Certified Information Security Manager v1.0 (CISM)

Page:    1 / 38   
Total 566 questions

An information security manager wants to improve the ability to identify changes in risk levels affecting the organization's systems. Which of the following is the
BEST method to achieve this objective?

  • A. Performing business impact analyses (BIA)
  • B. Monitoring key goal indicators (KGIs)
  • C. Monitoring key risk indicators (KRIs)
  • D. Updating the risk register


Answer : C

When developing an escalation process for an incident response plan, the information security manager should PRIMARILY consider the:

  • A. affected stakeholders.
  • B. incident response team.
  • C. availability of technical resources.
  • D. media coverage


Answer : A

Which of the following should be an information security managers MOST important consideration when determining if an information asset has been classified appropriately?

  • A. Value to the business
  • B. Security policy requirements
  • C. Ownership of information
  • D. Level of protection


Answer : A

The effectiveness of an incident response team will be GREATEST when:

  • A. the incident response process is updated based on lessons learned.
  • B. the incident response team members are trained security personnel.
  • C. the incident response team meets on a regular basis to review log files.
  • D. incidents are identified using a security information and event monitoring (SIEM) system.


Answer : A

An information security manager MUST have an understanding of the organizationג€™s business goals to:

  • A. relate information security to change management.
  • B. develop an information security strategy.
  • C. develop operational procedures
  • D. define key performance indicators (KPIs).


Answer : D

An information security manager MUST have an understanding of an information security program?

  • A. Understanding current and emerging technologies
  • B. Establishing key performance indicators (KPIs)
  • C. Conducting periodic risk assessments
  • D. Obtaining stakeholder input


Answer : D

An attacker was able to gain access to an organizationג€™s perimeter firewall and made changes to allow wider external access and to steal data. Which of the following would have BEST provided timely identification of this incident?

  • A. Implementing a data loss prevention (DLP) suite
  • B. Deploying an intrusion prevention system (IPS)
  • C. Deploying a security information and event management system (SIEM)
  • D. Conducting regular system administrator awareness training


Answer : C

When establishing metrics for an information security program, the BEST approach is to identify indicators that:

  • A. support major information security initiatives.
  • B. reflect the corporate risk culture.
  • C. reduce information security program spending.
  • D. demonstrate the effectiveness of the security program.


Answer : D

For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?

  • A. Anti-malware alerts on several employeesג€™ workstations
  • B. Several port scans of the web server
  • C. Multiple failed login attempts on an employee's workstation
  • D. Suspicious network traffic originating from the demilitarized zone (DMZ)


Answer : A

An information security manager is implementing a bring your own device (BYOD) program. Which of the following would BEST ensure that users adhere to the security standards?

  • A. Publish the standards on the intranet landing page.
  • B. Deploy a device management solution.
  • C. Establish an acceptable use policy.
  • D. Monitor user activities on the network.


Answer : C

When monitoring the security of a web-based application, which of the following is MOST frequently reviewed?

  • A. Audit reports
  • B. Access logs
  • C. Access lists
  • D. Threat metrics


Answer : B

Which of the following is the MOST effective way for an information security manager to ensure that security is incorporated into an organizationג€™s project development processes?

  • A. Develop good communications with the project management office (PMO).
  • B. Participate in project initiation, approval, and funding.
  • C. Conduct security reviews during design, testing, and implementation.
  • D. Integrate organizationג€™s security requirements into project management.


Answer : D

Which of the following provides the MOST relevant information to determine the overall effectiveness of an information security program and underlying business processes?

  • A. SWOT analysis
  • B. Industry benchmarks
  • C. Cost-benefit analysis
  • D. Balanced scorecard


Answer : D

An organization finds unauthorized software has been installed on a number of workstations. The software was found to contain a Trojan, which had been uploading data to an unknown external party. Which of the following would have BEST prevented the installation of the unauthorized software?

  • A. Banning executable file downloads at the Internet firewall
  • B. Implementing an intrusion detection system (IDS)
  • C. Implementing application blacklisting
  • D. Removing local administrator rights


Answer : D

When developing a tabletop test plan for incident response testing, the PRIMARY purpose of the scenario should be to:

  • A. measure management engagement as part of an incident response team.
  • B. provide participants with situations to ensure understanding of their roles.
  • C. give the business a measure of the organization's overall readiness.
  • D. challenge the incident response team to solve the problem under pressure.


Answer : B

Page:    1 / 38   
Total 566 questions