintain an appropriate security control environment?

Which of the following is MOST important for responding effectively to security breaches?

Senior management has expressed concern that the organization's intrusion prevention system (IPS) may repeatedly disrupt business operations. Which of the following BEST indicates that the information security manager has tuned the system to address this concern?

Which of the following is MOST important for an information security manager to consider when developing a business continuity plan (BCP) for ransomware attacks?