New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CISM Dumps PDF

Page: 39 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 153

A proposal designed to gain buy-in from senior management for a new security project will be MOST effective if it includes:

Options:

A.

analysis of current threat landscape.

B.

historical data of reported incidents.

C.

projected return on investment (ROI).

D.

industry benchmarking gap analysis.

Question 154

Which of the following is the BEST way to determine if an information security profile is aligned with business requirements?

Options:

A.

Review the key performance indicator (KPI) dashboard

B.

Review security-related key risk indicators (KRIs)

C.

Review control self-assessment (CSA) results

D.

Review periodic security audits

Question 155

What should be an information security manager's FIRST step when developing a business case for a new intrusion detection system (IDS) solution?

Options:

A.

Define the issues to be addressed.

B.

Perform a cost-benefit analysis.

C.

Calculate the total cost of ownership (TCO).

D.

Conduct a feasibility study.

Question 156

An organization implemented a number of technical and administrative controls to mitigate risk associated with ransomware. Which of the following is MOST

important to present to senior management when reporting on the performance of this initiative?

Options:

A.

The cost and associated risk reduction

B.

Benchmarks of industry peers impacted by ransomware

C.

The number and severity of ransomware incidents

D.

The total cost of the investment

Page: 39 / 59
Total 793 questions