New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass Using CISM Exam Dumps

Page: 38 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 149

Which of the following is BEST used to determine the maturity of an information security program?

Options:

A.

Security budget allocation

B.

Organizational risk appetite

C.

Risk assessment results

D.

Security metrics

Question 150

A newly appointed information security manager has been asked to update all security-related policies and procedures that have been static for five years or more. What should be done NEXT?

Options:

A.

Update in accordance with the best business practices.

B.

Perform a risk assessment of the current IT environment.

C.

Gain an understanding of the current business direction.

D.

Inventory and review current security policies.

Question 151

To improve the efficiency of the development of a new software application, security requirements should be defined:

Options:

A.

based on code review.

B.

based on available security assessment tools.

C.

after functional requirements.

D.

concurrently with other requirements.

Question 152

Which of the following is the FIRST step when conducting a post-incident review?

Options:

A.

Identify mitigating controls.

B.

Assess the costs of the incident.

C.

Perform root cause analysis.

D.

Assign responsibility for corrective actions.

Page: 38 / 59
Total 793 questions