New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CISM Syllabus Exam Questions Answers

Page: 40 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 157

Which of the following is the PRIMARY reason to conduct a post-incident review?

Options:

A.

To aid in future risk assessments

B.

To improve the response process

C.

To determine whether digital evidence is admissible

D.

To notify regulatory authorities

Question 158

Which of the following should be the FIRST step in developing an information security strategy?

Options:

A.

Perform a gap analysis based on the current state

B.

Create a roadmap to identify security baselines and controls.

C.

Identify key stakeholders to champion information security.

D.

Determine acceptable levels of information security risk.

Question 159

The MAIN benefit of implementing a data loss prevention (DLP) solution is to:

Options:

A.

enhance the organization's antivirus controls.

B.

eliminate the risk of data loss.

C.

complement the organization's detective controls.

D.

reduce the need for a security awareness program.

Question 160

An organization is increasingly using Software as a Service (SaaS) to replace in-house hosting and support of IT applications. Which of the following would be the MOST effective way to help ensure procurement decisions consider information security concerns?

Options:

A.

Integrate information security risk assessments into the procurement process.

B.

Provide regular information security training to the procurement team.

C.

Invite IT members into regular procurement team meetings to influence best practice.

D.

Enforce the right to audit in procurement contracts with SaaS vendors.

Page: 40 / 59
Total 793 questions