Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

CISM Certified Information Security Manager Questions and Answers

Questions 4

Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?

Options:

A.

Incorporate policy statements derived from third-party standards and benchmarks.

B.

Adhere to a unique corporate privacy and security standard

C.

Establish baseline standards for all locations and add supplemental standards as required

D.

Require that all locations comply with a generally accepted set of industry

Buy Now
Questions 5

Which of the following is MOST important to ensure when developing escalation procedures for an incident response plan?

Options:

A.

Each process is assigned to a responsible party.

B.

The contact list is regularly updated.

C.

Minimum regulatory requirements are maintained.

D.

Senior management approval has been documented.

Buy Now
Questions 6

An organization's disaster recovery plan (DRP) is documented and kept at a disaster recovery site. Which of the following is the BEST way to ensure the plan can be carried out in an emergency?

Options:

A.

Store disaster recovery documentation in a public cloud.

B.

Maintain an outsourced contact center in another country.

C.

Require disaster recovery documentation be stored with all key decision makers.

D.

Provide annual disaster recovery training to appropriate staff.

Buy Now
Questions 7

Which of the following should be the PRIMARY basis for establishing metrics that measure the effectiveness of an information security program?

Options:

A.

Residual risk

B.

Regulatory requirements

C.

Risk tolerance

D.

Control objectives

Buy Now
Questions 8

When implementing a security policy for an organization handling personally identifiable information (Pll); the MOST important objective should be:

Options:

A.

strong encryption

B.

regulatory compliance.

C.

data availability.

D.

security awareness training

Buy Now
Questions 9

From an information security perspective, legal issues associated with a transborder flow of technology-related items are MOST often

Options:

A.

website transactions and taxation.

B.

software patches and corporate date.

C.

encryption tools and personal data.

D.

lack of competition and free trade.

Buy Now
Questions 10

An international organization with remote branches is implementing a corporate security policy for managing personally identifiable information (PII). Which of the following should be the information security manager's MAIN concern?

Options:

A.

Local regulations

B.

Data backup strategy

C.

Consistency in awareness programs

D.

Organizational reporting structure

Buy Now
Questions 11

When building support for an information security program, which of the following elements is MOST important?

Options:

A.

Identification of existing vulnerabilities

B.

Information risk assessment

C.

Business impact analysis (BIA)

D.

Threat analysis

Buy Now
Questions 12

The results of a risk assessment for a potential network reconfiguration reveal a high likelihood of sensitive data being compromised. What is the information security manager's BEST course of

action?

Options:

A.

Recommend additional network segmentation.

B.

Seek an independent opinion to confirm the findings.

C.

Determine alignment with existing regulations.

D.

Report findings to key stakeholders.

Buy Now
Questions 13

To help users apply appropriate controls related to data privacy regulation, what is MOST important to communicate to the users?

Options:

A.

Data storage procedures

B.

Data classification policy

C.

Results of penetration testing

D.

Features of data protection products

Buy Now
Questions 14

Which of the following should be the PRIMARY consideration when developing an incident response plan?

Options:

A.

The definition of an incident

B.

Compliance with regulations

C.

Management support

D.

Previously reported incidents

Buy Now
Questions 15

Which of the following would be MOST useful to help senior management understand the status of information security compliance?

Options:

A.

Industry benchmarks

B.

Key performance indicators (KPIs)

C.

Business impact analysis (BIA) results

D.

Risk assessment results

Buy Now
Questions 16

Which of the following should be the PRIMARY goal of information security?

Options:

A.

Information management

B.

Regulatory compliance

C.

Data governance

D.

Business alignment

Buy Now
Questions 17

Which of the following presents the GREATEST challenge to a large multinational organization using an automated identity and access management (1AM) system?

Options:

A.

Staff turnover rates that significantly exceed industry averages

B.

Large number of applications in the organization

C.

Inaccurate workforce data from human resources (HR)

D.

Frequent changes to user roles during employment

Buy Now
Questions 18

The BEST way to ensure that frequently encountered incidents are reflected in the user security awareness training program is to include:

Options:

A.

results of exit interviews.

B.

previous training sessions.

C.

examples of help desk requests.

D.

responses to security questionnaires.

Buy Now
Questions 19

What will BEST facilitate the success of new security initiatives?

Options:

A.

Establish an IT security steering committee.

B.

Include business in security decision making.

C.

Update security policies on a regular basis

D.

Monitor post-implementation security metrics.

Buy Now
Questions 20

Which of the following incident response phases involves actions to help safeguard critical systems while maintaining business operations?

Options:

A.

Recovery

B.

Identification

C.

Containment

D.

Preparation

Buy Now
Questions 21

Which of the following is the FIRST step in developing a business continuity plan (BCP)?

Options:

A.

Determine the business recovery strategy

B.

Determine available resources.

C.

Identify the applications with the shortest recovery time objectives (RTOs).

D.

Identify critical business processes.

Buy Now
Questions 22

Which of the following is the PRIMARY reason to use a phased incident recovery approach?

Options:

A.

To gain management buy-in

B.

To give the response team time to analyze incidents

C.

To ensure critical systems are recovered first

D.

To prioritize remediation steps

Buy Now
Questions 23

Which of the following provides the BEST evidence that a recently established infofmation security program is effective?

Options:

A.

The number of reported incidents has increased

B.

Regular IT balanced scorecards are communicated.

C.

Senior management has reported fewer junk emails.

D.

The number of tickets associated with IT incidents have stayed consistent

Buy Now
Questions 24

Which of the following is a function of the information security steering committee?

Options:

A.

Deliver external communication during incident response.

B.

Align the security framework with security standards.

C.

Align security strategy with business objectives.

D.

Monitor regulatory requirements.

Buy Now
Questions 25

Which of the following is the GREATEST benefit of performing a tabletop exercise of the business continuity plan (BCP)?

Options:

A.

It identifies appropriate follow-up work to address shortcomings in the plan.

B.

It allows for greater participation and planning from the business side.

C.

It helps in assessing the availability of compatible backup hardware.

D.

It provides a low-cost method of assessing the BCP's completeness.

Buy Now
Questions 26

ACISO learns that a third-party service provider did not notify the organization of a data breach that affected the service provider's data center. Which of the following should the CISO do FIRST?

Options:

A.

Recommend canceling the outsourcing contract.

B.

Request an independent review of the provider's data center.

C.

Notify affected customers of the data breach.

D.

Determine the extent of the impact to the organization.

Buy Now
Questions 27

Which of the following would provide the MOST value to senior management when presenting the results of a risk assessment?

Options:

A.

Mapping the risks to the security classification scheme

B.

Illustrating risk on a heat map

C.

Mapping the risks to existing controls

D.

Providing a technical risk assessment report

Buy Now
Questions 28

Which of the following BEST indicates that an information security governance framework has been successfully implemented?

Options:

A.

The framework aligns internal and external resources.

B.

The framework aligns security processes with industry best practices.

C.

The framework aligns management and other functions within the security organization.

D.

The framework includes commercial off-the-shelf security solutions.

Buy Now
Questions 29

Which of the following should be established FIRST when implementing an information security governance framework?

Options:

A.

Security architecture

B.

Security policies

C.

Security incident management team

D.

Security awareness training program

Buy Now
Questions 30

Capacity planning would prevent:

Options:

A.

file system overload arising from distributed denial of service (DDoS) attacks.

B.

system downtime for scheduled security maintenance.

C.

application failures arising from insufficient hardware resources.

D.

software failures arising from exploitation of buffer capacity vulnerabilities.

Buy Now
Questions 31

During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:

Options:

A.

perform a risk assessment.

B.

review the state of security awareness.

C.

review information security policies.

D.

perform a gap analysis.

Buy Now
Questions 32

An online trading company discovers that a network attack has penetrated the firewall. What should be the information security manager's FIRST response?

Options:

A.

Notify the regulatory agency of the incident.

B.

Implement mitigating controls.

C.

Evaluate the impact to the business.

D.

Examine firewall logs to identify the attacker.

Buy Now
Questions 33

A security review identifies that confidential information on the file server has been accessed by unauthorized users in the organization. Which of the following should the information security manager do FIRST?

Options:

A.

Invoke the incident response plan

B.

Implement role-based access control (RBAC)

C.

Remove access to the information

D.

Delete the information from the file server

Buy Now
Questions 34

Which of the following should be of GREATEST concern regarding an organization's security controls?

Options:

A.

Some controls are performing outside of an acceptable range.

B.

No key control indicators (KCIs) have been implemented.

C.

Control ownership has not been updated.

D.

Control gap analysis is outdated.

Buy Now
Questions 35

Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense9

Options:

A.

A validation of the current firewall rule set

B.

A port scan of the firewall from an internal source

C.

A ping test from an external source

D.

A simulated denial of service (DoS) attack against the firewall

Buy Now
Questions 36

A recent audit found that an organization's new user accounts are not set up uniformly. Which of the following is MOST important for the information security manager to review?

Options:

A.

Automated controls

B.

Security policies

C.

Guidelines

D.

Standards

Buy Now
Questions 37

The PRIMARY goal of the eradication phase in an incident response process is to:

Options:

A.

maintain a strict chain of custody.

B.

provide effective triage and containment of the incident.

C.

remove the threat and restore affected systems

D.

obtain forensic evidence from the affected system.

Buy Now
Questions 38

Which of the following defines the triggers within a business continuity plan (BCP)? @

Options:

A.

Needs of the organization

B.

Disaster recovery plan (DRP)

C.

Information security policy

D.

Gap analysis

Buy Now
Questions 39

Which of the following is the GREATEST concern resulting from the lack of severity criteria in incident classification?

Options:

A.

Statistical reports will be incorrect.

B.

The service desk will be staffed incorrectly.

C.

Escalation procedures will be ineffective.

