ISACA (CISM): Certified Information Security Manager
Question 1 – A public website should protect consumers’ private information using the following methods?
- A. Applying strong authentication to online accounts
- B. Encrypting consumer data in transit and at rest
- C. Using a secure encrypted transport layer
- D. Applying a masking policy to the consumer data
Correct Answer: B
Question 2 – The information security manager should PRIMARILY consider the following when developing an incident response plan:
- A. affected stakeholders.
- B. incident response team.
- C. availability of technical resources.
- D. media coverage
Correct Answer: A
Question 3 – An information security manager should consider which of the following MOST crucial factors when determining whether an asset is appropriately classified?
- A. Value to the business
- B. Security policy requirements
- C. Ownership of information
- D. Level of protection
Correct Answer: A
Question 4 – In order for an incident response team to be most effective, it must:
- A. be updated based on lessons learned.
- B. have team members who are trained security personnel.
- C. meets on a regular basis to review log files.
- D. incidents are identified using a security information and event monitoring (SIEM) system.
Correct Answer: A
Question 5 – It is essential that the information security manager has a thorough understanding of the organization’s business goals so they can:
- A. relate information security to change management.
- B. develop an information security strategy.
- C. develop operational procedures
- D. define key performance indicators (KPIs).
Correct Answer: D
Question 6 – How can an information security manager be successful if he or she doesn’t understand the program of information security?
- A. Understanding current and emerging technologies
- B. Establishing key performance indicators (KPIs)
- C. Conducting periodic risk assessments
- D. Obtaining stakeholder input
Correct Answer: D
Question 7 – Using an organization’s perimeter firewall, an attacker gained access and altered it to allow wider external access and data theft. What is the best way to identify this incident in a timely manner?
- A. Implementing a data loss prevention (DLP) suite
- B. Deploying an intrusion prevention system (IPS)
- C. Deploying a security information and event management system (SIEM)
- D. Conducting regular system administrator awareness training
Correct Answer: C
Question 8 – Identifying indicators of an information security program’s success is the BEST approach.
- A. supporting major information security initiatives.
- B. reflecting the corporate risk culture.
- C. reducing information security program spending.
- D. demonstrating the effectiveness of the security program.
Correct Answer: D
Question 9 – What is the most likely security event that will trigger an incident response plan and escalate to management for an organization that provides web-based services?
- A. Anti-malware alerts on several employees’ workstations
- B. Several port scans of the web server
- C. Multiple failed login attempts on an employee’s workstation
- D. Suspicious network traffic originating from the demilitarized zone (DMZ)
Correct Answer: A
Question 10 – As part of contract negotiations with a third party, which of the following would be the MOST effective method to address the security concerns of an organization?
- A. Reviewing the third-party contract with the organization’s legal department.
- B. Communicating security policy with the third-party vendor.
- C. Ensuring security is involved in the procurement process.
- D. Conducting an information security audit on the third-party vendor.
Correct Answer: B
Question 11 – Which of the following is MOST frequently reviewed as part of web application security monitoring?
- A. Audit reports
- B. Access logs
- C. Access lists
- D. Threat metrics
Correct Answer: B
Question 12 – A manager of information security should ensure that security is incorporated into the project development process of an organization by using which of the following methods?
- A. Developing good communications with the project management office (PMO).
- B. Participating in project initiation, approval, and funding.
- C. Conducting security reviews during design, testing, and implementation.
- D. Integrati g organization’s security requirements into project management.
Correct Answer: D
Question 13 – Information security programs and underlying business processes can be evaluated most effectively by determining which of the following provides the MOST relevant information.
- A. SWOT analysis
- B. Industry benchmarks
- C. Cost-benefit analysis
- D. Balanced scorecard
Correct Answer: D
Question 14 – How likely is it that an enterprise security policy will address this issue?
- A. Definitions of responsibilities
- B. Retention schedules
- C. System access specifications
- D. Organizational risk
Correct Answer: A
Question 15 – For incident response testing, a tabletop test scenario should be developed with the following primary purpose:
- A. measuring management engagement as part of an incident response team.
- B. providing participants with situations for ensuring the understanding of their roles.
- C. giving the business a measure of the organization’s overall readiness.
- D. challenging the incident response team for solving the problem under pressure.
Correct Answer: B
Question 16 – Organizations can benefit from an information security risk analysis BEST by ensuring:
- A. the infrastructure has the appropriate level of access control.
- B. cost-effective decisions are made with regard to which assets need protection
- C. an appropriate level of funding is applied to security processes.
- D. the organization implements appropriate security technologies
Correct Answer: B
Question 17 – The local security regulations in a multinational organization should take precedence over the global security policy for three main reasons:
- A. business objectives are defined by local business unit managers.
- B. deploying awareness of local regulations is more practical than global policy.
- C. global security policies include unnecessary controls for local businesses.
- D. requirements of local regulations take precedence.
Correct Answer: D
Question 18 – A manager of information security should first understand the impact that a new regulatory requirement will have on his or her organization’s information security controls by:
- A. conducting a cost-benefit analysis.
- B. conducting a risk assessment.
- C. interviewing senior management.
- D. performing a gap analysis.
Correct Answer: D
Question 19 – In order to evaluate the existing information security controls and select new information security controls, which of the following processes should management use when changing the enterprise business strategy?
- A. Access control management
- B. Change management
- C. Configuration management
- D. Risk management
Correct Answer: D
Question 20 – Which of the given would be the most suitable way for building a risk-aware culture?
- A. Periodically changing risk awareness messages.
- B. Ensuring that threats are communicated organization-wide in a timely manner.
- C. Periodically testing compliance with security controls and post results.
- D. Establishing incentives and a channel for staff for reporting risks.
Correct Answer: C
Are you preparing for the Certified Information Security Manager exam?Take a Quiz