CISM Practice Questions

A.  

Backups are maintained offline and regularly tested.

B.  

Impacted networks can be detached at the network switch level.

C.  

Production data is continuously replicated between primary and secondary sites.

D.  

Backups are maintained on multiple sites and regularly reviewed.

A.  

Perform a vulnerability assessment

B.  

Perform a gap analysis to determine needed resources

C.  

Create a security exception

D.  

Assess the risk to business operations

A.  

evaluating key performance indicators (KPIs)

B.  

performing a business impact analysis (BIA)

C.  

developing a system classification scheme

D.  

evaluating the recovery time objectives (RTOs)

A.  

Business impact analysis (BIA)

B.  

Business continuity plan (BCP)

C.  

Incident response plan

D.  

Disaster recovery plan (DRP)

A.  

Utilizing third-party applications

B.  

Moving risk ownership to another department

C.  

Conducting off-site backups

D.  

Purchasing cybersecurity insurance

A.  

Include the requirement in information security awareness materials

B.  

Perform a policy compliance assessment

C.  

Ensure the policy has been communicated to the system administrators

A.  

Calculating cost of the incident

B.  

Conducting a postmortem assessment

C.  

Performing an impact analysis

D.  

Preserving the evidence

A.  

Purchasing insurance

B.  

Discontinuing the activity associated with the risk

C.  

Improving security controls

D.  

Performing a cost-benefit analysis

A.  

Data is encrypted in transit and at rest at the vendor site.

B.  

Data is subject to regular access log review.

C.  

The vendor must be able to amend data.

D.  

The vendor must agree to the organization's information security policy,

A.  

The framework defines managerial responsibilities for risk impacts to business goals.

B.  

The framework provides direction to meet business goals while balancing risks and controls.

C.  

The framework provides a roadmap to maximize revenue through the secure use of technology.

D.  

The framework is able to confirm the validity of business goals and strategies.

A.  

Employee training on ransomware

B.  

A properly tested offline backup system

C.  

A continual server replication process

D.  

A properly configured firewall

A.  

Train the help desk to review the call logs.

B.  

Require the help desk to participate in post-incident reviews.

C.  

Provide the help desk with criteria for security incidents.

D.  

Include members of the help desk on the security incident response team.

A.  

Recovery

B.  

Investigation

C.  

Escalation

D.  

Containment

A.  

To identify the organization's risk tolerance

B.  

To improve security processes

C.  

To align security roles and responsibilities

D.  

To optimize security risk management

A.  

Developing a dashboard for communicating the metrics

B.  

Agreeing on baseline values for the metrics

C.  

Benchmarking the expected value of the metrics against industry standards

D.  

Aligning the metrics with the organizational culture

A.  

Walk-through of the incident response plan

B.  

Black box penetration test

C.  

Simulated phishing exercise

D.  

Red team exercise

A.  

incident has been confirmed.

B.  

incident has been contained.

C.  

potential incident has been logged.

D.  

incident has been mitigated.

A.  

The service level agreement (SLA) for encryption keys

B.  

Alignment with the organization’s data classification policy

C.  

How the organization’s sensitive data will be transferred

D.  

The volume of data to be stored in the cloud

A.  

Revise the policy to accommodate the business unit.

B.  

Report the business unit for policy noncompliance.

C.  

Review the business unit’s function against the policy.

D.  

Enforce sanctions on the business unit.

A.  

During user acceptance testing (UAT)

B.  

During the design phase

C.  

During static code analysis

D.  

During regulatory review