CISM Practice Questions

A.  

service level agreements (SLAs)

B.  

security requirements for the process being outsourced.

C.  

risk-reporting methodologies.

D.  

security metrics

A.  

Information security manager

B.  

Information security steering committee

C.  

Information owner

D.  

Senior management

A.  

Report the decision to the compliance officer

B.  

Update details within the risk register.

C.  

Reassess the organization's risk tolerance.

D.  

Assess the impact of the regulation.

A.  

Data protection regulations

B.  

Data storage limitations

C.  

Business requirements

D.  

Type and nature of data

A.  

An assessment of the current operating system based on risk

B.  

A summary of performance improvements in the new operating system

C.  

The results of user surveys indicating issues with the current operating system

D.  

A list of the latest security features in the new operating system

A.  

Implementing separation of duties between systems and data

B.  

Including penalty clauses for noncompliance in the vendor contract

C.  

Disabling vendor access and only re-enabling when access is needed

D.  

Monitoring key risk indicators (KRIs)

A.  

Host patching

B.  

Penetration testing

C.  

Infrastructure hardening

D.  

Data classification

A.  

Preventive

B.  

Deterrent

C.  

Detective

D.  

Corrective

A.  

Threat analytics software

B.  

Host intrusion detection system

C.  

SIEM

D.  

Network intrusion detection system

A.  

Security budget allocation

B.  

Organizational risk appetite

C.  

Risk assessment results

D.  

Security metrics

A.  

To provide effective incident mitigation

B.  

To provide a risk assessment for zero-day vulnerabilities

C.  

To provide a single point of contact for critical incidents

D.  

To provide a business impact analysis (BIA)

A.  

Computer forensics

B.  

Continuous log monitoring

C.  

Root cause analysis

D.  

Penetration testing

A.  

Documented processes around forensic records retention

B.  

Robust legal framework with notes of legal actions

C.  

Chain of custody forms with points of contact

D.  

Forensic personnel training that includes technical actions

A.  

Disaster recovery plan (DRP)

B.  

Incident response plan

C.  

Business continuity plan (BCP)

D.  

Business contingency plan

A.  

the integrity of evidence is preserved.

B.  

forensic investigation software is loaded on the server.

C.  

the incident is reported to senior management.

D.  

the server is unplugged from power.

A.  

used to establish security investments

B.  

the basis for setting control objectives.

C.  

elements of the organization's security posture.

D.  

needed to estimate risk.

A.  

Downtime due to malware infections

B.  

Number of security vulnerabilities uncovered with network scans

C.  

Percentage of servers patched

D.  

Annualized loss resulting from security incidents

A.  

new system is about to go live.

B.  

new system is being designed.

C.  

security policy is being developed.

D.  

security incident has occurred,

A.  

Trend analysis of security metrics

B.  

Risk assessment results

C.  

Root cause analysis of security incidents

D.  

Threat intelligence

A.  

Periodic internal and external audits

B.  

Clear lines of responsibility

C.  

Sufficient cyber budget allocation

D.  

Cybersecurity policies