CISMP V9 Example Questions With Complete Solutions | 2024/2025 | 100% Pass
4 views 0 purchase
Course
CISMP V9
Institution
CISMP V9
CISMP V9 Example Questions With
Complete Solutions | 2024/2025 | 100%
Pass
What is the primary goal of information security?
A) To eliminate all security risks
B) To manage and mitigate risks to an acceptable level
C) To ensure all employees follow security protocols
D) To prevent unauth...
CISMP V9 Example Questions With
Complete Solutions | 2024/2025 | 100%
Pass
What is the primary goal of information security?
A) To eliminate all security risks
B) To manage and mitigate risks to an acceptable level
C) To ensure all employees follow security protocols
D) To prevent unauthorized access to the internet
✔✔ B) To manage and mitigate risks to an acceptable level
Which of the following is a key component of an effective security policy?
A) Complexity and length
B) Clarity and enforceability
C) Exclusivity for IT staff only
D) General guidelines without specifics
✔✔ B) Clarity and enforceability
What does the acronym "CIA" in information security stand for?
1
,A) Confidentiality, Integrity, Accessibility
B) Compliance, Integrity, Audit
C) Confidentiality, Integrity, Availability
D) Control, Integrity, Availability
✔✔ C) Confidentiality, Integrity, Availability
Which framework provides guidelines for establishing an Information Security Management
System (ISMS)?
A) COBIT
B) NIST
C) ISO/IEC 27001
D) ITIL
✔✔ C) ISO/IEC 27001
What is the purpose of a risk assessment in information security?
A) To identify assets
B) To evaluate the effectiveness of security policies
C) To identify and evaluate risks
2
,D) To develop incident response plans
✔✔ C) To identify and evaluate risks
Which of the following is an example of a physical security control?
A) Passwords
B) Firewalls
C) Security cameras
D) Data encryption
✔✔ C) Security cameras
What type of attack involves overwhelming a system to disrupt services?
A) Phishing
B) Denial of Service (DoS)
C) Man-in-the-Middle
D) Social Engineering
✔✔ B) Denial of Service (DoS)
What is the role of security awareness training for employees?
3
, A) To promote software use
B) To enhance knowledge of security threats
C) To teach coding skills
D) To reduce the need for IT staff
✔✔ B) To enhance knowledge of security threats
What is a security incident?
A) A planned audit of security protocols
B) Any event that compromises the integrity of information
C) Regular updates to security software
D) A security awareness seminar
✔✔ B) Any event that compromises the integrity of information
How often should security policies be reviewed?
A) Every five years
B) Only when a security breach occurs
C) Regularly, at least annually
D) Never, once created
4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller SterlingScores. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.59. You're not tied to anything after your purchase.