100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISM Domain 2 Practice Questions and Answers (100% Pass) £10.25   Add to cart

Exam (elaborations)

CISM Domain 2 Practice Questions and Answers (100% Pass)

 10 views  0 purchase
  • Module
  • CISM
  • Institution
  • CISM

CISM Domain 2 Practice Questions and Answers (100% Pass) Which of the following should a successful information security management program use to determine the amount of resources devoted to mitigating exposures?(*) - Answer️️ -risk analysis result In a Business Impact Analysis (BIA), the ...

[Show more]

Preview 3 out of 18  pages

  • August 16, 2024
  • 18
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISM
  • CISM
avatar-seller
©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM



CISM Domain 2 Practice Questions and Answers (100% Pass)


Which of the following should a successful information security management

program use to determine the amount of resources devoted to mitigating

exposures?(*) - Answer✔️✔️-risk analysis result


In a Business Impact Analysis (BIA), the value of information system should be

based on the overall: - Answer✔️✔️-opportunity cost


Risk acceptance is a component of which of the following? - Answer✔️✔️-risk

mitigation

Which of the following risk scenarios would BEST be assessed using qualitative

risk assessment techniques? - Answer✔️✔️-permanent decline in customer

confidence

Which of the following situations presents the GREATEST information security

risk for an organization with multiple, but small, domestic processing locations? -

Answer✔️✔️-change management procedures are poor.


Which of the following is the PRIMARY reason for implementing a risk

management program? A risk management program:(*) - Answer✔️✔️-is a

necessary part of management's due diligence


1

,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


Which of the following is the MOST usable deliverable of an information security

risk analysis? - Answer✔️✔️-list of action items to mitigate risk


Information security managers should use risk assessment techniques to: -

Answer✔️✔️-justify selection of risk mitigation strategies


Which of the following is MOST essential when assessing risk?(*) - Answer✔️✔️-

considering both monetary value and likelihood of loss

The PRIMARY goal of a corporate risk management program is to ensure that an

organization's: - Answer✔️✔️-stated objectives are achieved


What is the PRIMARY objective of a risk management program? - Answer✔️✔️-

achieve acceptable risk

What is the PRIMARY benefit of performing an information asset

classification?(*) - Answer✔️✔️-it identifies controls commensurate with impact


Which of the following is MOST essential for a risk management program to be

effective?(*) - Answer✔️✔️-detection of new risk


Which of the following steps in conduction risk assessment should be performed

FIRST?(*) - Answer✔️✔️-identify business assets




2

, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM


In conducting an initial technical vulnerability assessment, which of the following

choices should receive top priority?(*) - Answer✔️✔️-systems covered by business

interruption insurance

What is the PRIMARY purpose of using risk analysis within a security program? -

Answer✔️✔️-the risk analysis helps assess exposures and plan remediation


What mechanism should be used to identify deficiencies that would provide

attackers with an opportunity to compromise a computer system?(*) - Answer✔️✔️-

security gap analysis

Which of the following would BEST address the risk of data leakage? -

Answer✔️✔️-acceptable use policies


A company recently developed a breakthrough technology. Because this

technology could give this company a significant competitive edge, which of the

following would FIRST govern how this information to be protected? -

Answer✔️✔️-data classification policy


Which of the following is the BEST basis for determining the criticality and

sensitivity of information assets? - Answer✔️✔️-an impact assessment


Which program element should be implemented FIRST in asset classification and

control?(*) - Answer✔️✔️-valuation


3

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller OliviaWest. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for £10.25. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

67096 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy revision notes and other study material for 14 years now

Start selling
£10.25
  • (0)
  Add to cart