D.

Timely detection of attacks will be impossible.

Buy Now
Questions 40

Which of the following documents should contain the INITIAL prioritization of recovery of services?

Options:

A.

IT risk analysis

B.

Threat assessment

C.

Business impact analysis (BIA)

D.

Business process map

Buy Now
Questions 41

Which of the following should be the PRIMARY basis for an information security strategy?

Options:

A.

The organization's vision and mission

B.

Results of a comprehensive gap analysis

C.

Information security policies

D.

Audit and regulatory requirements

Buy Now
Questions 42

When management changes the enterprise business strategy which of the following processes should be used to evaluate the existing information security controls as well as to select new information security controls?

Options:

A.

Configuration management

B.

Risk management

C.

Access control management

D.

Change management

Buy Now
Questions 43

An organization would like to invest in a new emerging technology. Which of the following is MOST important for the information security manager to consider when evaluating its impact?

Options:

A.

Secure configuration

B.

Vulnerabilities in the technology

C.

Systems compatibility

D.

Industry peer reviews of the technology

Buy Now
Questions 44

Which of the following is the PRIMARY purpose of an acceptable use policy?

Options:

A.

To provide steps for carrying out security-related procedures

B.

To facilitate enforcement of security process workflows

C.

To protect the organization from misuse of information assets

D.

To provide minimum security baselines for information assets

Buy Now
Questions 45

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

Options:

A.

relates the investment to the organization's strategic plan.

B.

translates information security policies and standards into business requirements.

C.

articulates management's intent and information security directives in clear language.

D.

realigns information security objectives to organizational strategy.

Buy Now
Questions 46

Which of the following is the GREATEST benefit of information asset classification?

Options:

A.

Helping to determine the recovery point objective (RPO)

B.

Providing a basis for implementing a need-to-know policy

C.

Supporting segregation of duties

D.

Defining resource ownership

Buy Now
Questions 47

Of the following, whose input is of GREATEST importance in the development of an information security strategy?

Options:

A.

Process owners

B.

End users

C.

Security architects.

D.

Corporate auditors

Buy Now
Questions 48

A project team member notifies the information security manager of a potential security risk that has not been included in the risk register. Which of the following should the information security manager do FIRST?

Options:

A.

Implement compensating controls.

B.

Analyze the identified risk.

C.

Prepare a risk mitigation plan.

D.

Add the risk to the risk register.

Buy Now
Questions 49

Which of the following is a PRIMARY responsibility of the information security goxernance function?

Options:

A.

Administering information security awareness training

B.

Defining security strategies to support organizational programs

C.

Ensuring adequate support for solutions using emerging technologies

D.

Advising senior management on optimal levels of risk appetite and tolerance

Buy Now
Questions 50

Which of the following is MOST relevant for an information security manager to communicate to the board of directors?

Options:

A.

The level of inherent risk

B.

Vulnerability assessments

C.

The level of exposure

D.

Threat assessments

Buy Now
Questions 51

Which of the following is the BEST strategy when determining an organization's approach to risk treatment?

Options:

A.

Implementing risk mitigation controls that are considered quick wins

B.

Prioritizing controls that directly mitigate the organization's most critical risks

C.

Advancing the maturity of existing controls based on risk tolerance

D.

Implementing a one-size-fits-all set of controls across all organizational units

Buy Now
Questions 52

Which of the following is the BEST way to determine if an information security profile is aligned with business requirements?

Options:

A.

Review the key performance indicator (KPI) dashboard

B.

Review security-related key risk indicators (KRIs)

C.

Review control self-assessment (CSA) results

D.

Review periodic security audits

Buy Now
Questions 53

Which of the following is the BEST way to ensure the business continuity plan (BCP) is current?

Options:

A.

Manage business process changes.

B.

Update business impact analyses (BIAs) on a regular basis.

C.

Conduct periodic testing.

D.

Review and update emergency contact lists.

Buy Now
Questions 54

Which of the following should be the PRIMARY basis for a severity hierarchy for information security incident classification?

Options:

A.

Availability of resources

B.

Root cause analysis results

C.

Adverse effects on the business

D.

Legal and regulatory requirements

Buy Now
Questions 55

When is the BEST time to verify that a production system's security mechanisms meet control objectives?

Options:

A.

During quality and acceptance checks

B.

On a continuous basis through monitoring activities and automated tooling

C.

After remediations recommended by penetration tests have been completed

D.

During annual internal and compliance audits

Buy Now
Questions 56

An information security manager wants to document requirements detailing the minimum security controls required for user workstations. Which of the following resources would be MOST appropriate for this purposed?

Options:

A.

Guidelines

B.

Policies

C.

Procedures

D.

Standards

Buy Now
Questions 57

An organization has determined that fixing a security vulnerability in a critical application is too costly to be feasible, but the impact is material to the business. Which of the following is the MOST appropriate risk treatment?

Options:

A.

Purchase cybersecurity insurance.

B.

Accept the risk associated with continued use of the application.

C.

Implement compensating controls for the application.

D.

Discontinue using the application.

Buy Now
Questions 58

When drafting the corporate privacy statement for a public website, which of the following MUST be included?

Options:

A.

Limited liability clause

B.

Explanation of information usage

C.

Information encryption requirements

D.

Access control requirements

Buy Now
Questions 59

Which of the following is the BEST course of action when using a web application that has known vulnerabilities?

Options:

A.

Monitor application level logs.

B.

Deploy host-based intrusion detection.

C.

Deploy an application firewall.

D.

Install anti-spyware software.

Buy Now
Questions 60

Which of the following presents the GREATEST challenge to the recovery of critical systems and data following a ransomware incident?

Options:

A.

Lack of encryption for backup data in transit

B.

Undefined or undocumented backup retention policies

C.

Ineffective alert configurations for backup operations

D.

Unavailable or corrupt data backups

Buy Now
Questions 61

Which of the following presents the GREATEST risk associated with the use of an automated security information and event management (SIEM) system?

Options:

A.

Low number of false positives

B.

Low number of false negatives

C.

High number of false positives

D.

High number of false negatives

Buy Now
Questions 62

Which of the following is the MOST effective way to demonstrate alignment of information security strategy with business objectives?

Options:

A.

Balanced scorecard

B.

Risk matrix

C.

Benchmarking

D.

Heat map

Buy Now
Questions 63

Which of the following is the PRIMARY objective of a business impact analysis (BIA)?

Options:

A.

Determine recovery priorities.

B.

Define the recovery point objective (RPO).

C.

Confirm control effectiveness.

D.

Analyze vulnerabilities.

Buy Now
Questions 64

Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?

Options:

A.

Lack of knowledgeable personnel

B.

Lack of communication processes

C.

Lack of process documentation

D.

Lack of alignment with organizational goals

Buy Now
Questions 65

Which of the following should be done FIRST when establishing a new data protection program that must comply with applicable data privacy regulations?

Options:

A.

Evaluate privacy technologies required for data protection.

B.

Encrypt all personal data stored on systems and networks.

C.

Update disciplinary processes to address privacy violations.

D.

Create an inventory of systems where personal data is stored.

Buy Now
Questions 66

An incident handler is preparing a forensic image of a hard drive. Which of the following MUST be done to provide evidence that the image is an exact copy of the original?

Options:

A.

Perform a manual verification of file counts.

B.

Encrypt and back up the hard drive before copying.

C.

Use the same hardware for the image as the original.

D.

Perform digital hashing of the original and the image.

Buy Now
Questions 67

Which of the following BEST protects against emerging advanced persistent threat (APT) actors?

Options:

A.

Honeypot environment

B.

Updated security awareness materials

C.

Ongoing incident response training

D.

Proactive monitoring

Buy Now
Questions 68

Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?

Options:

A.

Perform a risk assessment.

B.

Reduce security hardening settings.

C.

Inform business management of the risk.

D.

Document a security exception.

Buy Now
Questions 69

Which of the following BEST enables an incident response team to determine appropriate actions during an initial investigation?

Options:

A.

Feedback from affected departments

B.

Historical data from past incidents

C.

Technical capabilities of the team

D.

Procedures for incident triage

Buy Now
Questions 70

An organization has acquired a company in a foreign country to gain an advantage in a new market. Which of the following is the FIRST step the information security manager should take?

Options:

A.

Determine which country's information security regulations will be used.

B.

Merge the two existing information security programs.

C.

Apply the existing information security program to the acquired company.

D.

Evaluate the information security laws that apply to the acquired company.

Buy Now
Questions 71

Which of the following is the BEST course of action when an information security manager identifies that systems are vulnerable to emerging threats?

Options:

A.

Frequently update systems and monitor the threat landscape.

B.

Monitor the network containing the affected systems for malicious traffic.

C.

Increase awareness of the threats among employees who work with the systems.

D.

Notify senior management and key stakeholders of the threats.

Buy Now
Questions 72

When remote access is granted to a company's internal network, the MOST important consideration should be that access is provided:

Options:

A.

on a need-to-know basis subject to controls.

B.

subject to legal and regulatory requirements.

C.

by the use of a remote access server.

D.

if a robust IT infrastructure exists.

Buy Now
Questions 73

After a server has been attacked, which of the following is the BEST course of action?

Options:

A.

Initiate incident response.

B.

Review vulnerability assessment.

C.

Conduct a security audit.

D.

Isolate the system.

Buy Now
Questions 74

Which of the following should be the MOST important consideration when establishing information security policies for an organization?

Options:

A.

Job descriptions include requirements to read security policies.

B.

The policies are updated annually.

C.

Senior management supports the policies.

D.

The policies are aligned to industry best practices.

Buy Now
Questions 75

An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:

Options:

A.

determine the security exposures.

B.

assess the ability to integrate the security department operations.

C.

ensure compliance with international standards.

