New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Full Access Isaca CISM Tutorials

Page: 20 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 77

Which of the following is the MOST important reason for obtaining input from risk owners when implementing controls?

Options:

A.

To reduce risk mitigation costs

B.

To resolve vulnerabilities in enterprise architecture (EA)

C.

To manage the risk to an acceptable level

D.

To eliminate threats impacting the business

Question 78

Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?

Options:

A.

Adopt the cloud provider's incident response procedures.

B.

Transfer responsibility for incident response to the cloud provider.

C.

Continue using the existing incident response procedures.

D.

Revise incident response procedures to encompass the cloud environment.

Question 79

An organization's security policy is to disable access to USB storage devices on laptops and desktops. Which of the following is the STRONGEST justification for granting an exception to the policy?

Options:

A.

The benefit is greater than the potential risk.

B.

USB storage devices are enabled based on user roles.

C.

Users accept the risk of noncompliance.

D.

Access is restricted to read-only.

Question 80

Which of the following is the BEST starting point for a newly hired information security manager who has been tasked with identifying and addressing network vulnerabilities?

Options:

A.

Controls analysis

B.

Emerging risk review

C.

Penetration testing

D.

Traffic monitoring

Page: 20 / 59
Total 793 questions