لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which of the following would be the MOST important goal of an information security governance program?
A. Review of internal control mechanisms
B. Effective involvement in business decision making
C. Total elimination of risk factors
D. Ensuring trust in data
عرض الإجابة
اجابة صحيحة: D

View The Updated CISM Exam Questions

SPOTO Provides 100% Real CISM Exam Questions for You to Pass Your CISM Exam!

Get CISM Practice Test
السؤال #2
An incident response policy must contain: C.
A. updated call trees
B. escalation criteria
D. critical backup files inventory
عرض الإجابة
اجابة صحيحة: A
السؤال #3
Which of the following would BEST mitigate identified vulnerabilities in a timely manner?
A. Continuous vulnerability monitoring tool
B. Categorization of the vulnerabilities based on system’s criticality
C. Monitoring of key risk indicators (KRIs)
D. Action plan with responsibilities and deadlines
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Which of the following is the MOST important element to ensure the success of a disaster recovery test at a vendor-provided hot site?
B.
A. Tests are scheduled on weekends Network IP addresses are predefined
C. Equipment at the hot site is identical
D. Business management actively participates
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Which of the following would BEST prepare an information security manager for regulatory reviews?
A. Assign an information security administrator as regulatory liaison
B. Perform self-assessments using regulatory guidelines and reports
C. Assess previous regulatory reports with process owners input
D. Ensure all regulatory inquiries are sanctioned by the legal department
عرض الإجابة
اجابة صحيحة: D
السؤال #6
An organization with a maturing incident response program conducts post-incident reviews for all major information security incidents. The PRIMARY goal of these reviews should be to:
A. document and report the root cause of the incidents for senior management
B. identify security program gaps or systemic weaknesses that need correction
C. prepare properly vetted notifications regarding the incidents to external parties
D. identify who should be held accountable for the security incidents
عرض الإجابة
اجابة صحيحة: D
السؤال #7
What is the BEST way to ensure users comply with organizational security requirements for password complexity?
A. Include password construction requirements in the security standards
B. Require each user to acknowledge the password requirements
C. Implement strict penalties for user noncompliance
D. Enable system-enforced password configuration
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Which of the following is the BEST indicator that security awareness training has been effective?
A. Employees sign to acknowledge the security policy
B. More incidents are being reported
C. A majority of employees have completed training
D. No incidents have been reported in three months
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Which of the following is MOST critical for the successful implementation and maintenance of a security policy?
A. Assimilation of the framework and intent of a written security policy by all appropriate parties
B. Management support and approval for the implementation and maintenance of a security policy
C. Enforcement of security rules by providing punitive actions for any violation of security rules
D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Information security policies should:
A. address corporate network vulnerabilities
B. address the process for communicating a violation
C. be straightforward and easy to understand
D. be customized to specific groups and roles
عرض الإجابة
اجابة صحيحة: C
السؤال #11
When security policies are strictly enforced, the initial impact is that:
A. they may have to be modified more frequently
B. they will be less subject to challenge
C. the total cost of security is increased
D. the need for compliance reviews is decreased
عرض الإجابة
اجابة صحيحة: C
السؤال #12
The BEST method for detecting and monitoring a hacker's activities without exposing information assets to unnecessary risk is to utilize:
A. firewalls
B. bastion hosts
C. decoy files
D. screened subnets
عرض الإجابة
اجابة صحيحة: C
السؤال #13
Which of the following BEST ensures timely and reliable access to services?
A. Authenticity
B. Recovery time objective
C. Availability
D. Nonrepudiation
عرض الإجابة
اجابة صحيحة: A
السؤال #14
A post-incident review should be conducted by an incident management team to determine: D.
A. relevant electronic evidence
B. lessons learned
C. hacker's identity
E.
عرض الإجابة
اجابة صحيحة: C
السؤال #15
During the restoration of several servers, a critical process that services external customers was restored late due to a failure, resulting in lost revenue. Which of the following would have BEST help to prevent this occurrence?
