CISM

Question 1

What is a Metric

Answer 1

Quantifiable entity that allows the measurement of the achievement of a process goal

Question 2

Phases of Incidence Response

Answer 2

Prepare
	Identify
	Contain
	Eradicate
	Restore

Question 3

GRC

Answer 3

Governance, Risk Management, Compliance

Question 4

IRT Role ensures incident Response actions and procedures comply with legal and regulatory requirements

Answer 4

Legal Representative

Question 5

Component in GRC is the responsibility of senior management and the BoD, and focuses on creating mechanisms to ensure personnel follow established Processes and policies

Answer 5

Governance

Question 6

IRT role writes incident response reports and documents lessons learned

Answer 6

Incident handler

Question 7

What is meant by Incident Repsonse?

Answer 7

Planning, coordinating, and executing appropriate mitigation, containment, and recovery strategies and actions

Question 8

According ISACA, 5 main components of a Security Review?

Answer 8

Objective, Scope, Constraints, approach, result

Question 9

IRT role that writes reports of investigation findings

Answer 9

Investigator

Question 10

Role that develops the security strategy with business objectives

Answer 10

CISO ir Info Sec manager

Question 11

Acronym CSF mean?

Answer 11

Critical Success Factor

Question 12

In which risk assessment phase are specific risk scenarios and possible outcomes developed?

Answer 12

Risk Identification

Question 13

IRT role documents the steps taken when executing the incident response plan?

Answer 13

Incident handler

Question 14

Purpose of a RACI Chart

Answer 14

Define various roles associated with aspects of an info Sec program

Question 15

Control category provides warnings that can deter potential compromise?

Answer 15

Deterrent Controls

Question 16

What is Cobit 5

Answer 16

Framework that cofuses on value from IT by maintaineng a balance between releazing benefits and optimizing risk levels and resource use

Question 17

5 principles of Cobit 5

Answer 17

Meeting the stakeholders needs
	Covering the enterprise end to endpoint	
	Applying a single integrated Framework
	Enabling a holistic approach
	Separating governance from management

Question 18

ALE

Answer 18

Single loss expect (SLE) X Annualized Rate of occurance (ARO)
ALE=SLE x ARO

Question 19

ARO

Answer 19

Annualized rate of occurance

Question 20

AUP

Answer 20

Acceptable Use Policy

Question 21

SDO= Service Delivery Objective

Answer 21

Level of service supported durign alternate process mode until the normal situation is restored.

Question 22

4 commonly accepted subsets of enterprise architecture according to ISACA

Answer 22

Business Architecture
Data “” “”
Applications “” “”
Technology “” ””

Question 23

GRC

Answer 23

Governance, Risk Management, Compliance

Question 24

Intangible assets

Answer 24

Patents, copyrights, reputation, data

Question 25

What control deters potential compromise

Answer 25

Deterrent Controls

Question 26

IRT role performs proactive and reactive measures to control info risk level

Answer 26

Info Sec manager

Question 27

IRT role takes responsibility for overall incident management and response concept

Answer 27

sec steering group

Question 28

IRT role Makes final decisions regarding incidents

Answer 28

Security Steering Group

Question 29

IRT role Finds root cause of incident

Answer 29

Investigator

Question 30

IRT role performs IT Sec assess/audit as a proactive mensure and part of the vuln management

Answer 30

IT Sec Specialist

Question 31

IRT role Develops and maintains incident management and response capability

Answer 31

Info Sec Manager

Question 32

IRT role Approves incident management team (IMT) Charter

Answer 32

sec steering group

Question 33

IRT role Approves deviations and exceptions to the Incident Response Plan

Answer 33

sec steering group

Question 34

IRT role responsible for coordingating the activities of all other recovery teams and handling key decision making

