CISM exam

When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:A . implement controls to mitigate the risk.B . monitor for business changes.C . review the residual risk levelD . report compliance to managementView AnswerAnswer: B

Which of the following activities BEST enables executive management to ensure value delivery within an information security program?A . Requiring employees to undergo information security awareness trainingB . Assigning an information security manager to a senior management positionC . Approving an industry-recognized information security frameworkD . Reviewing business cases for...

After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?A . Risk heat mapB . Recent audit resultsC . Balanced scorecardD . Gap analysisView AnswerAnswer: C

Over the last year, an information security manager has performed risk assessments on multiple third-party vendors. Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?A . Criticality of the service to the organizationB . Compliance requirements associated with the...

Which of the following is the MOST effective way to detect social engineering attacks?A . Implement real-time monitoring of security-related events.B . Encourage staff to report any suspicious activities.C . Implement an acceptable use policy.D . Provide incident management training to all start.View AnswerAnswer: B

Which of the following is the MOST effective defense against spear phishing attacks?A . Unified threat managementB . Web filteringC . Anti-spam solutionD . User awareness trainingView AnswerAnswer: D

Which of the following BEST reduces the likelihood of leakage of private information via email?A . User awareness trainingB . Email encryptionC . Strong user authentication protocolsD . Prohibition on the personal use of emailView AnswerAnswer: B

An access rights review revealed that some former employees' access is still active. Once the access is revoked, which of the following is the BEST course of action to help prevent recurrence?A . Implement a periodic recertification program.B . Initiate an access control policy review.C . Validate HR offboarding processes.D...

Which of the following is the MOST useful metric for determining how well firewall logs are being monitored?A . The number of port scanning attemptsB . The number of log entries reviewedC . The number of investigated alertsD . The number of dropped malformed packetsView AnswerAnswer: C

Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?A . The patch should be applied to critical systems.B . The patch should be validated using a hash algorithm.C . The patch should be evaluated in a testing environment.D...