New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass CISM Exam Guide

Page: 45 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 177

A PRIMARY purpose of creating security policies is to:

Options:

A.

define allowable security boundaries.

B.

communicate management's security expectations.

C.

establish the way security tasks should be executed.

D.

implement management's security governance strategy.

Question 178

Which of the following is the BEST way to achieve compliance with new global regulations related to the protection of personal information?

Options:

A.

Execute a risk treatment plan.

B.

Review contracts and statements of work (SOWs) with vendors.

C.

Implement data regionalization controls.

D.

Determine current and desired state of controls.

Question 179

Which of the following is MOST helpful for protecting an enterprise from advanced persistent threats (APTs)?

Options:

A.

Updated security policies

B.

Defined security standards

C.

Threat intelligence

D.

Regular antivirus updates

Question 180

When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?

Options:

A.

Data is encrypted in transit and at rest at the vendor site.

B.

Data is subject to regular access log review.

C.

The vendor must be able to amend data.

D.

The vendor must agree to the organization's information security policy,

Page: 45 / 59
Total 793 questions