CISM Practice Questions

A.  

Incident response plan

B.  

Disaster recovery plan (DRP)

C.  

Business continuity plan (BCP)

D.  

Vulnerability management plan

A.  

Containment

B.  

Escalation

C.  

Analysis

D.  

Triage

A.  

Recovery time objective (RTO)

B.  

Recovery point objective (RPO)

C.  

Maximum tolerable downtime (MTD)

D.  

Service level agreement (SLA)

A.  

The incident response plan is aligned with the disaster recovery strategy

B.  

The incident response process is regularly tested

C.  

Incident response processes are documented and available to staff

D.  

The incident response plan clearly outlines roles and responsibilities

A.  

Access to the hardware

B.  

Data encryption

C.  

Non-standard event logs

D.  

Compressed customer data

A.  

Security risk register

B.  

Information security policy

C.  

Business impact analysis (BIA)

D.  

Enterprise architecture (EA)

A.  

Periodically change risk awareness messages.

B.  

Ensure that threats are documented and communicated in a timely manner.

C.  

Establish a channel for staff to report risks.

D.  

Periodically test compliance with security controls.

A.  

Adhere to regulatory requirements

B.  

Conduct security awareness

C.  

Document and distribute security procedures

D.  

Communicate and enforce security policies

A.  

focused on information security policy.

B.  

aligned to business processes

C.  

based on employees' roles

D.  

based on recent incidents

A.  

Key objectives of the security program

B.  

Recovery procedures

C.  

Notification criteria

D.  

Containment procedures

A.  

Enforce separation of duties and least privilege access.

B.  

Conduct organization-wide security awareness training.

C.  

Implement logging for all access activities.

D.  

Implement strict security policies and password controls.

A.  

a process for identifying and analyzing threats and vulnerabilities.

B.  

an annual loss expectancy (ALE) determined from the history of security events,

C.  

the reporting of consistent and periodic assessments of risks.

D.  

the formalized acceptance of risk analysis by management,

A.  

Guidelines

B.  

Policies

C.  

Procedures

D.  

Standards

A.  

Demonstrating the program's value to the organization

B.  

Discussing governance programs found in similar organizations

C.  

Providing the results of external audits

D.  

Providing examples of information security incidents within the organization

A.  

Residual risk exposure

B.  

Threats against internal systems

C.  

Control gaps within defense-in-depth architecture

D.  

Recent data breaches in the same industry sector

A.  

update the risk profile

B.  

minimize impact

C.  

prevent recurrence.

D.  

determine the impact

A.  

scope of the business continuity program.

B.  

resources needed for business recovery.

C.  

recovery time objective (RTO).

D.  

scope of the incident response plan.

A.  

Security risk assessments

B.  

Lessons learned analysis

C.  

Information security audits

D.  

Key performance indicators (KPIs)

A.  

Discussing upcoming information security projects

B.  

Reviewing the information security risk register

C.  

Approving changes to the information security strategy

D.  

Reviewing monthly information security metrics

A.  

Security architecture

B.  

Security policies

C.  

Security incident management team

D.  

Security awareness training program