New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

PDF CISM Study Guide

Page: 34 / 59
Total 793 questions

Certified Information Security Manager Questions and Answers

Question 133

Which of the following incident response phases involves actions to help safeguard critical systems while maintaining business operations?

Options:

A.

Recovery

B.

Identification

C.

Containment

D.

Preparation

Question 134

Capacity planning would prevent:

Options:

A.

file system overload arising from distributed denial of service (DDoS) attacks.

B.

system downtime for scheduled security maintenance.

C.

application failures arising from insufficient hardware resources.

D.

software failures arising from exploitation of buffer capacity vulnerabilities.

Question 135

An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:

• A bad actor broke into a business-critical FTP server by brute forcing an administrative password

• The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored

• The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server

• After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail

Which of the following could have been prevented by conducting regular incident response testing?

Options:

A.

Ignored alert messages

B.

The server being compromised

C.

The brute force attack

D.

Stolen data

Question 136

Which of the following should an information security manager do FIRST upon confirming a privileged user's unauthorized modifications to a security application?

Options:

A.

Report the risk associated with the policy breach.

B.

Enforce the security configuration and require the change to be reverted.

C.

Implement compensating controls to address the risk.

D.

Implement a privileged access management system.

Page: 34 / 59
Total 793 questions