A. Validation of senior management’s risk tolerance
B. Updates to the business impact analysis (BIA)
C. More effective disaster recovery plan (DRP) testing
D. Improvements to incident identification methods
عرض الإجابة
اجابة صحيحة: D
السؤال #16
Which of the following metrics would be the MOST useful in measuring how well information security is monitoring violation logs?
A. Penetration attempts investigated
B. Violation log reports produced
C. Violation log entries
D. Frequency of corrective actions taken
عرض الإجابة
اجابة صحيحة: B
السؤال #17
Which of the following is the MOST likely to change an organization's culture to one that is more security conscious?
A. Adequate security policies and procedures
B. Periodic compliance reviews
C. Security steering committees
D. Security awareness campaigns
عرض الإجابة
اجابة صحيحة: A
السؤال #18
When training an incident response team, the advantage of using tabletop exercises is that they:
A. provide the team with practical experience in responding to incidents
B. ensure that the team can respond to any incident
C. remove the need to involve senior managers in the response process
D. enable the team to develop effective response interactions
عرض الإجابة
اجابة صحيحة: D
السؤال #19
Which of the following reduces the potential impact of social engineering attacks?
A. Compliance with regulatory requirements
B. Promoting ethical understanding
C. Security awareness programs
D. Effective performance incentives
عرض الإجابة
اجابة صحيحة: B
السؤال #20
What should be an information security manager’s FIRST course of action when an organization is subject to a new regulatory requirement?
A. Perform a gap analysis
B. Complete a control assessment
C. Submit a business case to support compliance
D. Update the risk register
عرض الإجابة
اجابة صحيحة: D
السؤال #21
An information security manager has developed a strategy to address new information security risks resulting from recent changes in the business. Which of the following would be MOST important to include when presenting the strategy to senior management?
A. The costs associated with business process changes
B. Results of benchmarking against industry peers
C. The impact of organizational changes on the security risk profile
D. Security controls needed for risk mitigation
عرض الإجابة
اجابة صحيحة: C
السؤال #22
Which of the following activities performed by a database administrator (DBA) should be performed by a different person?
A. Deleting database activity logs
B. Implementing database optimization tools
C. Monitoring database usage
D. Defining backup and recovery procedures
عرض الإجابة
اجابة صحيحة: D
السؤال #23
When segregation of duties concerns exists between IT support staff and end users, what would be a suitable compensating control?
A. Restricting physical access to computing equipment
B. Reviewing transaction and application logs
C. Performing background checks prior to hiring IT staff
D. Locking user sessions after a specified period of inactivity
عرض الإجابة
اجابة صحيحة: C
السؤال #24
When developing a tabletop test plan for incident response testing, the PRIMARY purpose of the scenario should be to:
A. give the business a measure of the organization’s overall readiness
B. provide participants with situations to ensure understanding of their roles
C. measure management engagement as part of an incident response team
D. challenge the incident response team to solve the problem under pressure
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Security governance is MOST associated with which of the following IT infrastructure components?
A. Network
B. Application
C. Platform
D. Process
عرض الإجابة
اجابة صحيحة: A
السؤال #26
Which of the following is the MOST appropriate individual to implement and maintain the level of information security needed for a specific business application?
A. System analyst
B. Quality control manager
C. Process owner
D. Information security manager
عرض الإجابة
اجابة صحيحة: D
السؤال #27
To address the issue that performance pressures on IT may conflict with information security controls, it is MOST important that:
A. noncompliance issues are reported to senior management
B. information security management understands business performance issues
C. the security policy is changed to accommodate IT performance pressure
D. senior management provides guidance and dispute resolution
عرض الإجابة
اجابة صحيحة: D
السؤال #28
During a post-incident review, the sequence and correlation of actions must be analyzed PRIMARILY based on:
A. documents created during the incident
B. logs from systems involved
C. a consolidated event time line
D. interviews with personnel
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Data owners are normally responsible for which of the following?
