New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version CISM Isaca Exam

Page: 21 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 81

An organization's research department plans to apply machine learning algorithms on a large data set containing customer names and purchase history. The risk of personal data leakage is considered high impact. Which of the following is the BEST risk treatment option in this situation?

Options:

A.

Accept the risk, as the benefits exceed the potential consequences.

B.

Mitigate the risk by applying anonymization on the data set.

C.

Transfer the risk by purchasing insurance.

D.

Mitigate the risk by encrypting the customer names in the data set.

Question 82

Which of the following is MOST important to include in security incident escalation procedures?

Options:

A.

Key objectives of the security program

B.

Recovery procedures

C.

Notification criteria

D.

Containment procedures

Question 83

Which of the following would BEST mitigate accidental data loss events?

Options:

A.

Conduct periodic user awareness training.

B.

Obtain senior management support for the information security strategy.

C.

Conduct a data loss prevention (DLP) audit.

D.

Enforce a data hard drive encryption policy.

Question 84

Which of the following should be the PRIMARY basis for establishing metrics that measure the effectiveness of an information security program?

Options:

A.

Residual risk

B.

Regulatory requirements

C.

Risk tolerance

D.

Control objectives

Page: 21 / 59
Total 793 questions