Pass Your ISACA Exam with CISM Exam Dumps (Updated 1340 Questions)
CISM Exam Dumps - ISACA Practice Test Questions
Besides that, this section will test your skills in the following:
- To evaluate the effectiveness and efficiency of information security management, one should know how to monitor and analyze program management and operational metrics;
- To ensure whether the information security program adds value and protects the business, one should know how to align the information security program with the operational objectives of other functions of the business;
- Maintaining and establishing the information security program in line with the information security strategy;
- Establishing a program for information security awareness and training for the effectiveness of security statistics.
NEW QUESTION 628
Which of the following is the MOST important reason to consider the role of the IT service desk when developing incident handling procedures?
- A. Untrained service desk personnel may be a cause of security incidents.
- B. The service desk provides information to prioritize systems recovery based or> user demand
- C. The service desk provides a source for the identification of security incidents.
- D. Service desk personnel have information on how to resolve common systems issues
Answer: C
NEW QUESTION 629
Which of the following should be done FIRST when establishing a new data protection program that must comply with applicable data privacy regulations?
- A. Update disciplinary processes to address privacy violations
- B. Create an inventory of systems where personal C stored
- C. Encrypt all personal data stored on systems and networks
- D. Evaluate privacy technologies required for data protection
Answer: B
NEW QUESTION 630
A global organization is developing an incident response team (IRT). The organization wants to keep headquarters informed of all incidents and wants to be able to present a unified response to widely dispersed events.
Which of the following IRT models BEST supports these objectives?
- A. Central IRT
- B. Coordinating IRT
- C. Holistic IRT
- D. Distributed IRT
Answer: A
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
NEW QUESTION 631
What is the BEST method to verify that all security patches applied to servers were properly documented?
- A. Trace change control requests to operating system (OS) patch logs
- B. Trace OS patch logs to change control requests
- C. Review change control documentation for key servers
- D. Trace OS patch logs to OS vendor's update documentation
Answer: B
Explanation:
Explanation
To ensure that all patches applied went through the change control process, it is necessary to use the operating system (OS) patch logs as a starting point and then check to see if change control documents are on file for each of these changes. Tracing from the documentation to the patch log will not indicate if some patches were applied without being documented. Similarly, reviewing change control documents for key servers or comparing patches applied to those recommended by the OS vendor's web site does not confirm that these security patches were properly approved and documented.
NEW QUESTION 632
Which of the following should be done FIRST when selecting performance metrics to report on the vendor risk management process?
- A. Review the confidentiality requirements.
- B. Select the data source
- C. Identify the intended audience.
- D. Identify the data owner.
Answer: D
NEW QUESTION 633
Which of the following is MOST important when selecting a third-party security operations center?
- A. Indemnity clauses
- B. Independent controls assessment
- C. Business continuity plans
- D. Incident response plans
Answer: B
NEW QUESTION 634
Human resources is evaluating potential Software as a Service (SaaS) cloud services, Which of the following should the information security manager do FIRST to support..
- A. Conduct a security audit on the cloud service providers.
- B. Perform a risk assessment of adopting cloud services.
- C. Perform a cost-benefit analysis of using cloud services.
- D. Review the cloud service providers" controls reports.
Answer: B
NEW QUESTION 635
A security manager is preparing a report to obtain the commitment of executive management to a security program. Inclusion of which of the following would be of MOST value?
- A. Associating realistic threats to corporate objectives
- B. Statement of generally accepted best practices
- C. Examples of genuine incidents at similar organizations
- D. Analysis of current technological exposures
Answer: A
Explanation:
Linking realistic threats to key business objectives will direct executive attention to them. All other options are supportive but not of as great a value as choice C when trying to obtain the funds for a new program.
NEW QUESTION 636
The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:
- A. serve as evidence of security awareness training.
- B. assign accountability for transactions made with the user's ID.
- C. maintain compliance with industry best practices.
- D. maintain an accurate record of users' access rights.
Answer: D
NEW QUESTION 637
Which of the following is the MOST effective method to help ensure information security incidents are reported?
- A. Implementing an incident management system
- B. Integrating information security language in conditions of employment
- C. Providing information security awareness training to employees
- D. Integrating information security language in corporate compliance rules
Answer: C
NEW QUESTION 638
The BEST protocol to ensure confidentiality of transmissions in a business-to-customer (B2C) financial web application is:
- A. Secure Shell (SSH).
- B. IP Security (IPSec).
- C. Secure Sockets Layer (SSL).
- D. Secure/Multipurpose Internet Mail Extensions (S/MIME ).
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure communications providing end point authentication and communications privacy over the Internet. In typical use, all data transmitted between the customer and the business are, therefore, encrypted by the business's web server and remain confidential. SSH File Transfer Protocol (SFTP) is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. It is typically used with the SSH-2 protocol to provide secure file transfer. IP Security (IPSec) is a standardized framework for securing Internet Protocol (IP) communications by encrypting and/or authenticating each IP packet in a data stream. There are two modes of IPSec operation: transport mode and tunnel mode. Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and signing of e-mail encapsulated in MIME; it is not a web transaction protocol.
NEW QUESTION 639
Identification and prioritization of business risk enables project managers to:
- A. accelerate completion of critical paths.
- B. reduce the overall amount of slack time.
- C. establish implementation milestones.
- D. address areas with most significance.
Answer: D
Explanation:
Explanation/Reference:
Explanation:
Identification and prioritization of risk allows project managers to focus more attention on areas of greater importance and impact. It will not reduce the overall amount of slack time, facilitate establishing implementation milestones or allow a critical path to be completed any sooner.
NEW QUESTION 640
Which of the following should be done FIRST when selecting performance metrics to report on the vendor risk management process?
- A. Review the confidentiality requirements.
- B. Select the data source
- C. Identify the data owner.
- D. Identify the intended audience.
Answer: D
NEW QUESTION 641
Which of the following is the BEST method to defend against social engineering attacks?
- A. Monitor for unauthorized access attempts and failed logins.
- B. Communicate guidelines to limit information posted to public sites.
- C. Employ the use of a web-content filtering solution.
- D. Periodically perform antivirus scans to identify malware.
Answer: C
NEW QUESTION 642
The BEST way to determine if an anomaly-based intrusion detection system (IDS) is properly installed is to:
- A. audit the configuration of the IDS.
- B. use a honeypot to check for unusual activity.
- C. simulate an attack and review IDS performance.
- D. benchmark the IDS against a peer site.
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Simulating an attack on the network demonstrates whether the intrusion detection system (IDS) is properly tuned. Reviewing the configuration may or may not reveal weaknesses since an anomaly-based system uses trends to identify potential attacks. A honeypot is not a good first step since it would need to have already been penetrated. Benchmarking against a peer site would generally not be practical or useful.
NEW QUESTION 643
Which of the following processes BEST supports the evaluation of incident response effectiveness?
- A. Chain of custody
- B. Postincident review
- C. Root cause analysis
- D. Incident logging
Answer: C
NEW QUESTION 644
Which of the following is a key area of the ISO 27001 framework?
- A. Operational risk assessment
- B. Business continuity management
- C. Capacity management
- D. Financial crime metrics
Answer: B
Explanation:
Operational risk assessment, financial crime metrics and capacity management can complement the information security framework, but only business continuity management is a key component.
NEW QUESTION 645
Which of the following is generally considered a fundamental component of an information security program?
- A. Security awareness training
- B. Intrusion prevention systems (IPSs)
- C. Automated access provisioning
- D. Role-based access control systems
Answer: A
Explanation:
Explanation/Reference:
Explanation:
Without security awareness training, many components of the security program may not be effectively implemented. The other options may or may not be necessary, but are discretionary.
NEW QUESTION 646
An organization recently rolled out a new procurement program that does not include any security requirements. Which of the following should the information security manager do FIRST?
- A. Conduct security assessments of vendors based on value of annual spend with each vendor.
- B. Ask internal audit to conduct an assessment of the current state of third-party security controls.
- C. Escalate the procurement program gaps to the compliance department in case of noncompliance issues.
- D. Meet with the head of procurement to discuss aligning security with the organization's operational objectives.
Answer: D
NEW QUESTION 647
Which of the following BEST indicates an effective vulnerability management program?
- A. Vulnerabilities are reported in a timely manner.
- B. Risks are managed within acceptable limits.
- C. Vulnerabilities are managed proactively.
- D. Threats are identified accurately.
Answer: C
NEW QUESTION 648
Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?
- A. Attackers could compromise the VPN gateway
- B. VPN traffic could be sniffed and captured
- C. Client logins are subject to replay attack
- D. Compromised VPN clients could impact the network
Answer: B
Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
Explanation/Reference:
Reference https://resources.infosecinstitute.com/importance-effective-vpn-remote-access-policy/#gref
NEW QUESTION 649
A risk profile supports effective security decisions PRIMARILY because it:
- A. defines how to best mitigate future risks.
- B. identifies priorities for risk reduction.
- C. describes security threats.
- D. enables comparison with industry best practices.
Answer: B
Explanation:
Section: INFORMATION RISK MANAGEMENT
NEW QUESTION 650
......
New Real CISM Exam Dumps Questions: https://drive.google.com/open?id=1ZK3wAwa9v4JXlJUQe1QjotUyqvLVwh3l
Pass Your CISM Exam Easily with Accurate PDF Questions: https://www.prep4king.com/CISM-exam-prep-material.html