D.

evaluate the security policy and standards.

Buy Now
Questions 76

Which of the following is the MOST effective way to prevent information security incidents?

Options:

A.

Implementing a security information and event management (SIEM) tool

B.

Implementing a security awareness training program for employees

C.

Deploying a consistent incident response approach

D.

Deploying intrusion detection tools in the network environment

Buy Now
Questions 77

Which of the following is the MOST effective way to ensure information security policies are understood?

Options:

A.

Implement a whistle-blower program.

B.

Provide regular security awareness training.

C.

Include security responsibilities in job descriptions.

D.

Document security procedures.

Buy Now
Questions 78

A security incident has been reported within an organization. When should an inforrnation security manager contact the information owner? After the:

Options:

A.

incident has been confirmed.

B.

incident has been contained.

C.

potential incident has been logged.

D.

incident has been mitigated.

Buy Now
Questions 79

A penetration test was conducted by an accredited third party. Which of the following should be the information security manager's FIRST course of action?

Options:

A.

Ensure a risk assessment is performed to evaluate the findings

B.

Ensure vulnerabilities found are resolved within acceptable timeframes

C.

Request funding needed to resolve the top vulnerabilities

D.

Report findings to senior management

Buy Now
Questions 80

Which of the following is MOST important when developing an information security strategy?

Options:

A.

Engage stakeholders.

B.

Assign data ownership.

C.

Determine information types.

D.

Classify information assets.

Buy Now
Questions 81

Which of the following should be done NEXT following senior management's decision to comply with new personal data regulations that are much more stringent than those currently followed to avoid massive fines?

Options:

A.

Encrypt data in transit and at rest.

B.

Complete a return on investment (ROI) analysis.

C.

Create and implement a data minimization plan.

D.

Conduct a gap analysis.

Buy Now
Questions 82

A financial institution is planning to develop a new mobile application. Which of the following is the BEST time to begin assessments of the application's security compliance?

Options:

A.

During user acceptance testing (UAT)

B.

During the design phase

C.

During static code analysis

D.

During regulatory review

Buy Now
Questions 83

An email digital signature will:

Options:

A.

protect the confidentiality of an email message.

B.

verify to recipient the integrity of an email message.

C.

automatically correct unauthorized modification of an email message.

D.

prevent unauthorized modification of an email message.

Buy Now
Questions 84

From a business perspective, the GREATEST benefit of an incident response plan is that it:

Options:

A.

Promotes efficiency by providing predefined response procedures

B.

Improves security responsiveness to disruptive events

C.

Limits the negative impact of disruptive events

D.

Ensures compliance with regulatory requirements

Buy Now
Questions 85

A security incident has been reported within an organization. When should an information security manager contact the information owner?

Options:

A.

After the incident has been contained

B.

After the incident has been mitigated

C.

After the incident has been confirmed

D.

After the potential incident has been logged

Buy Now
Questions 86

The business value of an information asset is derived from:

Options:

A.

the threat profile.

B.

its criticality.

C.

the risk assessment.

D.

its replacement cost.

Buy Now
Questions 87

Which of the following roles is BEST able to influence the security culture within an organization?

Options:

A.

Chief information security officer (CISO)

B.

Chief information officer (CIO)

C.

Chief executive officer (CEO)

D.

Chief operating officer (COO)

Buy Now
Questions 88

Which of the following BEST demonstrates that an anti-phishing campaign is effective?

Options:

A.

Improved staff attendance in awareness sessions

B.

Decreased number of phishing emails received

C.

Improved feedback on the anti-phishing campaign

D.

Decreased number of incidents that have occurred

Buy Now
Questions 89

When choosing the best controls to mitigate risk to acceptable levels, the information security manager's decision should be MAINLY driven by:

Options:

A.

best practices.

B.

control framework

C.

regulatory requirements.

D.

cost-benefit analysis,

Buy Now
Questions 90

The information security manager of a multinational organization has been asked to consolidate the information security policies of its regional locations. Which of the following would be of

GREATEST concern?

Options:

A.

Varying threat environments

B.

Disparate reporting lines

C.

Conflicting legal requirements

D.

Differences in work culture

Buy Now
Questions 91

Which of the following is MOST important to the successful implementation of an information security program?

Options:

A.

Adequate security resources are allocated to the program.

B.

Key performance indicators (KPIs) are defined.

C.

A balanced scorecard is approved by the steering committee.

D.

The program is developed using global security standards.

Buy Now
Questions 92

Which of the following BEST enables an organization to effectively manage emerging cyber risk?

Options:

A.

Periodic internal and external audits

B.

Clear lines of responsibility

C.

Sufficient cyber budget allocation

D.

Cybersecurity policies

Buy Now
Questions 93

IT projects have gone over budget with too many security controls being added post-production. Which of the following would MOST help to ensure that relevant controls are applied to a project?

Options:

A.

Involving information security at each stage of project management

B.

Identifying responsibilities during the project business case analysis

C.

Creating a data classification framework and providing it to stakeholders

D.

Providing stakeholders with minimum information security requirements

Buy Now
Questions 94

Which of the following is MOST appropriate for an organization to consider when defining incident classification and categorization levels?

Options:

A.

Maturity of incident response activities

B.

Threat environment

C.

Quantity of impacted assets

D.

Incident impact

Buy Now
Questions 95

An organization has decided to outsource IT operations. Which of the following should be the PRIMARY focus of the information security manager?

Options:

A.

Security requirements are included in the vendor contract

B.

External security audit results are reviewed.

C.

Service level agreements (SLAs) meet operational standards.

D.

Business continuity contingency planning is provided

Buy Now
Questions 96

Which of the following roles is accountable for ensuring the impact of a new regulatory framework on a business system is assessed?

Options:

A.

Senior management

B.

Application owner

C.

Information security manager

D.

Legal representative

Buy Now
Questions 97

Which of the following is MOST important in order to obtain senior leadership support when presenting an information security strategy?

Options:

A.

The strategy aligns with management’s acceptable level of risk.

B.

The strategy addresses ineffective information security controls.

C.

The strategy aligns with industry benchmarks and standards.

D.

The strategy addresses organizational maturity and the threat environment.

Buy Now
Questions 98

To confirm that a third-party provider complies with an organization's information security requirements, it is MOST important to ensure:

Options:

A.

security metrics are included in the service level agreement (SLA).

B.

contract clauses comply with the organization's information security policy.

C.

the information security policy of the third-party service provider is reviewed.

D.

right to audit is included in the service level agreement (SLA).

Buy Now
Questions 99

An incident response team has been assembled from a group of experienced individuals, Which type of exercise would be MOST beneficial for the team at the first drill?

Options:

A.

Red team exercise

B.

Black box penetration test

C.

Disaster recovery exercise

D.

Tabletop exercise

Buy Now
Questions 100

What is the PRIMARY benefit to an organization when information security program requirements are aligned with employment and staffing processes?

Options:

A.

Security incident reporting procedures are followed.

B.

Security staff turnover is reduced.

C.

Information assets are classified appropriately.

D.

Access is granted based on task requirements.

Buy Now
Questions 101

Which of the following would be the MOST effective way to present quarterly reports to the board on the status of the information security program?

Options:

A.

A capability and maturity assessment

B.

Detailed analysis of security program KPIs

C.

An information security dashboard

D.

An information security risk register

Buy Now
Questions 102

Which of the following is the BEST way to ensure data is not co-mingled or exposed when using a cloud service provider?

Options:

A.

Obtain an independent audit report.

B.

Require the provider to follow stringent data classification procedures.

C.

Include high penalties for security breaches in the contract.

D.

Review the provider's information security policies.

Buy Now
Questions 103

Which of the following is the BEST indication of a mature information security program?

Options:

A.

Security incidents are managed properly.

B.

Security spending is below budget.

C.

Security resources are optimized.

D.

Security audit findings are reduced.

Buy Now
Questions 104

Which of the following is the BEST control to protect customer personal information that is stored in the cloud?

Options:

A.

Timely deletion of digital records

B.

Appropriate data anonymization

C.

Strong encryption methods

D.

Strong physical access controls

Buy Now
Questions 105

Which of the following provides the MOST comprehensive insight into ongoing threats facing an organization?

Options:

A.

Business impact analysis (BIA)

B.

Risk register

C.

Penetration testing

D.

Vulnerability assessment

Buy Now
Questions 106

Which of the following will BEST enable an organization to meet incident response requirements when outsourcing its incident response function?

Options:

A.

Including response times in service level agreements (SLAs)

B.

Including a right-to-audit clause in service level agreements (SLAs)

C.

Contracting with a well-known incident response provider

D.

Requiring comprehensive response applications and tools

Buy Now
Questions 107

Which of the following should be done FIRST when establishing an information security governance framework?

Options:

A.

Evaluate information security tools and skills relevant for the environment.

B.

Gain an understanding of the business and cultural attributes.

C.

Contract a third party to conduct an independent review of the program.

D.

Conduct a cost-benefit analysis of the framework.

Buy Now
Questions 108

Which of the following is MOST important to maintain integration among the incident response plan, business continuity plan (BCP). and disaster recovery plan (DRP)?

Options:

A.

Asset classification

B.

Recovery time objectives (RTOs)

C.

Chain of custody

D.

Escalation procedures

Buy Now
Questions 109

A risk owner has accepted a large amount of risk due to the high cost of controls. Which of the following should be the information security manager's PRIMARY focus in this situation?

Options:

A.

Establishing a strong ongoing risk monitoring process

B.

Presenting the risk profile for approval by the risk owner

C.

Conducting an independent review of risk responses

D.

Updating the information security standards to include the accepted risk

Buy Now
Questions 110

Following an information security risk assessment of a critical system, several significant issues have been identified. Which of the following is MOST important for the information security manager to confirm?

