Unique Top-selling CISM Exams - New 2021 ISACA Pratice Exam
Isaca Certification Dumps CISM Exam for Full Questions - Exam Study Guide
NEW QUESTION 52
A risk assessment should be conducted:
- A. every three to six months for critical business processes.
- B. by external parties to maintain objectivity.
- C. annually or whenever there is a significant change.
- D. once a year for each business process and subprocess.
Answer: C
Explanation:
Section: INFORMATION RISK MANAGEMENT
Explanation:
Risks are constantly changing. Choice D offers the best alternative because it takes into consideration a reasonable time frame and allows flexibility to address significant change. Conducting a risk assessment once a year is insufficient if important changes take place. Conducting a risk assessment every three-to-six months for critical processes may not be necessary, or it may not address important changes in a timely manner. It is not necessary for assessments to be performed by external parties.
NEW QUESTION 53
An information security manager finds that corporate information has been stored on a public cloud storage site for business collaboration purposes. Which of the following should be the manager's FIRST action?
- A. Determine the risk to the data.
- B. Update service level agreements (SLAs).
- C. Implement a data encryption strategy.
- D. Assign a data classification label.
Answer: A
NEW QUESTION 54
Which of the following would BEST help an information security manager prioritize remediation activities to meet regulatory requirements?
- A. Cost of associated controls
- B. Annual toss expectancy (ALE) of noncompliance
- C. A capability maturity model matrix
- D. Alignment with the IT strategy
Answer: B
NEW QUESTION 55
A root kit was used to capture detailed accounts receivable information. To ensure admissibility of evidence from a legal standpoint, once the incident was identified and the server isolated, the next step should be to:
- A. notify law enforcement.
- B. document how the attack occurred.
- C. take an image copy of the media.
- D. close the accounts receivable system.
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Taking an image copy of the media is a recommended practice to ensure legal admissibility. All of the other choices are subsequent and may be supplementary.
NEW QUESTION 56
From an information security perspective, information that no longer supports the main purpose of the business should be:
- A. protected under the information classification policy.
- B. analyzed under the backup policy.
- C. analyzed under the retention policy.
- D. protected under the business impact analysis (BIA).
Answer: C
Explanation:
Option A is the type of analysis that will determine whether the organization is required to maintain the data for business, legal or regulatory reasons. Keeping data that are no longer required unnecessarily consumes resources, and, in the case of sensitive personal information, can increase the risk of data compromise. Options B. C and D are attributes that should be considered in the destruction and retention policy. A BIA could help determine that this information does not support the main objective of the business, but does not indicate the action to take.
NEW QUESTION 57
Which of the following is a PRIMARY responsibility of a data owner?
- A. Conducting data privacy impact assessments
- B. Approving access to information
- C. Performing user access audits
- D. Processing entitlement changes
Answer: B
NEW QUESTION 58
An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers and maintaining all core business functions in-house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy?
- A. Deployment of nested firewalls within the infrastructure
- B. Strict enforcement of role-based access control (RBAC)
- C. Separate security controls for applications, platforms programs and endpoints
- D. Multi-factor login requirements for cloud service applications timeouts, and complex passwords
Answer: C
NEW QUESTION 59
To determine the selection of controls required to meet business objectives, an information security manager should:
- A. prioritize the use of role-based access controls.
- B. restrict controls to only critical applications.
- C. focus on key controls.
- D. focus on automated controls.
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Key controls primarily reduce risk and are most effective for the protection of information assets. The other choices could be examples of possible key controls.
NEW QUESTION 60
What is the BEST method for mitigating against network denial of service (DoS) attacks?
- A. Implement load balancing for Internet facing devices
- B. Employ packet filtering to drop suspect packets
- C. Ensure all servers are up-to-date on OS patches
- D. Implement network address translation to make internal addresses nonroutable
Answer: B
Explanation:
Explanation/Reference:
Explanation:
Packet filtering techniques are the only ones which reduce network congestion caused by a network denial of service (DoS) attack. Patching servers, in general, will not affect network traffic. Implementing network address translation and load balancing would not be as effective in mitigating most network DoS attacks.
NEW QUESTION 61
The GREATEST benefit resulting from well-documented information security procedures is that they:
- A. ensure that critical processes can be followed by temporary staff.
- B. provide a basis for auditing security practices.
- C. ensure that security policies are consistently applied.
- D. facilitate security training of new staff.
Answer: C
Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
NEW QUESTION 62
Which of the following BEST supports information security management in the event of organizational changes in security personnel?
