CISM Flashcards

Question 1

Q

The MOST important component of a privacy policy is:

Answer

A

Notifications

Question 2

Q

Which of the following is MOST likely to remain constant over time? An information security:

Question 3

Q

What is the PRIMARY factor to be taken into account when designing a backup strategy that will be consistent with a disaster recovery strategy?

Answer

A

Recovery point objective

Question 4

Q

When performing a business impact analysis, which of the following should calculate the recovery time and cost estimates?

Answer

A

Business process owners

Question 5

Q

What is the MOST important reason for formally documenting security procedures?

Answer

A

Ensuring processes are repeatable and sustainable.

Question 6

Q

Which of the following choices should be assessed after the likelihood of a loss event has been determined?

Answer

A

Magnitude of impact

Question 7

Q

What is the BEST method to confirm that all firewall rules and router configuration settings are adequate?

Answer

A

Periodically perform penetration tests

Question 8

Q

Which two components PRIMARILY must be assessed in an effective risk analysis?

Answer

A

Likelihood and impact

Question 9

Q

When designing an intrusion detection system, the information security manager should recommend that it be placed:

Answer

A

On a screened subnet

Question 10

Q

To BEST improve the alignment of the information security objectives in an enterprise, the chief information security officer should:

Answer

A

Evaluate a business balanced scorecard (BSC)

Question 11

Q

Which of the following factors is MOST important for the successful implementation of an enterprise’s information security program?

Answer

A

Senior management support

Question 12

Q

Management decided that the enterprise will not achieve compliance with a recently issued set of regulations. Which of the following is the MOST likely reason for the decision?

Answer

A

The cost of compliance exceeds the cost of possible sanctions.

Question 13

Q

Enterprises implement ethics training PRIMARILY to provide guidance to individuals engaged in:

Answer

A

Monitoring user activities

Question 14

Q

To implement information security governance, an enterprise should FIRST:

Answer

A

Define security strategy

Question 15

Q

What is the BEST method to verify that all security patches applied to servers were properly documented?

Answer

A

Trace OS patch logs to change control requests

Question 16

Q

Which of the following choices should be assessed after the likelihood of a loss event has been determined?

Answer

A

The magnitude of impact

Question 17

Q

Which of the following is the MAIN reason for performing risk assessment on a continuous basis?

Answer

A

The risk environment is constantly changing.

Question 18

Q

What is the BEST way to ensure that security settings on each platform are in compliance with information security policies and procedures?

Answer

A

Establish security baselines

Question 19

Q

New regulatory and legal compliance requirements that will have an effect on information security will MOST likely come from the:

Answer

A

Affected departments

Question 20

Q

Addressing the root cause of an incident is one aspect of which of the following incident management processes?

Answer

A

Eradication

Question 21

Q

Determining the level of effort needed to meet particular improvement targets in risk management can BEST be determined using which of the following tools?

Answer

A

A gap analysis

Question 22

Q

Which of the following is MOST important when collecting evidence for forensic analysis?

Answer

A

Ensure the assignment of qualified personnel

Question 23

Q

An enterprise is transferring its IT operations to an offshore location. An information security manager should PRIMARILY focus on:

Answer

A

Conducting a risk assessment

Question 24

Q

A financial institution plans to allocate information security resources to each of its business divisions. What areas should security activities focus on?

Answer

A

Areas where threat, likelihood and impact are the greatest.

Question 25

Q

Who should be assigned as data owner for sensitive customer data that are used only by the sales department and stored in a central database?

Answer

A

The head of the sales department

Question 26

Q

Which of the following do security policies need to be MOST closely aligned with?

Answer

A

Organizational needs

Question 27

Q

When creating an effective data-protection strategy, the information security manager must understand the flow of data and its protection at various stages. This is BEST achieved with:

Answer

A

A tailored methodology based on exposure.

Question 28

Q

Which of the following is MOST essential when assessing risk?

Answer

A

Considering both monetary value and likelihood of loss.

Question 29

Q

Which of the following is a key component of an incident response policy?

Answer

A

Escalation criteria

Question 30

Q

An enterprise has verified that its customer information was recently exposed. Which of the following is the FIRST step a security manager should take in this situation?

Answer

A

Determine the extent of the compromise

Question 31

Q

Which of the following is the BEST approach for an enterprise desiring to protect its intellectual property?

Answer

A

Restrict access to a need-to-know basis

Question 32

Q

Which of the following steps should be FIRST in developing an information security plan?

Answer

A

Analyze the current business strategy

Question 33

Q

Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?

Answer

A

Chief operating officer (COO)

Question 34

Q

What mechanism should be used to identify deficiencies that would provide attackers with an opportunity to compromise a computer system?

Answer

A

Security gap analysis

Question 35

Q

The MOST direct way to accurately determine the control baseline in an IT system is to do which of the following activities?

Answer

A

Review standards and system compliance

Question 36

Q

Which of the following provides the BEST confirmation that the business continuity plan/disaster recovery plan (BCP/DRP) objectives have been achieved?

