CISM Certification – Valid Exam Dumps Questions Study Guide! (Updated 799 Questions) CISM Dumps are Available for Instant Access using GuideTorrent NEW QUESTION # 296 Which of the following is MOST likely to improve an organization's security culture? A. Incentivizing managers based on security metrics B. Involving stakeholders in security planning C. Communicating security incidents within the [...]

All Products Contact now

CISM Certification - Valid Exam Dumps Questions Study Guide! (Updated 799 Questions) [Q296-Q319]

Share

CISM Certification – Valid Exam Dumps Questions Study Guide! (Updated 799 Questions)

CISM Dumps are Available for Instant Access using GuideTorrent

NEW QUESTION # 296
Which of the following is MOST likely to improve an organization's security culture?

  • A. Incentivizing managers based on security metrics
  • B. Involving stakeholders in security planning
  • C. Communicating security incidents within the industry
  • D. Enforcing penalties for security incidents

Answer: B


NEW QUESTION # 297
Which of the following Is MOST useful to an information security manager when conducting a post-incident review of an attack?

  • A. Details from intrusion detection system (IDS) logs
  • B. Cost of the attack to the organization
  • C. Location of the attacker
  • D. Method of operation used by the attacker

Answer: D

Explanation:
= The method of operation used by the attacker is the most useful information for an information security manager when conducting a post-incident review of an attack. This information can help identify the root cause of the incident, the vulnerabilities exploited, the impact and severity of the attack, and the effectiveness of the existing security controls. The method of operation can also provide insights into the attacker's motives, skills, and resources, which can help improve the organization's threat intelligence and risk assessment. The cost of the attack to the organization, the location of the attacker, and the details from IDS logs are all relevant information for a post-incident review, but they are not as useful as the method of operation for improving the incident handling process and preventing future attacks. References = CISM Review Manual 2022, page 316; CISM Item Development Guide 2022, page 9; ISACA CISM: PRIMARY goal of a post-incident review should be to?


NEW QUESTION # 298
What is the MOST cost-effective method of identifying new vendor vulnerabilities?

  • A. Periodic vulnerability assessments performed by consultants
  • B. honey pots located in the DMZ
  • C. Intrusion prevention software
  • D. External vulnerability reporting sources

Answer: D

Explanation:
External vulnerability sources are going to be the most cost-effective method of identifying these vulnerabilities. The cost involved in choices B and C would be much higher, especially if performed at regular intervals. Honeypots would not identify all vendor vulnerabilities. In addition, honeypots located in the DMZ can create a security risk if the production network is not well protected from traffic from compromised honey pots.


NEW QUESTION # 299
What will have the HIGHEST impact on standard information security governance models?

  • A. Organizational budget
  • B. Number of employees
  • C. Distance between physical locations
  • D. Complexity of organizational structure

Answer: D

Explanation:
Section: INFORMATION SECURITY GOVERNANCE
Explanation:
Information security governance models are highly dependent on the overall organizational structure. Some of the elements that impact organizational structure are multiple missions and functions across the organization, leadership and lines of communication. Number of employees and distance between physical locations have less impact on information security governance models since well-defined process, technology and people components intermingle to provide the proper governance. Organizational budget is not a major impact once good governance models are in place; hence governance will help in effective management of the organization's budget.


NEW QUESTION # 300
What is the PRIMARY role of the information security program?

  • A. To develop and enforce a set of security policies aligned with the business
  • B. To educate stakeholders regarding information security requirements
  • C. To provide guidance in managing organizational security risk
  • D. To perform periodic risk assessments and business impact analyses (BIAs)

Answer: D


NEW QUESTION # 301
Which of the following is the MOST important consideration when designing a disaster recovery test?

  • A. The test fully recovers the storage infrastructure
  • B. The test includes the recovery time objectives (RTOs).
  • C. The test addresses critical business functions.
  • D. The test assesses the adequacy of network redundancy.

Answer: C


NEW QUESTION # 302
Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?

  • A. Internal auditor
  • B. Information security manager
  • C. Chief operating officer (COO)
  • D. Legal counsel

Answer: C

Explanation:
Explanation/Reference:
Explanation:
The chief operating officer (COO) is highly-placed within an organization and has the most knowledge of business operations and objectives. The chief internal auditor and chief legal counsel are appropriate members of such a steering group. However, sponsoring the creation of the steering committee should be initiated by someone versed in the strategy and direction of the business. Since a security manager is looking to this group for direction, they are not in the best position to oversee formation of this group.


NEW QUESTION # 303
Which of the following is the MOST effective method to help ensure information security incidents are reported?

  • A. Integrating information security language in conditions of employment
  • B. Implementing an incident management system
  • C. Providing information security awareness training to employees
  • D. Integrating information security language in corporate compliance rules

Answer: C

Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT


NEW QUESTION # 304
Which of the following is the MOST appropriate individual to ensure that new exposures have not been introduced into an existing application during the change management process?

  • A. System analyst
  • B. Data security officer
  • C. System user
  • D. Operations manager

Answer: C

Explanation:
Explanation/Reference:
Explanation:
System users, specifically the user acceptance testers, would be in the best position to note whether new exposures are introduced during the change management process. The system designer or system analyst, data security officer and operations manager would not be as closely involved in testing code changes.


NEW QUESTION # 305
Which of the following is the MOST appropriate position to sponsor the design and implementation of a new security infrastructure in a large global enterprise?

  • A. Chief security officer (CSO)
  • B. Chief operating officer (COO)
  • C. Chief legal counsel (CLC)
  • D. Chief privacy officer (CPO)

Answer: B

Explanation:
Section: INFORMATION SECURITY GOVERNANCE
Explanation
Explanation:
The chief operating officer (COO) is most knowledgeable of business operations and objectives. The chief privacy officer (CPO) and the chief legal counsel (CLC) may not have the knowledge of the day- to-day business operations to ensure proper guidance, although they have the same influence within the organization as the COO. Although the chief security officer (CSO) is knowledgeable of what is needed, the sponsor for this task should be someone with far-reaching influence across the organization.


NEW QUESTION # 306
Within the confidentiality, integrity, and availability (CIA) triad, which of the following activities BEST supports the concept of confidentiality?

  • A. Enforcing service level agreements (SLAs)
  • B. Utilizing a formal change management process
  • C. Ensuring hashing of administrator credentials
  • D. Ensuring encryption for data in transit

Answer: D


NEW QUESTION # 307
Primary direction on the impact of compliance with new regulatory requirements that may lead to major application system changes should be obtained from the:

  • A. System developers/analysts.
  • B. key business process owners.
  • C. corporate internal auditor.
  • D. corporate legal counsel.

Answer: B

Explanation:
Explanation
Business process owners are in the best position to understand how new regulatory requirements may affect their systems. Legal counsel and infrastructure management, as well as internal auditors, would not be in as good a position to fully understand all ramifications.


NEW QUESTION # 308
An information security manager has discovered that a business unit is planning on implementing a new application and has not engaged anyone from the information security department. Which of the following is the BEST course of action?

  • A. Recommend involvement with the change manager.
  • B. Discuss the issue with senior leadership.
  • C. Block the application from going into production.
  • D. Review and update the change management process.

Answer: B


NEW QUESTION # 309
Which of the following will BEST protect against malicious activity by a former employee?

  • A. Preemployment screening
  • B. Periodic awareness training
  • C. Effective termination procedures
  • D. Close monitoring of users

Answer: C

Explanation:
When an employee leaves an organization, the former employee may attempt to use their credentials to perform unauthorized or malicious activity. Accordingly, it is important to ensure timely revocation of all access at the time an individual is terminated. Security awareness training, preemployment screening and monitoring are all important, but are not as effective in preventing this type of situation.


NEW QUESTION # 310
An information security manager has been asked to identify potential threats to the organization's information.
Which of the following should be done FIRST'

  • A. Develop a risk profile.
  • B. Engage a third-parry consultant
  • C. Review cyber insurance coverage.
  • D. Select a governance framework.

Answer: A


NEW QUESTION # 311
Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense9

  • A. A simulated denial of service (DoS) attack against the firewall
  • B. A port scan of the firewall from an internal source
  • C. A validation of the current firewall rule set
  • D. A ping test from an external source

Answer: C

Explanation:
A validation of the current firewall rule set is the best method for determining whether a firewall has been configured to provide a comprehensive perimeter defense because it verifies that the firewall rules are consistent, accurate, and effective in allowing or blocking traffic according to the security policies and standards of the organization. A port scan of the firewall from an internal source is not a good method because it does not test the firewall's behavior from an external perspective, which is more relevant for perimeter defense. A ping test from an external source is not a good method because it only tests the firewall's availability and responsiveness, not its security or functionality. A simulated denial of service (DoS) attack against the firewall is not a good method because it only tests the firewall's resilience and performance under high traffic load, not its security or functionality. References: https://www.isaca.org/resources/isaca-journal
/issues/2016/volume-4/technical-security-standards-for-information-systems https://www.isaca.org/resources
/isaca-journal/issues/2017/volume-2/the-value-of-penetration-testing https://www.isaca.org/resources/isaca- journal/issues/2016/volume-5/security-scanning-versus-penetration-testing


NEW QUESTION # 312
A message* that has been encrypted by the sender's private key and again by the receiver's public key achieves:

  • A. confidentiality and nonrepudiation.
  • B. authentication and nonrepudiation.
  • C. authentication and authorization.
  • D. confidentiality and integrity.

