ISACA-CISM

Which of the following should be the FIRST step of incident response procedures?

Which of the following is the BEST method for reducing the risk of data loss due to phishing attacks?

Which of the following tools provides an incident response team with the GREATEST insight into insider threat activity across multiple systems?

Which of the following is MOST important to the effectiveness of an information security program?

Conducting a business impact analysis (BIA) BEST helps to identify:

An employee who denies accusations of downloading inappropriate material to an organizational device has been discharged. In support of the disciplinary action the collection of legal evidence is required. Which of the following is the information security manager's BEST recommendation?

An information security manager wants to implement a security information and event management (SIEM) system that will aggregate log data from all systems that control perimeter access. Which of the following would BEST support the business case for this initiative to senior management?

Which of the following BEST protects against phishing attacks?

The PRIMARY objective of performing a post-incident review is to:

In a call center, the BEST reason to conduct a social engineering exercise is to:

An information security risk analysis BEST assists an organization in ensuring that:

Which of the following is the MOST effective way to address an organization's security concerns during contract negotiations with a third party?

Which of the following would BEST enable effective decision-making?

Which of the following is the BEST option to lower the cost to implement application security controls?

Which of the following is the GREATEST benefit of effective information security governance?

Which of the following should an information security manager do FIRST when creating an organization's disaster recovery plan (DRP)?

Which of the following would be the MOST effective use of findings from a post-incident review?

During a post-incident review, it was determined that a known vulnerability was exploited in order to gain access to a system. The vulnerability was patched as part of the remediation on the offending system. Which of the following should be done NEXT?

Which of the following is MOST helpful in determining the realization of benefits from an information security program?

During an internal compliance review, the review team discovers that a critical legacy application is unable to meet the organization's mandatory security requirements. Which of the following should be done FIRST?

Which of the following is the BEST way to reduce the risk of security incidents from targeted email attacks?

Which of the following is the PRIMARY benefit of an information security awareness training program?

Which of the following MOST effectively supports an organization's security culture?

A new type of ransomware has infected an organization's network. Which of the following would have BEST enabled the organization to detect this situation?

Which of the following should an information security manager do FIRST upon notification of a potential security risk associated with a third-party service provider?

Which of the following BEST enables an organization to enhance its incident response plan processes and procedures?

Which of the following is BEST used to determine the maturity of an information security program?

Which of the following should be done FIRST when developing an information security strategy that is aligned with organizational goals?

A business impact analysis (BIA) BEST enables an organization to establish:

Which of the following is the PRIMARY objective of developing an information security program that aligns with the information security strategy?