CISM Practice Test Questions and
Answers.
An information security manager wants to improve the ability to identify changes in risk levels
affecting the organization's systems. Which of the following is the BEST method to achieve this
objective?
A. Performing business impact analysis (BIA)
B. ...
An information security manager wants to improve the ability to identify changes in risk levels
affecting the organization's systems. Which of the following is the BEST method to achieve this
objective?
A. Performing business impact analysis (BIA)
B. Monitoring key goal indicators (KGIs)
C. Monitoring key risk indicators (KRIs)
D. Updating the risk register - answer✔✔C
When developing an escalation process for an incident response plan, the information security
manager should PRIMARILY consider the:
A. Affected stakeholders
B. Incident response team
C. Availability of technical resources
D. Media coverage - answer✔✔A
Which of the following should be an information security managers MOST important
consideration when determining if an information asset has been classified appropriately?
A. Value to the business
B. Security policy requirements
C. Ownership of information
D. Level of protection - answer✔✔A
The effectiveness of an incident response team will be GREATEST when:
A. The incident response process is updated based on lessons learned
B. The incident response team members are trained security personnel
C. The incident response team meets on a regular basis to review log files
D. Incidents are identified using a security information and event monitoring (SIEM) system -
answer✔✔A
An information security manager MUST have an understanding of the organizational business
goals to:
A. Relate information security to change management
B. Develop an information security strategy
C. Develop operational procedures
D. Define key performance indicators (KPIs) - answer✔✔D
An information security manager MUST have an understanding of an information security
program?
A. Understanding current and emerging technologies
B. Establishing key performance indicators (KPIs)
C. Conducting periodic risk assessments
D. Obtaining stakeholder input - answer✔✔D
An attacker was able to gain access to an organizational perimeter firewall and made changes to
allow wider external access and to steal data. Which of the following would have BEST provided
timely identification of this incident?
A. Implementing a data loss prevention (DLP) suite
B. Deploying an intrusion prevention system (IPS)
C. Deploying a security information and event managing system (SIEM)
D. Conducting regular system administrator awareness training - answer✔✔C
When establishing metrics for an information security program, the BEST approach is to identify
indicators that:
A. Support major information security initiatives
B. Reflect the corporate risk culture
C. Reduce information security spending
D. Demonstrate the effectiveness of the security program - answer✔✔D
For an organization that provides web-based services, which of the following security events
would MOST likely initiate an incident response plan and be escalated to management?
A. Anti-malware alerts on several employees workstations
B. Several port scans of web server
C. Multiple failed login attempts on an employee's workstation
D. Suspicious network traffic originating from the demilitarized zone (DMZ) - answer✔✔A
An information security manager is implementing a bring your own device (BYOD) program.
Which of the following would BEST ensure that users adhere to the security standards?
A. Publish the standards on the internet page
B. Deploy a device management solution
C. Establish an acceptable use poly
D. Monitor user activities on the network - answer✔✔C
When monitoring the security of a web-based application, which of the following is MOST
frequently reviewed.
A. Audit reports
B. Access logs
C. Access lists
D. Threat metrics - answer✔✔B
Which of the following is the MOST effective way for an information security manager to
ensure that security is incorporated into an organization's project development processes
A. Develop good communications with the project management office (PMO)
B. Participate in project initiation, and funding
C. Conduct security reviews during design, testing, and implementation
D. Integrate organizational security requirements into project management - answer✔✔D
Which of the following provides the MOST relevant information to determine the overall
effectiveness of en information security program and underlying business processes?
A. SWOT analysis
D. Balanced scorecard - answer✔✔D
An organization finds unauthorized software has been installed on a number of workstations. The
software was found to contain a Trojan, which had been uploading data to an unknown external
party. Which of the following would have BEST prevented the installation of the unauthorized
software?
A. Banning executable file downloads at the Internet firewall
B. Implementing an intrusion detection system (IDS)
C. Implementing application blacklisting
D. Removing local administrator rights - answer✔✔D
When developing a tabletop test plan for incident response testing, the PRIMARY purpose of the
scenario should be to:
A. Measure management engagement as part of an response team
B. Provide participants with situations to ensure understanding of their roles
C. Give the business a measure of the organization's overall readiness
D. Challenge the incident response team to solve the problem under pressure - answer✔✔B
An information security risk analysis BEST assists an organization in ensuring that:
A. The infrastructure has the appropriate level of access control
B. Cost-effective decisions are made with regard to which asset need protection
C. An appropriate level of funding is applied to security processes
D. The organization implements appropriate security technologies - answer✔✔B
In a multinational organization, local security registrations should be implemented over global
security policy because:
A. Business objectives are defined by local business unit managers
B. Deploying awareness of local regulations is more practical than of global policy
C. Global security policies include unnecessary controls for local businesses
D. Requirements of local regulations take precedence - answer✔✔D
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