A. Applying emergency changes to application data
B. Administering security over database records
C. Migrating application code changes to production
D. Determining the level of application security required
عرض الإجابة
اجابة صحيحة: A
السؤال #30
Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and systems?
A. User management coordination does not exist
B. Specific user accountability cannot be established
C. Unauthorized users may have access to originate, modify or delete data
D. Audit recommendations may not be implemented
عرض الإجابة
اجابة صحيحة: B
السؤال #31
An information security manager reviewed the access control lists and observed that privileged access was granted to an entire department. Which of the following should the information security manager do FIRST?
A. Review the procedures for granting access
B. Establish procedures for granting emergency access
C. Meet with data owners to understand business needs
B.
D. Redefine and implement proper access rights
عرض الإجابة
اجابة صحيحة: A
السؤال #32
An information security manager has completed a risk assessment and has determined the residual risk. Which of the following should be the NEXT step?
A. Conduct an evaluation of controls
B. Determine if the risk is within the risk appetite
C. Implement countermeasures to mitigate risk
D. Classify all identified risks
عرض الإجابة
اجابة صحيحة: C
السؤال #33
Which of the following is the MOST important consideration when deciding whether to continue outsourcing to a managed security service provider?
A. The business need for the function
B. The cost of the services
C. The vendor’s reputation in the industry
D. The ability to meet deliverables
عرض الإجابة
اجابة صحيحة: B
السؤال #34
The BEST approach in managing a security incident involving a successful penetration should be to:
A. allow business processes to continue during the response
B. allow the security team to assess the attack profile
C. permit the incident to continue to trace the source
D. examine the incident response process for deficiencies
عرض الإجابة
اجابة صحيحة: C
السؤال #35
Which of the following will protect the confidentiality of data transmitted over the Internet?
A. Message digests
B. Network address translation
C. Encrypting file system
D. IPsec protocol
عرض الإجابة
اجابة صحيحة: C
السؤال #36
Which of the following tasks should be performed once a disaster recovery plan has been developed?
A. Analyze the business impact
B. Define response team roles
C. Develop the test plan
D. Identify recovery time objectives
عرض الإجابة
اجابة صحيحة: A
السؤال #37
The BEST time to perform a penetration test is after:
A. an attempted penetration has occurred
B. an audit has reported weaknesses in security controls
C. various infrastructure changes are made
D. a high turnover in systems staff
عرض الإجابة
اجابة صحيحة: A
السؤال #38
Which of the following terms and conditions represent a significant deficiency if included in a commercial hot site contract?
A. A hot site facility will be shared in multiple disaster declarations
B. All equipment is provided "at time of disaster, not on floor"
C. The facility is subject to a "first-come, first-served" policy
D. Equipment may be substituted with equivalent model
عرض الإجابة
اجابة صحيحة: D
السؤال #39
Which of the following presents the GREATEST exposure to internal attack on a network?
A. User passwords are not automatically expired
B. All network traffic goes through a single switch
C. User passwords are encoded but not encrypted
D. All users reside on a single internal subnet
عرض الإجابة
اجابة صحيحة: D
السؤال #40
Which of the following is the MOST appropriate position to sponsor the design and implementation of a new security infrastructure in a large global enterprise?
A. Chief security officer (CSO)
B. Chief operating officer (COO)
C. Chief privacy officer (CPO)
D. Chief legal counsel (CLC)
عرض الإجابة
اجابة صحيحة: A
السؤال #41
03.Who is accountable for ensuring that information is categorized and that specific protective measures are taken?
A. he security officer
B. enior management
C. he end user
D. he custodian
عرض الإجابة
اجابة صحيحة: b
السؤال #42
B. In business-critical applications, user access should be approved by the:
A. information security manager
C. data custodian
D. business management
عرض الإجابة
اجابة صحيحة: C
السؤال #43
Which of the following would be MOST effective in ensuring that information security is appropriately addressed in new systems?
