CISM Practice Questions

A.  

Increasing false negatives

B.  

Decreasing false negatives

C.  

Decreasing false positives

D.  

Increasing false positives

A.  

The cloud provider can meet recovery point objectives (RPOs).

B.  

The cloud provider adheres to applicable regulations.

C.  

The cloud provider’s service level agreement (SLA) includes availability requirements.

D.  

The hosting contract has a termination clause.

A.  

Access manager

B.  

IT director

C.  

System administrator

D.  

Business owner

A.  

Impose state limits on servers.

B.  

Spread a site across multiple ISPs.

C.  

Block the attack at the source.

D.  

Harden network security.

A.  

Restore affected systems for normal operations.

B.  

Mitigate exploited vulnerabilities to stop future incidents.

C.  

Estimate the amount of damage caused by the incident.

D.  

Isolate affected systems to prevent further damage

A.  

Business impact analysis (BIA)

B.  

Risk register

C.  

Penetration testing

D.  

Vulnerability assessment

A.  

Alignment with financial reporting

B.  

Alignment with business initiatives

C.  

Alignment with industry frameworks

D.  

Alignment with risk appetite

A.  

IT system clocks are not synchronized with the centralized logging server.

B.  

Operating systems are no longer supported by the vendor.

C.  

The patch management system does not deploy patches in a timely manner.

D.  

An organization has a decentralized data center that uses cloud services.

A.  

Perform security tests in the development environment.

B.  

Integrate security activities within the development process

C.  

Perform a risk analysis after project completion.

D.  

Include standard application security requirements

A.  

Risk levels may be elevated beyond acceptable limits.

B.  

Security audits may report more high-risk findings.

C.  

The compensating controls may not be cost efficient.

D.  

Noncompliance with industry best practices may result.

A.  

Conducting incident triage

B.  

Communicating with internal and external parties

C.  

Minimizing negative impact to critical operations

D.  

Classifying incidents

A.  

comprehensive risk assessment program for information security

B.  

The information security manager's knowledge of the business

C.  

Security staff with appropriate training and adequate resources

D.  

Ongoing audits and addressing open items

A.  

Review the risk monitoring plan.

B.  

Formally document the decision.

C.  

Review the regulations.

D.  

Advise the risk management team.

A.  

Decrease in the number of security incidents

B.  

Increase in the frequency of security incident escalations

C.  

Reduction in the impact of security incidents

D.  

Increase in the number of reported security incidents

A.  

Security manager

B.  

Chief information security officer (CISO)

C.  

System administrator

D.  

Business owner

A.  

Demonstrated return on security investment

B.  

Reduction in inherent risk

C.  

Results of an emerging threat analysis

D.  

Review of security metrics trends

A.  

Establish processes to publish content on social networks.

B.  

Assess the security risk associated with the use of social networks.

C.  

Conduct vulnerability assessments on social network platforms.

D.  

Develop security controls for the use of social networks.

A.  

Preparation

B.  

Recovery

C.  

Containment

D.  

Eradication

A.  

Business cases

B.  

Business impact analysis (BIA)

C.  

Gap analysis results

D.  

Risk assessment results

A.  

Assessing how peer organizations using the same technologies have been impacted

B.  

Understanding the impact on existing resources

C.  

Reviewing vendor contracts and service level agreements (SLAs)

D.  

Developing training for end users to familiarize them with the new technology