Answer

A

The recovery time objective was not exceeded during testing.

Question 37

Q

Which of the following situations would be of the MOST concern to a security manager?

Answer

A

A Trojan was found installed on a systems administrator’s laptop.

Question 38

Q

Which of the following would BEST prepare an information security manager for regulatory reviews?

Answer

A

Perform self-assessments using regulatory guidelines and reports.

Question 39

Q

Which of the following BEST protects confidentiality of information?

Answer

A

Least privilege

Question 40

Q

Which of the following techniques MOST clearly indicates whether specific risk-reduction controls should be implemented?

Answer

A

Cost-benefit analysis

Question 41

Q

An information security manager is in the process of investigating a network intrusion. One of the enterprise’s employees is a suspect. The manager has just obtained the suspect’s computer and hard drive. Which of the following is the BEST next step?

Answer

A

Create an image of the original hard drive

Question 42

Q

Which of the following choices is the BEST indicator of the state of information security governance?

Answer

A

A defined maturity level

Question 43

Q

What is a desirable sensitivity setting for a biometric access control system that protects a high-security data center?

Answer

A

A high false reject rate

Question 44

Q

The MOST useful way to describe the objectives in the information security strategy is through:

Answer

A

Attributes and characteristics of the desired state

Question 45

Q

Quantifying the level of acceptable risk can BEST be indicated by which of the following choices?

Answer

A

Determining the ratio of business interruption insurance to its cost

Question 46

Q

Which of the following control measures BEST addresses integrity?

Answer

A

Nonrepudiation

Question 47

Q

Which of the following measures would be MOST effective against insider threats to confidential information?

Answer

A

Role-based access control

Question 48

Q

With regard to the implementation of security awareness programs in an enterprise, it is MOST relevant to understand that which one of the following aspects can change?

Answer

A

Threats and vulnerabilities

Question 49

Q

There is a delay between the time when a security vulnerability is first published, and the time when a patch is delivered. Which of the following should be carried out FIRST to mitigate the risk during this time period?

Answer

A

Identify the vulnerable systems and apply compensating controls

Question 50

Q

Which of the following choices would be the MOST useful in determining the possible consequences of a major compromise?

Answer

A

Asset valuation

Question 51

Q

An information security strategy presented to senior management for approval MUST incorporate:

Answer

A

Business priorities

Question 52

Q

When outsourcing, to ensure that third-party service providers comply with an enterprise security policy, which of the following should occur?

Answer

A

A periodic security audit

Question 53

Q

Which one of the following measures will BEST indicate the effectiveness of an incident response process?

Answer

A

Reduction of average response time to an incident

Question 54

Q

The BEST process for assessing an existing risk level is:

Answer

A

A security review

Question 55

Q

The triage phase of the incident response plan provides:

Answer

A

A snapshot of the current status of all incident activity reported.

Question 56

Q

Which of the following choices BEST reveals the evolving nature of attacks in an online environment?

Answer

A

Industry tracking groups

Question 57

Q

Which of the following is the MOST serious exposure of automatically updating virus signature files on every desktop each Friday at 11:00 p.m. (2300 hours)?

Answer

A

Systems are vulnerable to new viruses during the intervening week.

Question 58

Q

The factor that is MOST likely to result in identification of security incidents is:

Answer

A

Security awareness training

Question 59

Q

The MOST basic requirement for an information security governance program is to:

Answer

A

Be aligned with the corporate business strategy

Question 60

Q

What is the BEST way to determine if an anomaly-based intrusion detection system (IDS) is properly installed?

Answer

A

Simulate an attack and review IDS performance

Question 61

Q

Which of the following should be performed FIRST in the aftermath of a denial-of-service (DoS) attack?

Answer

A

Conduct an assessment to determine system status

Question 62

Q

When should a request for proposal be issued?

Answer

A

Prior to developing a project budget

Question 63

Q

Which of the following factors is the MOST significant in determining an enterprise’s risk appetite?

Answer

A

The organizational structure

Question 64

Q

From an information security perspective, which of the following will have the GREATEST impact on a financial enterprise with offices in various countries and involved in transborder transactions?

Answer

A

Evolving data protection regulations

Answer 64

A

Quality assurance

Answer 65

A

Develop and enforce comprehensive retention policies

Answer 66

A

A certificate authority’s (CA) private key

Answer 67

A

A risk and impact analysis

Answer 68

A

Enable system-enforced password configuration

Answer 69

A

Justify selection of risk mitigation strategies

Answer 70

A

Information Security

Answer 71

A

Monitor the probe and isolate the affected segment

Answer 72

A

Align enterprise assurance functions

Answer 73

A

Direct executive management to assess the risk and report results to the board

Answer 74

A

After a material control failure

Brainscape's Knowledge GenomeTM

CISM Flashcards

CISM

Brainscape's Knowledge Genome^TM