New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CISM Leak Questions

Page: 22 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 85

Internal audit has reported a number of information security issues that are not in compliance with regulatory requirements. What should the information security manager do FIRST?

Options:

A.

Perform a vulnerability assessment

B.

Perform a gap analysis to determine needed resources

C.

Create a security exception

D.

Assess the risk to business operations

Question 86

Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense9

Options:

A.

A validation of the current firewall rule set

B.

A port scan of the firewall from an internal source

C.

A ping test from an external source

D.

A simulated denial of service (DoS) attack against the firewall

Question 87

Which of the following would provide the MOST value to senior management when presenting the results of a risk assessment?

Options:

A.

Mapping the risks to the security classification scheme

B.

Illustrating risk on a heat map

C.

Mapping the risks to existing controls

D.

Providing a technical risk assessment report

Question 88

Which of the following would be MOST useful when determining the business continuity strategy for a large organization's data center?

Options:

A.

Stakeholder feedback analysis

B.

Business continuity risk analysis

C.

Incident root cause analysis

D.

Business impact analysis (BIA)

Page: 22 / 59
Total 793 questions