Answer: A

Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
Encryption by the private key of the sender will guarantee authentication and nonrepudiation. Encryption by the public key of the receiver will guarantee confidentiality.


NEW QUESTION # 313
An organization has implemented a new customer relationship management (CRM) system. Who should be responsible for enforcing authorized and controlled access to the CRM data?

  • A. The data owner
  • B. The information security manager
  • C. Internal IT audit
  • D. The data custodian

Answer: D

Explanation:
The data custodian is the person or role who is responsible for enforcing authorized and controlled access to the CRM data, according to the security policies and standards defined by the data owner. The data custodian implements and maintains the technical and operational controls, such as authentication, authorization, encryption, backup, and recovery, to protect the data from unauthorized access, modification, disclosure, or destruction. The data custodian also monitors and reports on the data access activities and incidents.
Reference = Setting Up Access Controls and Permissions in Your CRM, Accountability for Information Security Roles and Responsibilities, Part 1, How to Meet the Shared Responsibility Model with CIS


NEW QUESTION # 314
A new system has been developed that does not comply with password-aging rules. This noncompliance can BEST be identified through:

  • A. a progressive series of warnings
  • B. an internal audit assessment
  • C. an incident management process
  • D. a business impact analysis

Answer: B


NEW QUESTION # 315
Which of the following would BEST ensure the success of information security governance within an organization?

  • A. Security policy training provided to all managers
  • B. Security training available to all employees on the intranet
  • C. Steering committees enforce compliance with laws and regulations
  • D. Steering committees approve security projects

Answer: D

Explanation:
The existence of a steering committee that approves all security projects would be an indication of the existence of a good governance program. Compliance with laws and regulations is part of the responsibility of the steering committee but it is not a full answer. Awareness training is important at all levels in any medium, and also an indicator of good governance. However, it must be guided and approved as a security project by the steering committee.


NEW QUESTION # 316
When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:

  • A. provide metrics for reporting to senior management.
  • B. reduce the costs of future preventive controls.
  • C. learn of potential areas of improvement.
  • D. verify compliance with the service level agreement (SLA).

Answer: C

Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE


NEW QUESTION # 317
An information security manager has determined that the mean time to prioritize information security incidents has increased to an unacceptable level. Which of the following processes would BEST enable the information security manager to address this concern?

  • A. Incident classification
  • B. Forensic analysis
  • C. Incident response
  • D. Vulnerability assessment

Answer: A

Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE


NEW QUESTION # 318
Identification and prioritization of business risk enables project managers to:

  • A. establish implementation milestones.
  • B. reduce the overall amount of slack time.
  • C. accelerate completion of critical paths.
  • D. address areas with most significance.

Answer: D

Explanation:
Section: INFORMATION RISK MANAGEMENT
Explanation:
Identification and prioritization of risk allows project managers to focus more attention on areas of greater importance and impact. It will not reduce the overall amount of slack time, facilitate establishing implementation milestones or allow a critical path to be completed any sooner.


NEW QUESTION # 319
......


Significant Tidbits about CISM Test

Firstly, this exam precisely measures your technical knowledge as you prepare to take on a managerial role. Since this is a step up from being a team player, you need to have the expertise in the four domains mentioned above. Before you face the responsibilities of becoming an ISACA certified specialist in the workplace, though, you must first deal with the pressure of finishing the 150 exam questions in 4 hours. In the global scene, there are more than 46,000 holders of this renowned certification so, with the right attitude and preparation, you can be the next in line for professional success.


The CISM certification is suitable for professionals who are responsible for managing, designing, overseeing, and assessing an organization’s information security. Certified Information Security Manager certification ensures that these professionals have the skills and knowledge necessary to develop and implement effective security policies and procedures, identify and manage risks, and manage incident responses in the event of a security breach.

 

ISACA CISM Exam Practice Test Questions: https://torrentpdf.guidetorrent.com/CISM-dumps-questions.html

Related Articles

more
ISACA CISM Certification Practice Exam