ISACA-CISM

Which of the following is MOST important to include in an information security framework?

The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall continuity planning process is to:

An organization learns that a service provider experienced a breach last month and did not notify the organization. Which of the following should be the information security manager's FIRST course of action?

Which of the following approaches to communication with senior management BEST enables an information security manager to maximize the effectiveness of the information security program?

Which of the following control types should be considered FIRST for aligning employee behavior with an organization's information security objectives?

An employee clicked on a malicious link in an email that resulted in compromising company data. What is the BEST way to mitigate this risk in the future?

The business value of an information asset is derived from:

Which of the following is the BEST indicator of the maturity level of a vendor risk management process?

Which of the following is the BEST way for an information security manager to justify ongoing annual maintenance fees associated with an intrusion prevention system (IPS)?

An international organization with remote branches is implementing a corporate security policy for managing personally identifiable information (PII). Which of the following should be the information security manager's MAIN concern?

In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?

A data discovery project uncovers an unclassified process document. Of the following, who is BEST suited to determine the classification?

Which of the following is MOST important to include in a post-incident report?

When creating an incident response plan, the triggers for the business continuity plan (BCP) MUST be based on:

An organization's information security strategy should be the PRIMARY input to which of the following?

Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a public-facing web server?

Which of the following is the BEST indication of information security strategy alignment with the business?

Which of the following would BEST mitigate accidental data loss events?

Which of the following is a PRIMARY function of an incident response team?

Using which of the following metrics will BEST help to determine the resiliency of IT infrastructure security controls?

Which of the following has the MOST influence on the information security investment process?

An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred: ✑ A bad actor broke into a business-critical FTP server by brute forcing an administrative password ✑ The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored ✑ The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server ✑ After three (3) hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail Which of the following could have been prevented by conducting regular incident response testing?

Which of the following is MOST important when designing an information security governance framework?

A serious vulnerability was detected in a business application that can be exploited by external attackers to compromise the system. What is the information security manager's BEST course of action?

Which of the following is MOST important to consider when defining escalation processes for incident response procedures?

Which of the following is the MAIN reason for integrating an organization's incident response plan with its business continuity process?

Which of the following should be the PRIMARY basis for a severity hierarchy for information security incident classification?

Which of the following would BEST enable the timely execution of an incident response plan?

Which of the following is the BEST approach to identify new security issues associated with IT systems and applications in a timely manner?

When designing security controls, it is MOST important to: