Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Isaca CISM Practice Exam with Questions & Answers | Set: 14

Questions 261

To inform a risk treatment decision, which of the following should the information security manager compare with the organization's risk appetite?

Options:
A.

Gap analysis results

B.

Level of residual risk

C.

Level of risk treatment

D.

Configuration parameters

Isaca CISM Premium Access
Questions 262

Which of the following should an information security manager do FIRST when creating an organization's disaster recovery plan (DRP)?

Options:
A.

Conduct a business impact analysis (BIA)

B.

Identify the response and recovery learns.

C.

Review the communications plan.

D.

Develop response and recovery strategies.

Questions 263

Which of the following is the PRIMARY benefit achieved when an information security governance framework is aligned with corporate governance?

Options:
A.

Protection of business value and assets

B.

Identification of core business strategiesC, Easier entrance into new businesses and technologies

C.

Improved regulatory compliance posture

Questions 264

Which of the following is the MOST effective way to demonstrate alignment of information security strategy with business objectives?

Options:
A.

Balanced scorecard

B.

Risk matrix

C.

Benchmarking

D.

Heat map

Questions 265

Which of the following is the MOST important requirement for a successful security program?

Options:
A.

Mapping security processes to baseline security standards

B.

Penetration testing on key systems

C.

Management decision on asset value

D.

Nondisclosure agreements (NDA) with employees

Questions 266

When choosing the best controls to mitigate risk to acceptable levels, the information security manager's decision should be MAINLY driven by:

Options:
A.

best practices.

B.

control framework

C.

regulatory requirements.

D.

cost-benefit analysis,

Questions 267

An information security manager is reporting on open items from the risk register to senior management. Which of the following is MOST important to communicate with regard to these risks?

Options:
A.

Responsible entities

B.

Key risk indicators (KRIS)

C.

Compensating controls

D.

Potential business impact

Questions 268

What is the BEST way to reduce the impact of a successful ransomware attack?

Options:
A.

Perform frequent backups and store them offline.

B.

Purchase or renew cyber insurance policies.

C.

Include provisions to pay ransoms ih the information security budget.

D.

Monitor the network and provide alerts on intrusions.

Questions 269

The PRIMARY goal to a post-incident review should be to:

Options:
A.

identify policy changes to prevent a recurrence.

B.

determine how to improve the incident handling process.

C.

establish the cost of the incident to the business.

D.

determine why the incident occurred.

Questions 270

Measuring which of the following is the MOST accurate way to determine the alignment of an information security strategy with organizational goals?

Options:
A.

Number of blocked intrusion attempts

B.

Number of business cases reviewed by senior management

C.

Trends in the number of identified threats to the business

D.

Percentage of controls integrated into business processes

Questions 271

Which of the following is MOST important for an organization to have in place to determine the effectiveness of information security governance?

Options:
A.

Program metrics

B.

Key risk indicators (KRIs)

C.

Risk register

D.

Security strategy

Questions 272

Which of the following is the GREATEST benefit of including incident classification criteria within an incident response plan?

Options:
A.

Ability to monitor and control incident management costs

B.

More visibility to the impact of disruptions

C.

Effective protection of information assets

D.

Optimized allocation of recovery resources

Questions 273

Which of the following is MOST important when responding to a major security incident?

Options:
A.

Contacting forensic investigators

B.

Following the escalation process

C.

Notifying law enforcement

D.

Identifying the indicators of compromise

Questions 274

When an organization lacks internal expertise to conduct highly technical forensics investigations, what is the BEST way to ensure effective and timely investigations following an information security incident?

Options:
A.

Purchase forensic standard operating procedures.

B.

Provide forensics training to the information security team.

C.

Ensure the incident response policy allows hiring a forensics firm.

D.

Retain a forensics firm prior to experiencing an incident.

Questions 275

Which of the following is the PRIMARY purpose of an acceptable use policy?

Options:
A.

To provide steps for carrying out security-related procedures

B.

To facilitate enforcement of security process workflows

C.

To protect the organization from misuse of information assets

D.

To provide minimum security baselines for information assets

Questions 276

Which of the following is the MOST appropriate action during the containment phase of a cyber incident response?

Options:
A.

Determine the final root cause of the incident.

B.

Remove all instances of the incident from the network.

C.

Mitigate exploited vulnerabilities to prevent future incidents.

D.

Isolate affected systems to prevent the spread of damage.

Questions 277

How would the information security program BEST support the adoption of emerging technologies?

Options:
A.

Conducting a control assessment

B.

Developing an emerging technology roadmap

C.

Providing effective risk governance

D.

Developing an acceptable use policy

Questions 278

Which of the following is the BEST way to reduce the risk of security incidents from targeted email attacks?

Options:
A.

Implement a data loss prevention (DLP) system

B.

Disable all incoming cloud mail services

C.

Conduct awareness training across the organization

D.

Require acknowledgment of the acceptable use policy

Questions 279

Which of the following is a viable containment strategy for a distributed denial of service (DDoS) attack?

Options:
A.

Block IP addresses used by the attacker

B.

Redirect the attacker's traffic

C.

Disable firewall ports exploited by the attacker.

D.

Power off affected servers

Questions 280

Which of the following provides the MOST useful information for identifying security control gaps on an application server?

Options:
A.

Risk assessments

B.

Threat models

C.

Penetration testing

D.

Internal audit reports

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.