Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISM Exam Prep > Assessing Risk > Flashcards

Assessing Risk Flashcards

1
Q

You need to apply many Azure policies together for checking security compliance. What should you configure?

  • Policy initiative
  • Azure Blueprint
  • Storage account
  • Workspace
A

Policy initiative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Prior to conducting penetration tests, what should be agreed upon?

  • Rules of engagement
  • Pen test scope
  • Gap analysis
  • Version of pen test tools to be used
A

Rules of engagement
Pen test scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You need a malware scan to thoroughly connect to and scan individual hosts. What should you configure?

  • Active scan
  • Schedule scan
  • Passive scan
  • Credentialed scan
A

Credentialed scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which international non-profit organization compiles a list of the Top 10 web app vulnerabilities every few years?

  • OWASP
  • CSA
  • NIST
  • ISO
A

OWASP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which type of security testing will only identify weaknesses?

  • Passive vulnerability scanning
  • Penetration testing
  • IRP drills
  • Active vulnerability scanning
A

Passive vulnerability scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which benefits are derived from performing a gap analysis?

  • Identify fraud within the organization
  • Identify shortcomings
  • Determine web app vulnerabilities
  • Determine roadmap to reach desired outcome
A

Identify shortcomings
Determine roadmap to reach desired outcome

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CISM Exam Prep (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions