100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISM practice test Questions & 100% Correct Answers $13.49   Add to cart

Exam (elaborations)

CISM practice test Questions & 100% Correct Answers

 8 views  0 purchase
  • Course
  • CISM
  • Institution
  • CISM

An information security manager wants to improve the ability to identify changes in risk levels affecting the organization's systems. Which of the following is the BEST method to achieve this objective? A. Performing business impact analysis (BIA) B. Monitoring key goal indicators (KGIs) C. ...

[Show more]

Preview 4 out of 59  pages

  • September 9, 2024
  • 59
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISM
  • CISM
avatar-seller
ExamArsenal
1 | P a g e | © copyright 2024/2025 | Grade A+




CISM practice test Questions & 100%
Correct Answers
An information security manager wants to improve the ability to identify changes

in risk levels affecting the organization's systems. Which of the following is the

BEST method to achieve this objective?

A. Performing business impact analysis (BIA)

B. Monitoring key goal indicators (KGIs)

C. Monitoring key risk indicators (KRIs)

D. Updating the risk register

✓ :~~ C




When developing an escalation process for an incident response plan, the

information security manager should PRIMARILY consider the:

A. Affected stakeholders

B. Incident response team

C. Availability of technical resources

D. Media coverage

✓ :~~ A




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


Which of the following should be an information security managers MOST important

consideration when determining if an information asset has been classified

appropriately?

A. Value to the business

B. Security policy requirements

C. Ownership of information

D. Level of protection


✓ :~~ A




The effectiveness of an incident response team will be GREATEST when:

A. The incident response process is updated based on lessons learned

B. The incident response team members are trained security personnel

C. The incident response team meets on a regular basis to review log files

D. Incidents are identified using a security information and event monitoring (SIEM)

system

✓ :~~ A




An information security manager MUST have an understanding of the organizational

business goals to:

A. Relate information security to change management

B. Develop an information security strategy




Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+


C. Develop operational procedures

D. Define key performance indicators (KPIs)

✓ :~~ D




An information security manager MUST have an understanding of an information

security program?

A. Understanding current and emerging technologies

B. Establishing key performance indicators (KPIs)

C. Conducting periodic risk assessments

D. Obtaining stakeholder input

✓ :~~ D




An attacker was able to gain access to an organizational perimeter firewall and

made changes to allow wider external access and to steal data. Which of the

following would have BEST provided timely identification of this incident?

A. Implementing a data loss prevention (DLP) suite

B. Deploying an intrusion prevention system (IPS)

C. Deploying a security information and event managing system (SIEM)

D. Conducting regular system administrator awareness training

✓ :~~ C




Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+


When establishing metrics for an information security program, the BEST approach

is to identify indicators that:

A. Support major information security initiatives

B. Reflect the corporate risk culture

C. Reduce information security spending

D. Demonstrate the effectiveness of the security program

✓ :~~ D




For an organization that provides web-based services, which of the following

security events would MOST likely initiate an incident response plan and be

escalated to management?

A. Anti-malware alerts on several employees workstations

B. Several port scans of web server

C. Multiple failed login attempts on an employee's workstation

D. Suspicious network traffic originating from the demilitarized zone (DMZ)

✓ :~~ A




An information security manager is implementing a bring your own device (BYOD)

program. Which of the following would BEST ensure that users adhere to the

security standards?

A. Publish the standards on the internet page




Master01 | September, 2024/2025 | Latest update

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller ExamArsenal. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78252 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart