100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ISACA Certified Information Security Manager (CISM) EXAM Prep correctly answered $12.49   Add to cart

Exam (elaborations)

ISACA Certified Information Security Manager (CISM) EXAM Prep correctly answered

 1 view  0 purchase
  • Course
  • Institution

Which of the following is the primary step in control implementation for a new business application? - correct answer D. Risk assessment When implementing an information security program, in which phase of the implementation should metrics be established to assess the effectiveness of the progra...

[Show more]

Preview 2 out of 5  pages

  • January 4, 2024
  • 5
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
ISACA Certified Information Security
Manager (CISM) Prep correctly answered
Which of the following is the primary step in control implementation for a new business
application? - correct answer D. Risk assessment

When implementing an information security program, in which phase of the
implementation should metrics be established to assess the effectiveness of the
program over time?" - correct answer Either
B. Initiation
C. Design

Data owners are concerned and responsible for who has access to their resources and
therefore need to be concerned with the strategy of how to mitigate risk of data resource
usage. Which of the following actions facilitates that responsibility? - correct answer B.
Entitlement changes

Which of the following is the best method to determine the effectiveness of the incident
response process? - correct answer C. Post-incident review

When properly implemented, a risk management program should be designed to reduce
an organization's risk to: - correct answer C. A level at which the organization is willing
to accept

What controls the process of introducing changes to systems to ensure that unintended
changes are not introduced? - correct answer C. Change management

All actions dealing with incidents must be worked with cyclical consideration. What is
the primary post-incident review takeaway? - correct answer Either
A. Pursuit of legal action

B. Identify personnel failures

D. Derive ways to improve the response process

If a forensics copy of a hard drive is required for legal matters, which of the following
options provide the best solid defense for preservation of evidence? - correct answer C.
A bit-by-bit copy of all data

What is the preferred step an ISM should take to ensure the disaster recovery plan is
adequate and remains current? - correct answer A. Quarterly reviews of recovery plan
information

, Which of the following would prove to be the best protection and recovery procedures if
an intruder has gained root access to a system? - correct answer Either
A. Use system recovery to restore the last known good image

C. Rebuild the system and its OS and applications using the original vendor media

D. Have all users change passwords

As the increased use of regulation and compliance in the Information Security arena
expands, information security managers must work to put tasks into perspective. To do
this, ISMs should involve affected organizations and view "regulations" as a? - correct
answer Either
A. Risk

B. Legal interpretation

Which of the following is the most significant challenge when developing an incident
management plan? - correct answer D. Lack of management and leadership buy-in

Resource allocation is crucial during incident triage as it assists in prioritization and
categorization. Why would this be critical for most organizations when conducting
triage? - correct answer A. Most organizations have limited incident handling resources

As part of the Risk Management process, assessments must be performed on the
information systems and resources of an organization. If there are vulnerabilities
disclosed during an assessment, those vulnerabilities should be: - correct answer d.
Evaluated and prioritized based on credible threat and impact if exploited and and
mitigation cost

A security strategy is important for an organization, and along with the creation of
supporting policies. What should the overall planning effort cover? - correct answer
Either
A. The logical security architecture for the organization

B. The intent and direction and expectations of management

D. Assist in FISMA audits

What is the most important security objective in creating good procedures to meet the
requirements of a relevant policy? - correct answer A. Being comprehensive and
unambiguous

Along with attention to detail, what is an additional quality required of an incident
handler? - correct answer D. Ability to handle stress

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller THEEXCELLENCELIBRARY. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

80202 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.49
  • (0)
  Add to cart