Options:

A.

The risks are reported to the business unit’s senior management

B.

The risks are escalated to the IT department for remediation

C.

The risks are communicated to the central risk function

D.

The risks are entered in the organization's risk register

Buy Now
Questions 111

When developing a business case to justify an information security investment, which of the following would BEST enable an informed decision by senior management?

Options:

A.

The information security strategy

B.

Losses due to security incidents

C.

The results of a risk assessment

D.

Security investment trends in the industry

Buy Now
Questions 112

The BEST way to report to the board on the effectiveness of the information security program is to present:

Options:

A.

a dashboard illustrating key performance metrics.

B.

a summary of the most recent audit findings.

C.

peer-group industry benchmarks.

D.

a report of cost savings from process improvements.

Buy Now
Questions 113

Which of the following should be the PRIMARY area of focus when mitigating security risks associated with emerging technologies?

Options:

A.

Compatibility with legacy systems

B.

Application of corporate hardening standards

C.

Integration with existing access controls

D.

Unknown vulnerabilities

Buy Now
Questions 114

Following an employee security awareness training program, what should be the expected outcome?

Options:

A.

A decrease in the number of viruses detected in incoming emails

B.

A decrease in reported social engineering attacks

C.

An increase in reported social engineering attempts

D.

An increase in user-reported false positive incidents

Buy Now
Questions 115

An organization faces severe fines and penalties if not in compliance with local regulatory requirements by an established deadline. Senior management has asked the information security manager to prepare an action plan to achieve compliance.

Which of the following would provide the MOST useful information for planning purposes? »

Options:

A.

Results from a business impact analysis (BIA)

B.

Deadlines and penalties for noncompliance

C.

Results from a gap analysis

D.

An inventory of security controls currently in place

Buy Now
Questions 116

When testing an incident response plan for recovery from a ransomware attack, which of the following is MOST important to verify?

Options:

A.

Digital currency is immediately available.

B.

Network access requires two-factor authentication.

C.

Data backups are recoverable from an offsite location.

D.

An alternative network link is immediately available.

Buy Now
Questions 117

Which of the following security processes will BEST prevent the exploitation of system vulnerabilities?

Options:

A.

Intrusion detection

B.

Log monitoring

C.

Patch management

D.

Antivirus software

Buy Now
Questions 118

Which of the following is MOST important when conducting a forensic investigation?

Options:

A.

Analyzing system memory

B.

Documenting analysis steps

C.

Capturing full system images

D.

Maintaining a chain of custody

Buy Now
Questions 119

Which of the following BEST determines the allocation of resources during a security incident response?

Options:

A.

Senior management commitment

B.

A business continuity plan (BCP)

C.

An established escalation process

D.

Defined levels of severity

Buy Now
Questions 120

Which of the following BEST ensures information security governance is aligned with corporate governance?

Options:

A.

A security steering committee including IT representation

B.

A consistent risk management approach

C.

An information security risk register

D.

Integration of security reporting into corporate reporting

Buy Now
Questions 121

Internal audit has reported a number of information security issues that are not in compliance with regulatory requirements. What should the information security manager do FIRST?

Options:

A.

Create a security exception.

B.

Perform a gap analysis to determine needed resources.

C.

Perform a vulnerability assessment.

D.

Assess the risk to business operations.

Buy Now
Questions 122

Which of the following is the GREATEST benefit of conducting an organization-wide security awareness program?

Options:

A.

The security strategy is promoted.

B.

Fewer security incidents are reported.

C.

Security behavior is improved.

D.

More security incidents are detected.

Buy Now
Questions 123

To support effective risk decision making, which of the following is MOST important to have in place?

Options:

A.

Established risk domains

B.

Risk reporting procedures

C.

An audit committee consisting of mid-level management

D.

Well-defined and approved controls

Buy Now
Questions 124

Which of the following is MOST important to include in an information security strategy?

Options:

A.

Stakeholder requirements

B.

Risk register

C.

Industry benchmarks

D.

Regulatory requirements

Buy Now
Questions 125

Which of the following would BEST support the business case for an increase in the information security budget?

Options:

A.

Cost-benefit analysis results

B.

Comparison of information security budgets with peer organizations

C.

Business impact analysis (BIA) results

D.

Frequency of information security incidents

Buy Now
Questions 126

Which of the following BEST enables an organization to determine the costs of downtime for a critical application?

Options:

A.

Fault tree analysis

B.

Cost-benefit analysis

C.

Return on investment (ROI) analysis

D.

Business impact analysis (BIA)

Buy Now
Questions 127

The MOST useful technique for maintaining management support for the information security program is:

Options:

A.

informing management about the security of business operations.

B.

implementing a comprehensive security awareness and training program.

C.

identifying the risks and consequences of failure to comply with standards.

D.

benchmarking the security programs of comparable organizations.

Buy Now
Questions 128

Which of the following is the BEST way to enhance training for incident response teams?

Options:

A.

Perform post-incident reviews.

B.

Establish incident key performance indicators (KPIs).

C.

Conduct interviews with organizational units.

D.

Participate in emergency response activities.

Buy Now
Questions 129

What should be the GREATEST concern for an information security manager of a large multinational organization when outsourcing data processing to a cloud service provider?

Options:

A.

Vendor service level agreements (SLAs)

B.

Independent review of the vendor

C.

Local laws and regulations

D.

Backup and restoration of data

Buy Now
Questions 130

A new information security reporting requirement will soon become effective. Which of the following should be the information security manager's FIRST action?

Options:

A.

Conduct a cost-benefit analysis related to noncompliance with the new requirement.

B.

Perform a gap assessment against the new requirement.

C.

Investigate to determine whether the new requirement applies to the business.

D.

Inform senior management of the new requirement.

Buy Now
Questions 131

Management has announced the acquisition of a new company. The information security manager of the parent company is concerned that conflicting access rights may cause critical information to be exposed during the integration of the two companies. To BEST address this concern, the information security manager should:

Options:

A.

review access rights as the acquisition integration occurs.

B.

perform a risk assessment of the access rights.

C.

escalate concerns for conflicting access rights to management.

D.

implement consistent access control standards.

Buy Now
Questions 132

An information security manager has been made aware of a new data protection regulation that will soon go into effect. Which of the following is the BEST way to manage the risk of noncompliance?

Options:

A.

Perform a gap analysis.

B.

Consult with senior management on the best course of action.

C.

Implement a program of work to comply with the new legislation.

D.

Understand the cost of noncompliance.

Buy Now
Questions 133

Which of the following is the BEST course of action when an online company discovers a network attack in progress?

Options:

A.

Dump all event logs to removable media

B.

Isolate the affected network segment

C.

Enable trace logging on ail events

D.

Shut off all network access points

Buy Now
Questions 134

Which or the following is MOST important to consider when determining backup frequency?

Options:

A.

Recovery point objective (RPO)

B.

Recovery time objective (RTO)

C.

Allowable interruption window

D.

Maximum tolerable outage (MTO)

Buy Now
Questions 135

How would the information security program BEST support the adoption of emerging technologies?

Options:

A.

Conducting a control assessment

B.

Developing an emerging technology roadmap

C.

Providing effective risk governance

D.

Developing an acceptable use policy

Buy Now
Questions 136

Which of the following will result in the MOST accurate controls assessment?

Options:

A.

Mature change management processes

B.

Senior management support

C.

Well-defined security policies

D.

Unannounced testing

Buy Now
Questions 137

Implementing the principle of least privilege PRIMARILY requires the identification of:

Options:

A.

job duties

B.

data owners

C.

primary risk factors.

D.

authentication controls

Buy Now
Questions 138

Who is BEST suited to determine how the information in a database should be classified?

Options:

A.

Database analyst

B.

Database administrator (DBA)

C.

Information security analyst

D.

Data owner

Buy Now
Questions 139

As part of incident response activities, the BEST time to begin the recovery process is after:

Options:

A.

The eradication phase has been completed

B.

The incident response team has been established

C.

The root cause has been determined

D.

The incident manager has declared the incident

Buy Now
Questions 140

Which of the following is the BEST method to ensure compliance with password standards?

Options:

A.

Implementing password-synchronization software

B.

Using password-cracking software

C.

Automated enforcement of password syntax rules

D.

A user-awareness program

Buy Now
Questions 141

Which of the following will BEST facilitate the integration of information security governance into enterprise governance?

Options:

A.

Developing an information security policy based on risk assessments

B.

Establishing an information security steering committee

C.

Documenting the information security governance framework

D.

Implementing an information security awareness program

Buy Now
Questions 142

The categorization of incidents is MOST important for evaluating which of the following?

Options:

A.

Appropriate communication channels

B.

Allocation of needed resources

C.

Risk severity and incident priority

D.

Response and containment requirements

Buy Now
Questions 143

To improve the efficiency of the development of a new software application, security requirements should be defined:

Options:

A.

based on code review.

B.

based on available security assessment tools.

C.

after functional requirements.

D.

concurrently with other requirements.

Buy Now
Questions 144

A proposal designed to gain buy-in from senior management for a new security project will be MOST effective if it includes:

Options:

A.

analysis of current threat landscape.

B.

historical data of reported incidents.

C.

projected return on investment (ROI).

D.

industry benchmarking gap analysis.

Buy Now
Questions 145

Data entry functions for a web-based application have been outsourced to a third-party service provider who will work from a remote site Which of the following issues would be of GREATEST concern to an information security manager?

Options:

A.

The application does not use a secure communications protocol

B.

The application is configured with restrictive access controls

C.

The business process has only one level of error checking

D.

Server-based malware protection is not enforced

Buy Now
Questions 146

A recovery point objective (RPO) is required in which of the following?

Options:

A.

Disaster recovery plan (DRP)

B.

Information security plan

C.

Incident response plan

D.

Business continuity plan (BCP)

Buy Now
Questions 147

Which of the following is MOST important for an information security manager to consider when developing a business continuity plan (BCP) for ransomware attacks?

Options:

A.

Backups are maintained offline and regularly tested.

B.

Impacted networks can be detached at the network switch level.

C.

Production data is continuously replicated between primary and secondary sites.

D.

Backups are maintained on multiple sites and regularly reviewed.

Buy Now
Questions 148

Which of the following should an organization do FIRST upon learning that a subsidiary is located in a country where civil unrest has just begun?

Options:

A.

Assess changes in the risk profile.

B.

Activate the disaster recovery plan (DRP).

C.

Invoke the incident response plan.

D.

Conduct security awareness training.

Buy Now
Questions 149

Which of the following is the BEST indicator of a successful intrusion into an organization's systems?

Options:

A.

Decrease in internal network traffic

B.

Increase in the number of failed login attempts

C.

Increase in the number of irregular application requests

D.

Decrease in available storage space

Buy Now
Questions 150

Which of the following BEST indicates the effectiveness of the vendor risk management process?

Options:

A.

Increase in the percentage of vendors certified to a globally recognized security standard

B.

Increase in the percentage of vendors with a completed due diligence review

C.

Increase in the percentage of vendors conducting mandatory security training

D.

Increase in the percentage of vendors that have reported security breaches

Buy Now
Questions 151

Which of the following would BEST mitigate accidental data loss events?

Options:

A.

Conduct periodic user awareness training.

B.

Obtain senior management support for the information security strategy.

C.

Conduct a data loss prevention (DLP) audit.

D.

Enforce a data hard drive encryption policy.

Buy Now
Questions 152

Which type of backup BEST enables an organization to recover data after a ransomware attack?

Options:

A.

Online backup

B.

Incremental backup

C.

Differential backup

D.

Offline backup

Buy Now
Questions 153

Which of the following Is MOST useful to an information security manager when conducting a post-incident review of an attack?

Options:

A.

Cost of the attack to the organization

B.

Location of the attacker

C.

Method of operation used by the attacker

D.

Details from intrusion detection system (IDS) logs

Buy Now
Questions 154

Which of the following BEST enables an information security manager to obtain organizational support for the implementation of security controls?

Options:

A.

Conducting periodic vulnerability assessments

B.

Communicating business impact analysis (BIA) results

C.

Establishing effective stakeholder relationships

D.

Defining the organization's risk management framework

Buy Now
Questions 155

Which of the following should be the GREATEST consideration when determining the recovery time objective (RTO) for an in-house critical application, database, or server?

Options:

A.

Impact of service interruption

B.

Results of recovery testing

C.

Determination of recovery point objective (RPO)

D.

Direction from senior management

Buy Now
Questions 156

Which of the following BEST facilitates the development of a comprehensive information security policy?

Options:

A.

Alignment with an established information security framework

B.

An established internal audit program

C.

Security key performance indicators (KPIs)

D.

Areview of recent information security incidents

Buy Now
Questions 157

A post-incident review identified that user error resulted in a major breach. Which of the following is MOST important to determine during the review?

Options:

A.

The time and location that the breach occurred

B.

Evidence of previous incidents caused by the user

C.

The underlying reason for the user error

D.

Appropriate disciplinary procedures for user error

Buy Now
Questions 158

An organization is selecting security metrics to measure security performance, and a firewall specialist suggests tracking the number of external attacks blocked by the firewalls. Which of the following is the GREATEST concern with using this metric?

Options:

A.

The number of blocked external attacks is not representative of the true threat profile.

B.

The number of blocked external attacks will vary by month, causing inconsistent graphs.

C.

The number of blocked external attacks is an indicator of the organization's popularity.

D.

The number of blocked external attacks over time does not explain the attackers' motivations.

Buy Now
Questions 159

An organization has identified a weakness in the ability of its employees to identify and report cybersecurity incidents. Although training materials have been provided, employees show a lack of interest. Which of the following is the information security manager’s BEST course of action?

Options:

A.

Block network access until security awareness training is complete.

B.

Conduct an enterprise cybersecurity risk assessment.

C.

Obtain key stakeholder and leadership support.

D.

Send an email mandating training for the employees.

Buy Now
Questions 160

Which of the following BEST facilitates effective incident response testing?

Options:

A.

Including all business units in testing

B.

Simulating realistic test scenarios

C.

Reviewing test results quarterly

D.

Testing after major business changes

Buy Now
Questions 161

Recovery time objectives (RTOs) are an output of which of the following?

Options:

A.

Business continuity plan (BCP)

B.

Disaster recovery plan (DRP)

C.

Service level agreement (SLA)

D.

Business impact analysis (BIA)

Buy Now
Questions 162

The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:

Options:

A.

the internal audit manager.

B.

the information security officer.

C.

the steering committee.

D.

the board of directors.

Buy Now
Questions 163

Which of the following is the sole responsibility of the client organization when adopting a Software as a Service (SaaS) model?

Options:

A.

Host patching

B.

Penetration testing

C.

Infrastructure hardening

D.

Data classification

Buy Now
Questions 164

What should be the FIRST step when an Internet of Things (loT) device in an organization's network is confirmed to have been hacked?

Options:

A.

Monitor the network.

B.

Perform forensic analysis.

C.

Disconnect the device from the network,

D.

Escalate to the incident response team

Buy Now
Questions 165

Which of the following BEST facilitates the reporting of useful information about the effectiveness of the information security program?

Options:

A.

Risk heat map.

B.

Security benchmark report.

C.

Security metrics dashboard.

D.

Key risk indicators (KRIs).

Buy Now
Questions 166

An information security manager has been asked to provide both one-year and five-year plans for the information security program. What is the PRIMARY purpose for the long-term plan?

Options:

A.

To facilitate the continuous improvement of the IT organization

B.

To ensure controls align with security needs

C.

To create and document required IT capabilities

D.

To prioritize security risks on a longer scale than the one-year plan

Buy Now
Questions 167

Which of the following is MOST important to have in place when conducting a security control assessment of a system?

Options:

A.

Control specifications

B.

Assurance test plan

C.

Scanning tools

D.

Security documentation

Buy Now
Questions 168

A small organization has a contract with a multinational cloud computing vendor. Which of the following would present the GREATEST concern to an information security manager if omitted from the contract?

Options:

A.

Right of the subscriber to conduct onsite audits of the vendor

B.

Escrow of software code with conditions for code release

C.

Authority of the subscriber to approve access to its data

D.

Commingling of subscribers' data on the same physical server

Buy Now
Questions 169

In violation of a policy prohibiting the use of cameras at the office, employees have been issued smartphones and tablet computers with enabled web cameras. Which of the following should be the information security manager's FIRST course of action?

Options:

A.

Revise the policy.

B.

Perform a root cause analysis.

C.

Conduct a risk assessment,

D.

Communicate the acceptable use policy.

Buy Now
Questions 170

Which of the following BEST enables an organization to provide ongoing assurance that legal and regulatory compliance requirements can be met?

Options:

A.

Embedding compliance requirements within operational processes

B.

Engaging external experts to provide guidance on changes in compliance requirements

C.

Performing periodic audits for compliance with legal and regulatory requirements

D.

Assigning the operations manager accountability for meeting compliance requirements

Buy Now
Questions 171

When updating the information security policy to accommodate a new regulation, the information security manager should FIRST:

Options:

A.

Review key risk indicators (KRIs)

B.

Perform a gap analysis

C.

Consult process owners

D.

Update key performance indicators (KPIs)

Buy Now
Questions 172

Which of the following would BEST enable a new information security manager to obtain senior management support for an information security governance program?

Options:

A.

Demonstrating the program's value to the organization

B.

Discussing governance programs found in similar organizations

C.

Providing the results of external audits

D.

Providing examples of information security incidents within the organization

Buy Now
Questions 173

Which of the following should be done FIRST once a cybersecurity attack has been confirmed?

Options:

A.

Isolate the affected system.

B.

Notify senior management.

C.

Power down the system.

D.

Contact legal authorities.

Buy Now
Questions 174

The PRIMARY purpose of vulnerability identification is to:

Options:

A.

Remediate vulnerabilities before they are exploited

B.

Discover control deficiencies

C.

Provide vulnerability identifiers for risk reporting

D.

Prioritize vulnerability remediation

Buy Now
Questions 175

If civil litigation is a goal for an organizational response to a security incident, the PRIMARY step should be to:

Options:

A.

contact law enforcement.

B.

document the chain of custody.

C.

capture evidence using standard server-backup utilities.

D.

reboot affected machines in a secure area to search for evidence.

Buy Now
Questions 176

Which of the following is the MOST common cause of cybersecurity breaches?

Options:

A.

Lack of adequate password rotation

B.

Human error

C.

Abuse of privileged accounts

D.

Lack of control baselines

Buy Now
Questions 177

Which of the following is the BEST way to achieve compliance with new global regulations related to the protection of personal information?

Options:

A.

Execute a risk treatment plan.

B.

Review contracts and statements of work (SOWs) with vendors.

C.

Implement data regionalization controls.

D.

Determine current and desired state of controls.

Buy Now
Questions 178

What is the role of the information security manager in finalizing contract negotiations with service providers?

Options:

A.

To perform a risk analysis on the outsourcing process

B.

To obtain a security standard certification from the provider

C.

To update security standards for the outsourced process

D.

To ensure that clauses for periodic audits are included

Buy Now
Questions 179

An organization's HR department requires that employee account privileges be removed from all corporate IT systems within three days of termination to comply with a government regulation However, the systems all have different user directories, and it currently takes up to four weeks to remove the privileges Which of the following would BEST enable regulatory compliance?

Options:

A.

Multi-factor authentication (MFA) system

B.

Identity and access management (IAM) system

C.

Privileged access management (PAM) system

D.

Governance, risk, and compliance (GRC) system

Buy Now
Questions 180

An information security program is BEST positioned for success when it is closely aligned with:

Options:

A.

information security best practices.

B.

recognized industry frameworks.

C.

information security policies.

D.

the information security strategy.

Buy Now
Questions 181

Which of the following is MOST important for the improvement of a business continuity plan (BCP)?

Options:

A.

Incorporating lessons learned

B.

Implementing an IT resilience solution

C.

Implementing management reviews

D.

Documenting critical business processes

Buy Now
Questions 182

Which of the following is the BEST way to address data availability concerns when outsourcing information security administration?

Options:

A.

Develop service level agreements (SLAs).

B.

Stipulate insurance requirements.

C.

Require nondisclosure agreements (NDAs).

D.

Create contingency plans.

Buy Now
Questions 183

Which of the following is an information security manager's MOST important course of action when responding to a major security incident that could disrupt the business?

Options:

A.

Follow the escalation process.

B.

Identify the indicators of compromise.

C.

Notify law enforcement.

D.

Contact forensic investigators.

Buy Now
Questions 184

Which of the following will BEST facilitate integrating the information security program into corporate governance?

Options:

A.

An up-to-date security strategy

B.

Documentation of the threat landscape

C.

Documentation of residual risk

D.

A minimum security baseline

Buy Now
Questions 185

Which of the following should be the PRIMARY focus for an information security manager when reviewing access controls for data stored in an off-premise cloud environment?

Options:

A.

Reviewing and updating access controls in response to changes in organizational structure

B.

Implementing strong password policies and enforcing regular password changes

C.

Ensuring access is granted to only those individuals whose job functions require it

D.

Implementing strong encryption protocols to protect sensitive data

Buy Now
Questions 186

Which of the following is the BEST approach for managing user access permissions to ensure alignment with data classification?

Options:

A.

Enable multi-factor authentication on user and admin accounts.

B.

Review access permissions annually or whenever job responsibilities change

C.

Lock out accounts after a set number of unsuccessful login attempts.

D.

Delegate the management of access permissions to an independent third party.

Buy Now
Questions 187

Who is accountable for ensuring proper controls are in place to address the confidentiality and availability of an information system?

Options:

A.

Senior management

B.

Information owner

C.

Business manager

D.

Information security manager

Buy Now
Questions 188

Which of the following is the MOST critical factor for information security program success?

Options:

A.

comprehensive risk assessment program for information security

B.

The information security manager's knowledge of the business

C.

Security staff with appropriate training and adequate resources

D.

Ongoing audits and addressing open items

Buy Now
Questions 189

A common drawback of email software packages that provide native encryption of messages is that the encryption:

Options:

A.

cannot encrypt attachments

B.

cannot interoperate across product domains.

C.

has an insufficient key length.

D.

has no key-recovery mechanism.

Buy Now
Questions 190

Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a public-facing web server?

Options:

A.

Execution of unauthorized commands

B.

Prevention of authorized access

C.

Defacement of website content

D.

Unauthorized access to resources

Buy Now
Questions 191

Which of the following BEST enables the capability of an organization to sustain the delivery of products and services within acceptable time frames and at predefined capacity during a disruption?

Options:

A.

Service level agreement (SLA)

B.

Business continuity plan (BCP)

C.

Disaster recovery plan (DRP)

D.

Business impact analysis (BIA)

Buy Now
Questions 192

How does an organization PRIMARILY benefit from the creation of an information security steering committee?

Options:

A.

An increase in information security risk awareness

B.

An increased alignment with industry security trends that impact the business

C.

An increased focus on information security resource management

D.

An increased alignment of information security with the business

Buy Now
Questions 193

Which of the following is the BEST indication ofa successful information security culture?

Options:

A.

Penetration testing is done regularly and findings remediated.

B.

End users know how to identify and report incidents.

C.

Individuals are given roles based on job functions.

D.

The budget allocated for information security is sufficient.

Buy Now
Questions 194

Which of the following is the BEST indication that an organization has integrated information security governance with corporate governance?

Options:

A.

Security performance metrics are measured against business objectives.

B.

Impact is measured according to business loss when assessing IT risk.

C.

Security policies are reviewed whenever business objectives are changed.

D.

Service levels for security vendors are defined according to business needs.

Buy Now
Questions 195

An organization is transitioning to a Zero Trust architecture. Which of the following is the information security manager's BEST approach for communicating the implications of this transition to the board of directors?

Options:

A.

Present a diagram of core Zero Trust logical components to help visualize the architectural changes

B.

Summarize the training plan and end user feedback in an internal portal and send the link to the board

C.

Prepare a report on the Zero Trust implementation that includes a status dashboard and timeline

D.

Provide an outline of the business impact in terms of risk reduction and changes in user experience

Buy Now
Questions 196

Due to changes in an organization's environment, security controls may no longer be adequate. What is the information security manager's BEST course of action?

Options:

A.

Review the previous risk assessment and countermeasures.

B.

Perform a new risk assessment,

C.

Evaluate countermeasures to mitigate new risks.

D.

Transfer the new risk to a third party.

Buy Now
Questions 197

Which of the following BEST indicates the organizational benefit of an information security solution?

Options:

A.

Cost savings the solution brings to the information security department

B.

Reduced security training requirements

C.

Alignment to security threats and risks

D.

Costs and benefits of the solution calculated over time

Buy Now
Questions 198

The information security manager has been notified of a new vulnerability that affects key data processing systems within the organization Which of the following should be done FIRST?

Options:

A.

Inform senior management

B.

Re-evaluate the risk

C.

Implement compensating controls

D.

Ask the business owner for the new remediation plan

Buy Now
Questions 199

Within the confidentiality, integrity, and availability (CIA) triad, which of the following activities BEST supports the concept of

confidentiality?

Options:

A.

Ensuring hashing of administrator credentials

B.

Enforcing service level agreements (SLAs)

C.

Ensuring encryption for data in transit

D.

Utilizing a formal change management process

Buy Now
Questions 200

An organization's quality process can BEST support security management by providing:

Options:

A.

security configuration controls.

B.

assurance that security requirements are met.

C.

guidance for security strategy.

D.

a repository for security systems documentation.

Buy Now
Questions 201

Which of the following should include contact information for representatives of equipment and software vendors?

Options:

A.

Information security program charter

B.

Business impact analysis (BIA)

C.

Service level agreements (SLAs)

D.

Business continuity plan (BCP)

Buy Now
Questions 202

Which of the following should be the PRIMARY objective when establishing a new information security program?

Options:

A.

Executing the security strategy

B.

Minimizing organizational risk

C.

Optimizing resources

D.

Facilitating operational security

Buy Now
Questions 203

Which of the following is MOST helpful in determining an organization's current capacity to mitigate risks?

Options:

A.

Capability maturity model

B.

Vulnerability assessment

C.

IT security risk and exposure

D.

Business impact analysis (BIA)

Buy Now
Questions 204

To help ensure that an information security training program is MOST effective, its contents should be:

Options:

A.

based on recent incidents.

B.

based on employees’ roles.

C.

aligned to business processes.

D.

focused on information security policy.

Buy Now
Questions 205

Which of the following metrics would provide an accurate measure of an information security program's performance?

Options:

A.

A collection of qualitative indicators that accurately measure security exceptions

B.

A combination of qualitative and quantitative trends that enable decision making

C.

A collection of quantitative indicators that are compared against industry benchmarks

D.

A single numeric score derived from various measures assigned to the security program

Buy Now
Questions 206

Which of the following is MOST important for the successful implementation of an incident response plan?

Options:

A.

Ensuring response staff are appropriately trained

B.

Developing metrics for incident response reporting

C.

Establishing an escalation process for the help desk

D.

Developing a RACI chart of response staff functions

Buy Now
Questions 207

Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?

Options:

A.

Perform a full data backup.

B.

Conduct ransomware awareness training for all staff.

C.

Update indicators of compromise in the security systems.

D.

Review the current risk assessment.

Buy Now
Questions 208

Which of the following should be an information security manager s MOST important consideration when determining the priority for implementing security controls?

Options:

A.

Alignment with industry benchmarks

B.

Results of business impact analyses (BIAs)

C.

Possibility of reputational loss due to incidents

D.

Availability of security budget

Buy Now
Questions 209

Which of the following is the MOST important consideration when developing key performance indicators (KPIs) for the information security program?

Options:

A.

Alignment with financial reporting

B.

Alignment with business initiatives

C.

Alignment with industry frameworks

D.

Alignment with risk appetite

Buy Now
Questions 210

Which of the following should an information security manager do FIRST after discovering that a business unit has implemented a newly purchased application and bypassed the change management process?

Options:

A.

Revise the procurement process.

B.

Update the change management process.

C.

Discuss the issue with senior leadership.

D.

Remove the application from production.

Buy Now
Questions 211

An information security manager has become aware that a third-party provider is not in compliance with the statement of work (SOW). Which of the following is the BEST course of action?

Options:

A.

Notify senior management of the issue.

B.

Report the issue to legal personnel.

C.

Initiate contract renegotiation.

D.

Assess the extent of the issue.

Buy Now
Questions 212

Which of the following is the PRIMARY objective of information asset classification?

Options:

A.

Vulnerability reduction

B.

Compliance management

C.

Risk management

D.

Threat minimization

Buy Now
Questions 213

Which of the following should be an information security manager's PRIMARY concern when an organization is expanding business to a new country?

Options:

A.

Compliance with local regulations

B.

Changes in IT infrastructure

C.

Cultural differences in the new country

D.

Ability to gather customer data

Buy Now
Questions 214

Which of the following BEST supports the incident management process for attacks on an organization's supply chain?

Options:

A.

Including service level agreements (SLAs) in vendor contracts

B.

Establishing communication paths with vendors

C.

Requiring security awareness training for vendor staff

D.

Performing integration testing with vendor systems

Buy Now
Questions 215

The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:

Options:

A.

)the information security officer.

B.

the steering committee.

C.

the board of directors.

D.

the internal audit manager.

Buy Now
Questions 216

While conducting a test of a business continuity plan (BCP), which of the following is the MOST important consideration?

Options:

A.

The test is scheduled to reduce operational impact.

B.

The test involves IT members in the test process.

C.

The test addresses the critical components.

D.

The test simulates actual prime-time processing conditions.

Buy Now
Questions 217

Which of the following BEST indicates misalignment of security policies with business objectives?

Options:

A.

Low completion rate of employee awareness training

B.

Lack of adequate funding for the security program

C.

A large number of long-term policy exceptions

D.

A large number of user noncompliance incidents

Buy Now
Questions 218

Which of the following is the PRIMARY reason to review the firewall logs when an external network-based attack is reported by the intrusion detection system (IDS)?

Options:

A.

To validate the incident

B.

To review network configurations

C.

To validate the payload signature

D.

To devise the incident response strategy

Buy Now
Questions 219

Which of the following BEST helps to ensure the effective execution of an organization's disaster recovery plan (DRP)?

Options:

A.

The plan is reviewed by senior and IT operational management.

B.

The plan is based on industry best practices.

C.

Process steps are documented by the disaster recovery team.

D.

Procedures are available at the primary and failover location.

Buy Now
Questions 220

To help ensure that an information security training program is MOST effective its contents should be

Options:

A.

focused on information security policy.

B.

aligned to business processes

C.

based on employees' roles

D.

based on recent incidents

Buy Now
Questions 221

Which of the following is the PRIMARY reason to perform regular reviews of the cybersecurity threat landscape?

Options:

A.

To compare emerging trends with the existing organizational security posture

B.

To communicate worst-case scenarios to senior management

C.

To train information security professionals to mitigate new threats

D.

To determine opportunities for expanding organizational information security

Buy Now
Questions 222

In addition to executive sponsorship and business alignment, which of the following is MOST critical for information security governance?

Options:

A.

Ownership of security

B.

Compliance with policies

C.

Auditability of systems

D.

Allocation of training resources

Buy Now
Questions 223

Which of the following is MOST important to complete during the recovery phase of an incident response process before bringing affected systems back online?

Options:

A.

Record and close security incident tickets.

B.

Test and verify that compromisedsystems are clean.

C.

Document recovery steps for senior management reporting.

D.

Capture and preserve forensic images of affected systems.

Buy Now
Questions 224

Which of the following has the GREATEST influence on the successful integration of information security within the business?

Options:

A.

Organizational structure and culture

B.

Risk tolerance and organizational objectives

C.

The desired state of the organization

D.

Information security personnel

Buy Now
Questions 225

Which of the following is MOST important for the effective implementation of an information security governance program?

Options:

A.

Employees receive customized information security training

B.

The program budget is approved and monitored by senior management

C.

The program goals are communicated and understood by the organization.

D.

Information security roles and responsibilities are documented.

Buy Now
Questions 226

Which of the following would be MOST useful when determining the business continuity strategy for a large organization's data center?

Options:

A.

Stakeholder feedback analysis

B.

Business continuity risk analysis

C.

Incident root cause analysis

D.

Business impact analysis (BIA)

Buy Now
Questions 227

Which of the following provides the MOST assurance that a third-party hosting provider will be able to meet availability requirements?

Options:

A.

Right-to-audit clause

B.

The third party's incident response plan

C.

Service level agreement (SLA)

D.

The third party's business continuity plan (BCP)

Buy Now
Questions 228

An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:

Options:

A.

service level agreements (SLAs)

B.

security requirements for the process being outsourced.

C.

risk-reporting methodologies.

D.

security metrics

Buy Now
Questions 229

A new application has entered the production environment with deficient technical security controls. Which of the following is MOST Likely the root cause?

Options:

A.

Inadequate incident response controls

B.

Lack of legal review

C.

Inadequate change control

D.

Lack of quality control

Buy Now
Questions 230

Which of the following roles is BEST suited to validate user access requirements during an annual user access review?

Options:

A.

Access manager

B.

IT director

C.

System administrator

D.

Business owner

Buy Now
Questions 231

Which of the following should be the FIRST step in developing an information security strategy?

Options:

A.

Determine acceptable levels of information security risk

B.

Create a roadmap to identify security baselines and controls

C.

Perform a gap analysis based on the current state

D.

Identify key stakeholders to champion information security

Buy Now
Questions 232

Senior management wants to thoroughly test a disaster recovery plan (DRP) for a mission-critical system. Which of the following would provide the MOST reliable results?

Options:

A.

Full interruption test

B.

Parallel test

C.

Simulation test

D.

Structured walk-through

Buy Now
Questions 233

An organization is planning to outsource the execution of its disaster recovery activities. Which of the following would be MOST important to include in the outsourcing agreement?

Options:

A.

Definition of when a disaster should be declared

B.

Requirements for regularly testing backups

C.

Recovery time objectives (RTOs)

D.

The disaster recovery communication plan

Buy Now
Questions 234

Which of the following has the GREATEST influence on an organization's information security strategy?

Options:

A.

The organization's risk tolerance

B.

The organizational structure

C.

Industry security standards

D.

Information security awareness

Buy Now
Questions 235

Which of the following should be updated FIRST when aligning the incident response plan with the corporate strategy?

Options:

A.

Disaster recovery plan (DRP)

B.

Incident notification plan

C.

Risk response scenarios

D.

Security procedures

Buy Now
Questions 236

Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:

Options:

A.

quickly resolved and eliminated regardless of cost.

B.

tracked and reported on until their final resolution.

C.

documented in security awareness programs.

D.

noted and re-examined later if similar weaknesses are found.

Buy Now
Questions 237

Which of the following is MOST helpful in determining whether a phishing email is malicious?

Options:

A.

Security awareness training

B.

Reverse engineering

C.

Threat intelligence

D.

Sandboxing

Buy Now
Questions 238

An organization's automated security monitoring tool generates an excessively large amount of falsq positives. Which of the following is the BEST method to optimize the monitoring process?

Options:

A.

Report only critical alerts.

B.

Change reporting thresholds.

C.

Reconfigure log recording.

D.

Monitor incidents in a specific time frame.

Buy Now
Questions 239

Which of the following elements of a service contract would BEST enable an organization to monitor the information security risk associated with a cloud service provider?

Options:

A.

Indemnification clause

B.

Breach detection and notification

C.

Compliance status reporting

D.

Physical access to service provider premises

Buy Now
Questions 240

A new regulatory requirement affecting an organization's information security program is released. Which of the following should be the information security manager's FIRST course of action?

Options:

A.

Perform a gap analysis.

B.

Conduct benchmarking.

C.

Notify the legal department.

D.

Determine the disruption to the business.

Buy Now
Questions 241

A PRIMARY purpose of creating security policies is to:

Options:

A.

define allowable security boundaries.

B.

communicate management's security expectations.

C.

establish the way security tasks should be executed.

D.

implement management's security governance strategy.

Buy Now
Questions 242

Which of the following is the MOST important outcome of a post-incident review?

Options:

A.

The impact of the incident is reported to senior management.

B.

The system affected by the incident is restored to its prior state.

C.

The person responsible for the incident is identified.

D.

The root cause of the incident is determined.

Buy Now
Questions 243

Which of the following would be MOST effective in reducing the impact of a distributed denial of service (DDoS) attack?

Options:

A.

Impose state limits on servers.

B.

Spread a site across multiple ISPs.

C.

Block the attack at the source.

D.

Harden network security.

Buy Now
Questions 244

An incident response team has established that an application has been breached. Which of the following should be done NEXT?

Options:

A.

Maintain the affected systems in a forensically acceptable state

B.

Conduct a risk assessment on the affected application

C.

Inform senior management of the breach.

D.

Isolate the impacted systems from the rest of the network

Buy Now
Questions 245

Which of the following BEST supports investments in an information security program?

Options:

A.

Business cases

B.

Business impact analysis (BIA)

C.

Gap analysis results

D.

Risk assessment results

Buy Now
Questions 246

Which of the following BEST facilitates an information security manager's efforts to obtain senior management commitment for an information security program?

Options:

A.

Presenting evidence of inherent risk

B.

Reporting the security maturity level

C.

Presenting compliance requirements

D.

Communicating the residual risk

Buy Now
Questions 247

Which of the following is the PRIMARY reason to regularly update business continuity and disaster recovery documents?

Options:

A.

To enforce security policy requirements

B.

To maintain business asset inventories

C.

To ensure audit and compliance requirements are met

D.

To ensure the availability of business operations

Buy Now
Questions 248

Which of the following provides an information security manager with the MOST accurate indication of the organization's ability to respond to a cyber attack?

Options:

A.

Walk-through of the incident response plan

B.

Black box penetration test

C.

Simulated phishing exercise

D.

Red team exercise

Buy Now
Questions 249

A recent application security assessment identified a number of low- and medium-level vulnerabilities. Which of the following stakeholders is responsible for deciding the appropriate risk treatment option?

Options:

A.

Security manager

B.

Chief information security officer (CISO)

C.

System administrator

D.

Business owner

Buy Now
Questions 250

An organization engages a third-party vendor to monitor and support a financial application under scrutiny by regulators. Which of the following controls would MOST effectively manage risk to the organization?

Options:

A.

Implementing separation of duties between systems and data

B.

Including penalty clauses for noncompliance in the vendor contract

C.

Disabling vendor access and only re-enabling when access is needed

D.