Answer 34

Emergency Management team

Question 35

4 PERSPECTIVES IN A BALANCED SCORECARD

Answer 35

Financial
Customer
Business Process
Learning and growth

Question 36

Accept the risk

Answer 36

Cost of mitigation to risk is higher than value of asset

Question 37

Exposure

Answer 37

– Extent to which vuln is exposed to threat

Question 38

FRaaS

Answer 38

• Forensics as a service

Question 39

IdaaS

Answer 39

• Identity as a Service

Question 40

PDCA

Answer 40

• Plan, Do, Check, Act

Question 41

IMT

Answer 41

• Incident management Team

Question 42

3 goals of a BIA

Answer 42

Criticality Prioritization
Downtime estimation
Resource Requirement

Question 43

6 outcomes of the info security program according to ISACA

Answer 43

Strategic Alignment
	Risk Management
	Value Delivery
	Resource Management
	Performance Measurement
	Assurance process integration

Question 44

What is a qualitative risk analysis?

Answer 44

Determines the magnitude and likelihood of the potential consequences of identified risks

Question 45

5 ISACA phases of incident management lifecycle

Answer 45

Planning and prep
	Detection, triae, and invetigate
	Containment, analysis, tracking, and recovery
	Post incident assessment
	Incident closure

Question 46

What are compensation controls?

Answer 46

control category to reduce risk of exisiting or potential control weakness

Question 47

Least risky cloud deployment model-

Answer 47

Private Cloud

Question 48

Identifies emerging risks and identifies compliance issues

Answer 48

Steering committee

Question 49

Cloud service model LEAST risky

Answer 49

Infrastructure as a service (IaaS)

Question 50

Security Review Scope

Answer 50

mapping of the objective to the aspect that is to be reviewed.

Question 51

Resource management-

Answer 51

ensures human, financial, technical, and knowledge resources are utilized efficiently and effectively

Question 52

Security review objective

Answer 52

= Statement of what is to be determined in the course of the reviewed

Question 53

3 main categories of info Sec threats

Answer 53

Environmental
technical
Man-made

Question 54

SLE

Answer 54

Single Loss Expectancy

Question 55

IRT Role provides assistance in incident management / response when there is a need to investigate an employee?

Answer 55

HR

Question 56

IRT Role performs incident response tasks to contain exposure from an incident?

Answer 56

Incident Handler

Question 57

Which control category warns of violations or attempted violations of a security policy

Answer 57

Detective controls

Question 58

What are the 4 processes in the Total Quality Management (TQM) Cycle?

Answer 58

Plan, Do, Check, Act

Question 59

Type of response that assigns a risk to 3rd party

Answer 59

Risk transfer

Question 60

(BMIS) Buss Model for Info Sec- Interconnection connects the people and process elements

Answer 60

Emergence

Question 61

Recovery site ready within a couple of hours

Answer 61

Hot site

Question 62

According to ISACA purpose of defining an approach for a security review?

Answer 62

To identify the set of activities that cover the scope in a way that meets the objective of the review, given the constraints

Question 63

Which role should require demonstrable alignment of security and business objectives

Answer 63

Board of Directors

Question 64

What is the security review Approach

Answer 64

A set of activities that cover the scope in a way that meets the objective of the review, given the constraints

Question 65

What phase of the incident management life cycle includes implementing IDS, IPS, and SIEM

Answer 65

Detection, Triage, and investigation

Question 66

Which phase of the incident management lifecyle includes detecting and validating incidents?

Answer 66

Detection, Triage, and investigation

Question 67

During which phase of incident response does the org verify if an incident has happened and find out more details about it?

Answer 67

Identify

Question 68

Which outcome of an effective info security program ensures that it addresses the business or mission objectives?

Answer 68

Strategic alignment

Question 69

(BMIS) Buss Model for Info Sec- interconnection connects the process and technology elements?

Answer 69

Enablement and Support

Question 70

Role responsible for managing risk using external providers

Answer 70

Info Sec Manager

Question 71

IRT rol maitains the change of custody and observes incident handling procedures for court purposes?

Answer 71

Incident Handler

Question 72

Incident response role acts as the incident management Team (IMT) leader and main interface to the security Steering Group (SSG)?