A. Internal audit signs off on security prior to implementation
B. Information security staff perform compliance reviews before production begins
C. Information security staff take responsibility for the design of system security
D. Business requirements must include security objectives
عرض الإجابة
اجابة صحيحة: B
السؤال #44
An information security manager learns that a departmental system is out of compliance with the information security policy’s password strength requirements. Which of the following should be the information security manager’s FIRST course of action?
A. Submit the issue to the steering committee for escalation
B. Conduct an impact analysis to quantify the associated risk
C. Isolate the non-compliant system from the rest of the network
D. Request risk acceptance from senior management
عرض الإجابة
اجابة صحيحة: A
السؤال #45
06.To determine how a security breach occurred on the corporate network, a security manager looks at the logs of various devices.Which of the following BEST facilitates the correlation and review of these logs?
A. atabase server
B. omain name server
C. ime server
D. roxy server
عرض الإجابة
اجابة صحيحة: c
السؤال #46
09.Which of the following tools provides an incident response team with the GREATEST insight into insider threat activity across multiple systems?
A. virtual private network (VPN) with multi-factor authentication
B. security information and event management (SIEM) system
C. n identity and access management (IAM) system
D. n intrusion prevention system (IPS)
عرض الإجابة
اجابة صحيحة: b
السؤال #47
02.In the Bell-LaPadula model, if a person has a clearance for one level, what level or levels can they access, and what additional requirements do they face?
A. hey can access only the specified level and must have a background check
B. hey can access the specified level and above and face no further requirements
C. hey can access the specified level and below and must have a need to know
D. hey can access every level, and they face no other requirements
عرض الإجابة
اجابة صحيحة: c
السؤال #48
Which of the following is MOST difficult to achieve in a public cloud-computing environment?
A. Cost reduction
B. Pay per use
C. On-demand provisioning
D. Ability to audit
عرض الإجابة
اجابة صحيحة: D
السؤال #49
An incident response team has determined there is a need to isolate a system that is communicating with a known malicious host on the Internet. Which of the following stakeholders should be contacted FIRST?
A. Key customers
B. Executive management
C. System administrator
D. The business owner
عرض الإجابة
اجابة صحيحة: B
السؤال #50
Senior management has approved employees working off-site by using a virtual private network (VPN) connection. It is MOST important for the information security manager to periodically:
A. perform a cost-benefit analysis
B. review firewall configuration
C. review the security policy
D. perform a risk assessment
عرض الإجابة
اجابة صحيحة: C
السؤال #51
The BEST way to facilitate the reporting and escalation of potential security incidents to appropriate stakeholders is to define incident classifications based on the:
A. technique used to launch the attack
B. vulnerability exploited by the attack
C. verified source and industry rating of the incident
D. severity and impact of the incident
عرض الإجابة
اجابة صحيحة: B
السؤال #52
The MOST important reason to use a centralized mechanism to identify information security incidents is to:
A. detect potential fraud
B. prevent unauthorized changes to networks
C. comply with corporate policies
D. detect threats across environments
عرض الإجابة
اجابة صحيحة: D
السؤال #53
05.Which of the following is the BEST way to detect an intruder who successfully penetrates a network before significant damage is inflicted?
A. erform periodic penetration testing
B. stablish minimum security baselines
C. mplement vendor default settings
D. nstall a honeypot on the network
عرض الإجابة
اجابة صحيحة: d
السؤال #54
Which of the following would BEST help to identify vulnerabilities introduced by changes to an organization’s technical infrastructure?
A. An intrusion detection system
B. Established security baselines
C. Penetration testing
D. Log aggregation and correlation
عرض الإجابة
اجابة صحيحة: D
السؤال #55
After detecting an advanced persistent threat (APT), which of the following should be the information security manager’s FIRST step?
A. Notify management
B. Contain the threat
C. Remove the threat
D. Perform root-cause analysis
عرض الإجابة
اجابة صحيحة: C

View The Updated ISACA Exam Questions

SPOTO Provides 100% Real ISACA Exam Questions for You to Pass Your ISACA Exam!

Get ISACA Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.