- A. Formalizing a security strategy and program
- B. Developing an awareness program for staff
- C. Ensuring current documentation of security processes
- D. Establishing processes within the security operations team
Answer: C
NEW QUESTION 63
Which of the following mechanisms is the MOST secure way to implement a secure wireless network?
- A. Use a Wired Equivalent Privacy (WEP) key
- B. Use a Wi-Fi Protected Access (WPA2) protocol
- C. Filter media access control (MAC) addresses
- D. Web-based authentication
Answer: B
Explanation:
Explanation
WPA2 is currently one of the most secure authentication and encryption protocols for mainstream wireless products. MAC address filtering by itself is not a good security mechanism since allowed MAC addresses can be easily sniffed and then spoofed to get into the network. WEP is no longer a secure encryption mechanism for wireless communications. The WEP key can be easily broken within minutes using widely available software. And once the WEP key is obtained, all communications of every other wireless client are exposed.
Finally, a web-based authentication mechanism can be used to prevent unauthorized user access to a network, but it will not solve the wireless network's main security issues, such as preventing network sniffing.
NEW QUESTION 64
Which of the following is MOST helpful to maintain cohesiveness within an organization's information security resource?
- A. Business impact analysis
- B. Information security steering committee
- C. Information security architecture
- D. Security gap analysis
Answer: C
NEW QUESTION 65
Which of the following is an example of a corrective control?
- A. Examining inbound network traffic for viruses
- B. Diverting incoming traffic upon responding to the denial of service (DoS) attack
- C. Filtering network traffic before entering an internal network from outside
- D. Logging inbound network traffic
Answer: B
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Diverting incoming traffic corrects the situation and, therefore, is a corrective control. Choice B is a preventive control. Choices C and D are detective controls.
NEW QUESTION 66
Which of the following is MOST important to the successful implementation of an information security program?
- A. Understanding current and emerging technologies
- B. Establishing key performance indicators (KPIs)
- C. Conducting periodic risk assessments
- D. Obtaining stakeholder input
Answer: D
NEW QUESTION 67
When contracting with an outsourcer to provide security administration, the MOST important contractual element is the:
- A. service level agreement (SLA).
- B. limitations of liability.
- C. financial penalties clause.
- D. right-to-terminate clause.
Answer: A
Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
Service level agreements (SLAs) provide metrics to which outsourcing firms can be held accountable. This is more important than a limitation on the outsourcing firm's liability, a right-to-terminate clause or a hold- harmless agreement which involves liabilities to third parties.
NEW QUESTION 68
Which of the following should be part of the final phase of an incident response plan?
- A. Performing a system rollback
- B. Reviewing lessons learned
- C. Updating the risk register
- D. Recovering the impacted system
Answer: B
NEW QUESTION 69
Data owners are PRIMARILY responsible for establishing risk mitigation methods to address which of the following areas?
- A. Entitlement changes
- B. Platform security
- C. Antivirus controls
- D. Intrusion detection
Answer: A
Explanation:
Explanation
Data owners are responsible for assigning user entitlements and approving access to the systems for which they are responsible. Platform security, intrusion detection and antivirus controls are all within the responsibility of the information security manager.
NEW QUESTION 70
A regulatory organization sends an email to an information security manager warning of an Impending cyber attack. What should the information security manager do FIRST?
- A. Alert the network operations center
- B. Validate the authenticity of the alert.
- C. Determine whether the attack is in progress.
- D. Reply asking for more details.
Answer: B
NEW QUESTION 71
Failure to include information security requirements within the build/buy decision would MOST likely result in the need for:
- A. commercial product compliance with corporate standards.
- B. more stringent source programming standards.
- C. security scanning of operational platforms.
- D. compensating controls in the operational environment.
Answer: D
NEW QUESTION 72
What is the BEST method to verify that all security patches applied to servers were properly documented?
- A. Trace OS patch logs to change control requests
- B. Review change control documentation for key servers
- C. Trace OS patch logs to OS vendor's update documentation
- D. Trace change control requests to operating system (OS) patch logs
Answer: A
Explanation:
Explanation
To ensure that all patches applied went through the change control process, it is necessary to use the operating system (OS) patch logs as a starting point and then check to see if change control documents are on file for each of these changes. Tracing from the documentation to the patch log will not indicate if some patches were applied without being documented. Similarly, reviewing change control documents for key servers or comparing patches applied to those recommended by the OS vendor's web site does not confirm that these security patches were properly approved and documented.
NEW QUESTION 73
......
Best way to practice test for ISACA CISM: https://www.vceprep.com/CISM-latest-vce-prep.html
CISM Dump Ready - Exam Questions and Answers: https://drive.google.com/open?id=14TA_CwskPnR9mh_k47lOzpUw13pdCykC