Answer 72

Info Sec Manager

Question 73

5 levels of the Capability Maturity Model Integration (CMMI)?

Answer 73

Lvl 1 - Iniital
Lvl 2 - Managed
Lvl 3 - Defined
Lvl 4 - Quantitatively Managed
Lvl 5 - Optimizing

Question 74

3 main phases of risk management?

Answer 74

Risk identification
Risk analysis
Risk Evaluation

Question 75

4 cloud deployment options

Answer 75

Private
Community
Public
Hybrid

Question 76

Knowledge gained from a quantitative risk analysis

Answer 76

Numerical values assign to impact and likelihood of identified risks

Question 77

Which roles should institute processes to integrate security with business objectives?

Answer 77

Exec or senior management

Question 78

What is meant by external factors

Answer 78

Factors the arise from the environment in which the org operates

Question 79

ISACA- 6 basic outcomes of a security program that is developed from info Sec Governance?

Answer 79

Strategic alignment
Risk management
Value Delivery
Resource Optimization
Performance measurement
Assurance process integration

Question 80

5 essential characteristics of the cloud?

Answer 80

On-demand self service
Broad network access
Resource pooling
Elasticity
Measured Service

Question 81

GRC process that records and monitors the policies, procedures, and controls needed to ensure that polcies and standards are followed?

Answer 81

Compliance

Question 82

What are operational metrics?

Answer 82

the common technical and procedural metrics

Question 83

IRT Roles performs complex and in-depth IT security related tasks as part of the incident response plan

Answer 83

IT Security Specialist

Question 84

Phase of the incident management life cycle includes prioritizing and rating incidents

Answer 84

Detection, Triage, investigation

Question 85

What is meant by a metric being SMART?

Answer 85

Specific, Measurable, Attainable, Relevant, Timely

Question 86

4 methods of risk response?

Answer 86

Avoid
Transfer
Mitigate
Access

Question 87

Org role responsible for access authorization for individual or groups?

Answer 87

Department Management

Question 88

Which outcome of an effective info sec program ensures that governance and assurance activities align with info sec activities?

Answer 88

assurance process integration

Question 89

which metrics are often compiled from other management metrics that were designed to indicate that the security program is on track, and on budget to achieve the desired outcomes?

Answer 89

Strategic metrics

Question 90

Which entity is the 1st line of defense in the sec on info?

Answer 90

employees

Question 91

What is meant by the term due diligence?

Answer 91

Research | The idea that there are steps that should be taken by reasonable person of similar competency in similar circumstances

Question 92

What must you FIRST protect against internal and external threats

Answer 92

Identify the potential threats

Question 93

What are controls

Answer 93

The means of managing risk, including policies, procedures, guidelines, practices, or org structures, which can be of an administrative, technical, management, or legal nature

Question 94

Used to determine the current state of risk for an org?

Answer 94

Risk Assessment

Question 95

What are operational metrics?

Answer 95

The common technical and procedural metrics

Question 96

Term defined as rules that run org, include policies, standards, and procedures to set direction and control of the org?

Answer 96

Governance

Question 97

Role that creates the security strategy in alignment with business objectives

Answer 97

CISO or info sec manager

Question 98

4 commonly ISACA subsets of overall enterprise architecture?

Answer 98

Business, Data, Applications, and technology architectures

Question 99

Which org role is responsible for security strategy oversight and alignment

Answer 99

Exec management

Question 100

Phase of the incident managment life cycle includes conducting log and audit analysis

Answer 100

Detection, triage, investigation

Question 101

interconnection connects the People and tech elements in the business model for info sec? (BMIS)?

Answer 101

Human Factors

Question 102

Roles responsible for due care and managing risk?

Answer 102

BoD and senior management

Question 103

What does EF denote?

Answer 103

Exposure Factor

Question 104

Risk assessment phase where identified risks are examined to determine their impacts

Answer 104

Risk Analysis

Question 105

Org role responsible for the IT Audit, but does not usually perform the audit

Answer 105

Info Sec manager