New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Top Tips for Passing the Isaca CISM Exam on Your First Try

Questions 121

Which of the following is an information security manager's BEST course of action when a threat intelligence report indicates a large number of ransomware attacks targeting the industry?

Options:
A.

Increase the frequency of system backups.

B.

Review the mitigating security controls.

C.

Notify staff members of the threat.

D.

Assess the risk to the organization.

Isaca CISM Premium Access
Questions 122

Which of the following activities is designed to handle a control failure that leads to a breach?

Options:
A.

Risk assessment

B.

Incident management

C.

Root cause analysis

D.

Vulnerability management

Questions 123

Which of the following is an information security manager's MOST important course of action when responding to a major security incident that could disrupt the business?

Options:
A.

Follow the escalation process.

B.

Identify the indicators of compromise.

C.

Notify law enforcement.

D.

Contact forensic investigators.

Questions 124

Which of the following MUST happen immediately following the identification of a malware incident?

Options:
A.

Preparation

B.

Recovery

C.

Containment

D.

Eradication

Questions 125

Which of the following is MOST important when conducting a forensic investigation?

Options:
A.

Analyzing system memory

B.

Documenting analysis steps

C.

Capturing full system images

D.

Maintaining a chain of custody

Questions 126

The MOST important reason for having an information security manager serve on the change management committee is to:

Options:
A.

identify changes to the information security policy.

B.

ensure that changes are tested.

C.

ensure changes are properly documented.

D.

advise on change-related risk.

Questions 127

Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?

Options:
A.

Current resourcing levels

B.

Availability of potential resources

C.

Information security strategy

D.

Information security incidents

Questions 128

Which of the following functions is MOST critical when initiating the removal of system access for terminated employees?

Options:
A.

Legal

B.

Information security

C.

Help desk

D.

Human resources (HR)

Questions 129

An incident response team has been assembled from a group of experienced individuals, Which type of exercise would be MOST beneficial for the team at the first drill?

Options:
A.

Red team exercise

B.

Black box penetration test

C.

Disaster recovery exercise

D.

Tabletop exercise

Questions 130

Which of the following is MOST important to ensure when developing escalation procedures for an incident response plan?

Options:
A.

Each process is assigned to a responsible party.

B.

The contact list is regularly updated.

C.

Minimum regulatory requirements are maintained.

D.

Senior management approval has been documented.

Questions 131

Reviewing which of the following would be MOST helpful when a new information security manager is developing an information security strategy for a non-regulated organization?

Options:
A.

Management's business goals and objectives

B.

Strategies of other non-regulated companies

C.

Risk assessment results

D.

Industry best practices and control recommendations

Questions 132

Which of the following is the PRIMARY reason to monitor key risk indicators (KRIs) related to information security?

Options:
A.

To alert on unacceptable risk

B.

To identify residual risk

C.

To reassess risk appetite

D.

To benchmark control performance

Questions 133

IT projects have gone over budget with too many security controls being added post-production. Which of the following would MOST help to ensure that relevant controls are applied to a project?

Options:
A.

Involving information security at each stage of project management

B.

Identifying responsibilities during the project business case analysis

C.

Creating a data classification framework and providing it to stakeholders

D.

Providing stakeholders with minimum information security requirements

Questions 134

The PRIMARY benefit of introducing a single point of administration in network monitoring is that it:

Options:
A.

reduces unauthorized access to systems.

B.

promotes efficiency in control of the environment.

C.

prevents inconsistencies in information in the distributed environment.

D.

allows administrative staff to make management decisions.

Questions 135

Which of the following is MOST effective in monitoring an organization's existing risk?

Options:
A.

Periodic updates to risk register

B.

Risk management dashboards

C.

Security information and event management (SIEM) systems

D.

Vulnerability assessment results

Isaca Related Exams

How to pass Isaca CISA - Certified Information Systems Auditor Exam
How to pass Isaca CRISC - Certified in Risk and Information Systems Control Exam
How to pass Isaca CGEIT - Certified in the Governance of Enterprise IT Exam Exam
How to pass Isaca COBIT5 - COBIT 5 Foundation Exam Exam
How to pass Isaca CDPSE - Certified Data Privacy Solutions Engineer Exam
How to pass Isaca COBIT-2019 - COBIT 2019 Foundation Exam
How to pass Isaca NIST-COBIT-2019 - ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Exam

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.