Monitoring key risk indicators (KRIs)

Buy Now
Questions 251

What should a global information security manager do FIRST when informed that a new regulation with significant impact will go into effect soon?

Options:

A.

Perform a privacy impact assessment (PIA).

B.

Perform a vulnerability assessment.

C.

Perform a gap analysis.

D.

Perform a business impact analysis (BIA).

Buy Now
Questions 252

Which of the following provides the BEST evidence that a newly implemented security awareness program has been effective?

Options:

A.

Senior management supports funding for ongoing awareness training.

B.

Employees from each department have completed the required training.

C.

There has been an increase in the number of phishing attempts reported.

D.

There have been no reported successful phishing attempts since the training started.

Buy Now
Questions 253

Which of the following should be done FIRST when developing a business continuity plan (BCP)?

Options:

A.

Review current recovery policies.

B.

Define the organizational strategy.

C.

Prioritize the critical processes.

D.

Review existing cyber insurance coverage.

Buy Now
Questions 254

A small organization with limited budget hires a new information security manager who finds the same IT staff member is assigned the responsibility of system administrator, security administrator, database administrator (DBA), and application administrator What is the manager's BEST course of action?

Options:

A.

Automate user provisioning activities.

B.

Maintain strict control over user provisioning activities.

C.

Formally document IT administrator activities.

D.

Implement monitoring of IT administrator activities.

Buy Now
Questions 255

A global organization has outsourced security processes to a service provider by means of a global agreement. What is the MOST efficient approach to meet country-specific regulatory requirements?

Options:

A.

Include binding corporate rules into the global agreement

B.

Set up a governance organization for each country

C.

Review the agreement for each country separately

D.

Set up companion agreements for each country

Buy Now
Questions 256

Which of the following is the BEST reason to implement a comprehensive information security management system?

To ensure continuous alignment with the organizational strategy

To gain senior management support for the information security program

To support identification of key risk indicators (KRIs)

Options:

A.

To facilitate compliance with external regulatory requirements

Buy Now
Questions 257

Which of the following is a desired outcome of information security governance?

Options:

A.

Penetration test

B.

Improved risk management

C.

Business agility

D.

A maturity model

Buy Now
Questions 258

An enterprise has decided to procure security services from a third-party vendor to support its information security program. Which of the following is MOST important to include in the vendor selection criteria?

Options:

A.

Feedback from the vendor's previous clients

B.

Alignment of the vendor's business objectives with enterprise security goals

C.

The maturity of the vendor's internal control environment

D.

Penetration testing against the vendor's network

Buy Now
Questions 259

A business unit recently integrated the organization's new strong password policy into its business application which requires users to reset passwords every 30 days. The help desk is now flooded with password reset requests. Which of the following is the information security manager's BEST course of action to address this situation?

Options:

A.

Provide end-user training.

B.

Escalate to senior management.

C.

Continue to enforce the policy.

D.

Conduct a business impact analysis (BIA).

Buy Now
Questions 260

During which of the following development phases is it MOST challenging to implement security controls?

Options:

A.

Post-implementation phase

B.

Implementation phase

C.

Development phase

D.

Design phase

Buy Now
Questions 261

Which of the following is the MOST important characteristic of an effective information security metric?

Options:

A.

The metric expresses residual risk relative to risk tolerance.

B.

The metric is frequently reported to senior management.

C.

The metric directly maps to an industry risk management framework.

D.

The metric compares the organization's inherent risk against its risk appetite.

Buy Now
Questions 262

An information security manager is assessing security risk associated with a cloud service provider. Which of the following is the MOST appropriate reference to consult when performing this assessment?

Options:

A.

Previous provider service level agreements (SLAs)

B.

Security control frameworks

C.

Threat intelligence reports

D.

Penetration test results from the provider

Buy Now
Questions 263

Which of the following BEST facilitates effective strategic alignment of security initiatives?

Options:

A.

The business strategy is periodically updated

B.

Procedures and standards are approved by department heads.

C.

Periodic security audits are conducted by a third-party.

D.

Organizational units contribute to and agree on priorities

Buy Now
Questions 264

Which of the following is MOST useful to an information security manager when determining the need to escalate an incident to senior?

Options:

A.

Incident management procedures

B.

Incident management policy

C.

System risk assessment

D.

Organizational risk register

Buy Now
Questions 265

When developing security processes for handling credit card data on the business unit's information system, the information security manager should FIRST:

Options:

A.

ensure alignment with industry encryption standards.

B.

ensure that systems that handle credit card data are segmented.

C.

review industry best practices for handling secure payments.

D.

review corporate policies regarding credit card information.

Buy Now
Questions 266

An organization needs to comply with new security incident response requirements. Which of the following should the information security manager do FIRST?

Options:

A.

Create a business case for a new incident response plan.

B.

Revise the existing incident response plan.

C.

Conduct a gap analysis.

D.

Assess the impact to the budget,

Buy Now
Questions 267

An organization has acquired a new system with strict maintenance instructions and schedules. Where should this information be documented?

Options:

A.

Standards

B.

Policies

C.

Guidelines

D.

Procedures

Buy Now
Questions 268

Which of the following has the GREATEST impact on efforts to improve an organization's security posture?

Options:

A.

Regular reporting to senior management

B.

Supportive tone at the top regarding security

C.

Automation of security controls

D.

Well-documented security policies and procedures

Buy Now
Questions 269

An employee of an organization has reported losing a smartphone that contains sensitive information The BEST step to address this situation is to:

Options:

A.

disable the user's access to corporate resources.

B.

terminate the device connectivity.

C.

remotely wipe the device

D.

escalate to the user's management

Buy Now
Questions 270

The PRIMARY goal of a post-incident review should be to:

Options:

A.

establish the cost of the incident to the business.

B.

determine why the incident occurred.

C.

identify policy changes to prevent a recurrence.

D.

determine how to improve the incident handling process.

Buy Now
Questions 271

Which of the following should be considered FIRST when recovering a compromised system that needs a complete rebuild?

Options:

A.

Patch management files

B.

Network system logs

C.

Configuration management files

D.

Intrusion detection system (IDS) logs

Buy Now
Questions 272

Which type of plan is PRIMARILY intended to reduce the potential impact of security events that may occur?

Options:

A.

Security awareness plan

B.

Business continuity plan (BCP)

C.

Disaster recovery plan (DRP)

D.

Incident response plan

Buy Now
Questions 273

Which of the following is the BEST way to build a risk-aware culture?

Options:

A.

Periodically change risk awareness messages.

B.

Ensure that threats are documented and communicated in a timely manner.

C.

Establish a channel for staff to report risks.

D.

Periodically test compliance with security controls.

Buy Now
Questions 274

When properly implemented, secure transmission protocols protect transactions:

Options:

A.

from eavesdropping.

B.

from denial of service (DoS) attacks.

C.

on the client desktop.

D.

in the server's database.

Buy Now
Questions 275

Which of the following is the MOST important function of an information security steering committee?

Options:

A.

Assigning data classifications to organizational assets

B.

Developing organizational risk assessment processes

C.

Obtaining multiple perspectives from the business

D.

Defining security standards for logical access controls

Buy Now
Questions 276

What is the PRIMARY reason to involve stakeholders from various business units when developing an information security policy?

Options:

A.

To share responsibility for addressing security breaches

B.

To gain acceptance of the policy across the organization

C.

To decrease the workload of the IT department

D.

To reduce the overall cost of policy development

Buy Now
Questions 277

Which of the following is the BEST method for determining whether new risks exist in legacy systems?

Options:

A.

Frequent updates to the risk register

B.

Regularly scheduled security audits

C.

Frequent security architecture reviews

D.

Regularly scheduled risk assessments

Buy Now
Questions 278

Which of the following should an information security manager do FIRST when there is a conflict between the organization's information security policy and a local regulation?

Options:

A.

Enforce the local regulation.

B.

Obtain legal guidance.

C.

Enforce the organization's information security policy.

D.

Obtain an independent assessment of the regulation.

Buy Now
Questions 279

Which of the following is the MOST important reason to conduct interviews as part of the business impact analysis (BIA) process?

Options:

A.

To facilitate a qualitative risk assessment following the BIA

B.

To increase awareness of information security among key stakeholders

C.

To ensure the stakeholders providing input own the related risk

D.

To obtain input from as many relevant stakeholders as possible

Buy Now
Questions 280

A user reports a stolen personal mobile device that stores sensitive corporate data. Which of the following will BEST minimize the risk of data exposure?

Options:

A.

Prevent the user from using personal mobile devices.

B.

Report the incident to the police.

C.

Wipe the device remotely.

D.

Remove user's access to corporate data.

Buy Now
Questions 281

Which of the following is a viable containment strategy for a distributed denial of service (DDoS) attack?

Options:

A.

Block IP addresses used by the attacker

B.

Redirect the attacker's traffic

C.

Disable firewall ports exploited by the attacker.

D.

Power off affected servers

Buy Now
Questions 282

What is the MOST important consideration for an organization operating in a highly regulated market when new regulatory requirements with high impact to the business need to be implemented?

Options:

A.

Engaging an external audit

B.

Establishing compensating controls

C.

Enforcing strong monitoring controls

D.

Conducting a gap analysis

Buy Now
Questions 283

Which of the following should be updated FIRST to account for new regulatory requirements that impact current information security controls?

Options:

A.

Control matrix

B.

Business impact analysis (BIA)

C.

Risk register

D.

Information security policy

Buy Now
Exam Code: CISM
Exam Name: Certified Information Security Manager
Last Update: Jul 9, 2025
Questions: 954

PDF + Testing Engine

$87.15  $249

Testing Engine

$78.75  $225
buy now CISM testing engine

PDF (Q&A)

$69.65  $199
buy now CISM pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 11 Jul 2025