Cism practice exam 2 - Study guides, Class notes & Summaries

Secret keys are ___________ encryption and public/private keys are _________ encryption. - Answer symmetric, asymmetric stakeholders - Answer are not the people who use the system but they are interested in it for other purposes like audits ISACA IS Audit and Assurance Standards - Performance - Answer Engagement Planning Risk Assessment in Planning Performance and Supervision Materiality Evidence Using the Work of Other Experts Irregularity and Illegal Acts COSO - Answer Committee of Sp...

CISM 1 of 4 Practice Questions and Answers (100% Pass) Which of the following should be the FIRST step in developing an information security plan? A. Perform a technical vulnerabilities assessment B. Analyze the current business strategy C. Perform a business impact analysis D. Assess the current levels of security awareness - Answer️️ -B. Analyze the current business strategy The MOST appropriate role for senior management in supporting information security is the: A. evaluat...

CISM Practice Questions and Answers (100% Pass) How much security is enough? - Answer️️ -Just enough What is the role of the security professional? - Answer️️ -Advise, not decide, on security matters for the organization Define confidentiality - Answer️️ -Prevent unauthorized disclosure of data (privacy, security) Define integrity - Answer️️ -Prevent/detect unauthorized modification of data Define availability - Answer️️ -Ensure timely access to resources What is the ...

CISM Exam Prep Questions and Answers (100% Pass) Information security governance is primarily driven by: - Answer️️ -Business strategy Who should drive the risk analysis for an organization? - Answer️️ -the Security Manager Who should be responsible for enforcing access rights to application data? - Answer️️ -Security administrators The MOST important component of a privacy policy is: - Answer️️ -notifications Investment in security technology and processes should be base...

CISM Domain 2 Practice Questions and Answers (100% Pass) Which of the following should a successful information security management program use to determine the amount of resources devoted to mitigating exposures?(*) - Answer️️ -risk analysis result In a Business Impact Analysis (BIA), the value of information system should be based on the overall: - Answer️️ -opportunity cost Risk acceptance is a component of which of the following? - Answer️️ -risk mitigation Which of the f...

CISM 3330 Chapter PI5 Practice Questions and Answers (100% Pass) Expert systems Question options: a) Are always used to replace decision makers. b) Are always used to support decision makers. c) Are typically used to support an entire company. d) Can be used to support or replace decision makers. - Answer️️ -d) Can be used to support or replace decision makers. Hyo runs an ice cream shop with her family. They have a model that they created to give them flavor alternatives based on t...

Incident Safety Officer Exam Questions With 100% Correct Answers Chapter 1 - answerPreparing the Incident Safety Officer All of the following are considered to be contributing factors to LODDs except: - answermodern designs of apparatus. In the 1970s, where was the FIRESCOPE program developed and used for multiagency incidents? - answerThe West Coast In the MEDIC acronym, the D stands for: - answerDevelop. In what year was Homeland Security Presidential Directive 5, Management of Domesti...

Incident Safety Officer Exam Questions With 100% Correct Answers Chapter 1 - answerPreparing the Incident Safety Officer All of the following are considered to be contributing factors to LODDs except: - answermodern designs of apparatus. In the 1970s, where was the FIRESCOPE program developed and used for multiagency incidents? - answerThe West Coast In the MEDIC acronym, the D stands for: - answerDevelop. In what year was Homeland Security Presidential Directive 5, Management of Domesti...

Incident Safety Officer Exam Questions With 100% Correct Answers All of the following are considered to be contributing factors to LODDs except: - answermodern designs of apparatus. In the 1970s, where was the FIRESCOPE program developed and used for multiagency incidents? - answerThe West Coast In the MEDIC acronym, the D stands for: - answerDevelop. In what year was Homeland Security Presidential Directive 5, Management of Domestic Incidents, signed? - answer2004 Most line-of-duty dea...

CISM SET 7 Practice Questions with Correct Answers 601. Which of the following information security activities is MOST helpful to support compliance with information security policy? A. Conducting information security awareness programs B. Creating monthly trend metrics C. Performing periodic IT reviews on new system acquisitions D. Obtaining management commitment - Answer️️ -D. Obtaining management commitment 602. Which of the following is MOST important to determine following the ...