New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CISM Isaca Study Notes

Page: 48 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 189

An incident management team is alerted ta a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:

Options:

A.

notify the business process owner.

B.

follow the business continuity plan (BCP).

C.

conduct an incident forensic analysis.

D.

follow the incident response plan.

Question 190

An information security manager finds that a soon-to-be deployed online application will increase risk beyond acceptable levels, and necessary controls have not been included. Which of the following is the BEST course of action for the information security manager?

Options:

A.

Instruct IT to deploy controls based on urgent business needs.

B.

Present a business case for additional controls to senior management.

C.

Solicit bids for compensating control products.

D.

Recommend a different application.

Question 191

How does an incident response team BEST leverage the results of a business impact analysis (BIA)?

Options:

A.

Assigning restoration priority during incidents

B.

Determining total cost of ownership (TCO)

C.

Evaluating vendors critical to business recovery

D.

Calculating residual risk after the incident recovery phase

Question 192

Which of the following would be MOST useful to a newly hired information security manager who has been tasked with developing and implementing an information security strategy?

Options:

A.

The capabilities and expertise of the information security team

B.

The organization's mission statement and roadmap

C.

A prior successful information security strategy

D.

The organization's information technology (IT) strategy

Page: 48 / 59
Total 793 questions