Introduction

Question 1

What are the four major domains covered by the CISM exam covers ?

Answer 1

• Information Security Governance
• Information Security Risk Management
• Information Security Program
• Incident Management

Question 2

What is a deterrent control ?

Answer 2

Deterrent controls are administrative mechanisms (such as policies, procedures, standards, guidelines, laws, and regulations) that are used to guide the execution of security within an organization. Deterrent controls are utilized to promote compliance with external controls, such as regulatory compliance.

Deterrent controls attempt to discourage individuals from causing an incident.

Question 3

What are the different type of controls ?

Answer 3

Preventive controls attempt to prevent an incident from occurring.

Detective controls attempt to detect incidents after they have occurred.

Corrective controls attempt to reverse the impact of an incident.

Deterrent controls attempt to discourage individuals from causing an incident.

Compensating controls are alternative controls used when a primary control is not feasible.

Question 4

Who is the ultimate authority over the organization ?

Answer 4

The board of directors

Question 5

What does MOU mean ?

Answer 5

Memoranda of Understanding

Question 6

When is a MOU (Memoranda of Understanding) relevant ?

Answer 6

When it is an agreement with another INTERNAL organization

Question 7

What does MSA mean ?

Answer 7

Master Service Agreement

Question 8

What does SLA mean ?

Answer 8

Service Level Agreement

Question 9

When to use MSA and SLAs ?

Answer 9

When the service is to be provided to external service providers

Question 10

What does BPA mean ?

Answer 10

Business Partnership Agreement

Question 11

When to use a BPA ?

Answer 11

When 2 organizations are entering into a joint effort.

Question 12

What does AV mean ?

Answer 12

Asset Value

Question 13

What is threat hunting ?

Answer 13

Cyber threat hunting is a proactive security search through networks, endpoints, and datasets to hunt malicious, suspicious, or risky activities that have evaded detection by existing tools.

Thus, there is a distinction between cyber threat detection versus cyber threat hunting. Threat detection is a somewhat passive approach to monitoring data and systems for potential security issues, but it’s still a necessity and can aid a threat hunter. Proactive cyber threat hunting tactics have evolved to use new threat intelligence on previously collected data to identify and categorize potential threats in advance of attack.

Question 14

What is the role of the Red Team ?

Answer 14

They attempt to gain access to systems

Question 15

What is the role of the Blue Team ?

Answer 15

They are defenders who secure systems from attack

Question 16

What is the role of the White team ?

Answer 16

They are observers and judges

Question 17

What is the role of the Purple team ?

Answer 17

They bring together members of red and blue teams

Question 18

What does “preponderance of the evidence” mean

Answer 18

The evidence demonstrate that the outcome of the case is more likely than not.

Question 19

Which “evidence standard” do civil cases follow ?

Answer 19

Preponderance of the evidence

Question 20

What is a parallel test ?

Answer 20

It is a type of tests where the alternate processing facility is activated but the primary site retains operational control

Question 21

What is a full interruption tests ?

Answer 21

In this type of test the primary site is shut down and operational control moves to the alternate site

Question 22

What is a simulation test ?

Answer 22

Simulations and Structured Walk-Throughs do not affect normal operations and do not activate the alternate site.

Question 23

What are the supporting tasks covered in the 1st chapter “Today’s Information Security Manager” ?

Answer 23

1. Identify Internal and external Influences to the organization that impact the information security strategy
2. Establish and/or maintain an information security strategy in alignment with organizational goals and objectives
3. Gain ongoing commitment from Senior Leadership and other stakeholders to support the successful implementation of the Information Security Strategy
4. Define, Communicate and Monitor Information Security Responsibilities throughout the organization and lines of authority

Question 24

What is the responsibility of an Information Security Manager ?

Answer 24

Leading teams of cybersecurity professionals and helping them achieve the goals of the cybersecurity program while aligning those objectives with the needs of the business.