New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Changed CISM Exam Questions

Page: 15 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 57

When developing a business case to justify an information security investment, which of the following would BEST enable an informed decision by senior management?

Options:

A.

The information security strategy

B.

Losses due to security incidents

C.

The results of a risk assessment

D.

Security investment trends in the industry

Question 58

An organization is aligning its incident response capability with a public cloud service provider. What should be the information security manager's FIRST course of action?

Options:

A.

Identify the skill set of the provider's incident response team.

B.

Evaluate the provider's audit logging and monitoring controls.

C.

Review the provider’s incident definitions and notification criteria.

D.

Update the incident escalation process.

Question 59

Which of the following is the BEST indication of information security strategy alignment with the “&

Options:

A.

Percentage of information security incidents resolved within defined service level agreements (SLAs)

B.

Percentage of corporate budget allocated to information security initiatives

C.

Number of business executives who have attended information security awareness sessions

D.

Number of business objectives directly supported by information security initiatives

Question 60

Which of the following is the BEST approach when creating a security policy for a global organization subject to varying laws and regulations?

Options:

A.

Incorporate policy statements derived from third-party standards and benchmarks.

B.

Adhere to a unique corporate privacy and security standard

C.

Establish baseline standards for all locations and add supplemental standards as required

D.

Require that all locations comply with a generally accepted set of industry

Page: 15 / 59
Total 793 questions