$0.00
Isaca CISM Exam Dumps
Certified Information Security Manager
Total Questions : 1044
Update Date : June 21, 2026
PDF + Test Engine
$65 $95
Test Engine
$55 $85
PDF Only
$45 $75
Last Week CISM Exam Results
134
Customers Passed Isaca CISM Exam
99%
Average Score In Real CISM Exam
98%
Questions came from our CISM dumps.
Choosing the Right Path for Your CISM Exam Preparation
Welcome to PassExamHub's comprehensive study guide for the Certified Information Security Manager exam. Our CISM dumps is designed to equip you with the knowledge and resources you need to confidently prepare for and succeed in the CISM certification exam.
What Our Isaca CISM Study Material Offers
PassExamHub's CISM dumps PDF is carefully crafted to provide you with a comprehensive and effective learning experience. Our study material includes:
In-depth Content: Our study guide covers all the key concepts, topics, and skills you need to master for the CISM exam. Each topic is explained in a clear and concise manner, making it easy to understand even the most complex concepts.
Online Test Engine: Test your knowledge and build your confidence with a wide range of practice questions that simulate the actual exam format. Our test engine cover every exam objective and provide detailed explanations for both correct and incorrect answers.
Exam Strategies: Get valuable insights into exam-taking strategies, time management, and how to approach different types of questions.
Real-world Scenarios: Gain practical insights into applying your knowledge in real-world scenarios, ensuring you're well-prepared to tackle challenges in your professional career.
Why Choose PassExamHub?
Expertise: Our CISM exam questions answers are developed by experienced Isaca certified professionals who have a deep understanding of the exam objectives and industry best practices.
Comprehensive Coverage: We leave no stone unturned in covering every topic and skill that could appear on the CISM exam, ensuring you're fully prepared.
Engaging Learning: Our content is presented in a user-friendly and engaging format, making your study sessions enjoyable and effective.
Proven Success: Countless students have used our study materials to achieve their CISM certifications and advance their careers.
Start Your Journey Today!
Embark on your journey to Certified Information Security Manager success with PassExamHub. Our study material is your trusted companion in preparing for the CISM exam and unlocking exciting career opportunities.
Related Exams
Isaca CISM Sample Question Answers
Question # 1Which of the following should an organization do FIRST upon learning that a subsidiary is located in a country where civil unrest has just begun?
A. Assess changes in the risk profile.
B. Activate the disaster recovery plan (DRP).
C. Invoke the incident response plan.
D. Conduct security awareness training.
Question # 2
An organization finds it necessary to quickly shift to a work-fromhome model with an increased need for remote access security. Which of the following should be given immediate focus?
A. Moving to a zero trust access model
B. Enabling network-level authentication
C. Enhancing cyber response capability
D. Strengthening endpoint security
Question # 3
An organization plans to implement a new e-commerce operation in a highly regulated market. Which of the following is MOST important to consider when updating the risk management strategy?
A. Strategy of industry peers
B. Outsourcing needs
C. Business culture
D. Compliance requirements
Question # 4
Which of the following should include contact information for representatives of equipment and software vendors?
A. Information security program charter
B. Business impact analysis (BIA)
C. Service level agreements (SLAs)
D. Business continuity plan (BCP)
Question # 5
Which of the following activities is designed to handle a control failure that leads to a breach?
A. Risk assessment
B. Incident management
C. Root cause analysis
D. Vulnerability management
Question # 6
Which of the following is the MOST appropriate metric to demonstrate the effectiveness of information security controls to senior management?
A. Downtime due to malware infections
B. Number of security vulnerabilities uncovered with network scans
C. Percentage of servers patched
D. Annualized loss resulting from security incidents
Question # 7
Which of the following is MOST important to ensuring that incident management plans are executed effectively?
A. Management support and approval has been obtained.
B. The incident response team has the appropriate training.
C. An incident response maturity assessment has been conducted.
D. A reputable managed security services provider has been engaged.
Question # 8
Which of the following is the MOST effective way to detect security incidents?
A. Analyze recent security risk assessments.
B. Analyze security anomalies.
C. Analyze penetration test results.
D. Analyze vulnerability assessments.
Question # 9
An organization is experiencing a sharp increase in incidents related to phishing messages. The root cause is an outdated email filtering system that is no longer supported by the vendor. Which of the following should be the information security manager's FIRST course of action?
A. Reinforce security awareness practices for end users.
B. Temporarily outsource the email system to a cloud provider.
C. Develop a business case to replace the system.
D. Monitor outgoing traffic on the firewall.
Question # 10
For which of the following is it MOST important that system administrators be restricted to read-only access?
A. User access log files
B. Administrator user profiles
C. Administrator log files
D. System logging options
Question # 11
A security incident has been reported within an organization When should an information security manager contact the information owner?
A. After the incident has been mitigated
B. After the incident has been confirmed.
C. After the potential incident has been togged
D. After the incident has been contained
Question # 12
After logging in to a web application, additional authentication is checked at various application points. Which of the following is the PRIMARY reason for such an approach?
A. To ensure access rights meet classification requirements
B. To facilitate the analysis of application logs
C. To ensure web application availability
D. To support strong two-factor authentication protocols
Question # 13
Which of the following is MOST important to ensure when developing escalation procedures for an incident response plan?
A. Each process is assigned to a responsible party.
B. The contact list is regularly updated.
C. Minimum regulatory requirements are maintained.
D. Senior management approval has been documented.
Question # 14
Which of the following has the MOST influence on the information security investment process?
A. IT governance framework
B. Information security policy
C. Organizational risk appetite
D. Security key performance indicators (KPIs)
Question # 15
Which of the following has the GREATEST influence on the successful integration of information security within the business?
A. Organizational structure and culture
B. Risk tolerance and organizational objectives
C. The desired state of the organization
D. Information security personnel
Question # 16
What should be the FIRST step when an Internet of Things (loT) device in an organization's network is confirmed to have been hacked?
A. Monitor the network.
B. Perform forensic analysis.
C. Disconnect the device from the network,
D. Escalate to the incident response team
Question # 17
Which of the following is the BEST way to determine if an information security profile is aligned with business requirements?
A. Review the key performance indicator (KPI) dashboard
B. Review security-related key risk indicators (KRIs)
C. Review control self-assessment (CSA) results
D. Review periodic security audits
Question # 18
Which of the following should be the PRIMARY focus of a status report on the information security program to senior management?
A. Providing evidence that resources are performing as expected
B. Verifying security costs do not exceed the budget
C. Demonstrating risk is managed at the desired level
D. Confirming the organization complies with security policies
Question # 19
Management would like to understand the risk associated with engaging an Infrastructureas-a-Service (laaS) provider compared to hosting internally. Which of the following would provide the BEST method of comparing risk scenarios?
A. Mapping risk scenarios according to sensitivity of data
B. Reviewing mitigating and compensating controls for each risk scenario
C. Mapping the risk scenarios by likelihood and impact on a chart
D. Performing a risk assessment on the laaS provider
Question # 20
The PRIMARY goal when conducting post-incident reviews is to identify:
A. Additional cybersecurity budget needs
B. Weaknesses in incident response plans
C. Information to be shared with senior management
D. Individuals that need additional training
Question # 21
Which of the following metrics BEST demonstrates the effectiveness of an organization's security awareness program?
A. Number of security incidents reported to the help desk
B. Percentage of employees who regularly attend security training
C. Percentage of employee computers and devices infected with malware
D. Number of phishing emails viewed by end users
Question # 22
Reviewing which of the following would be MOST helpful when a new information security manager is developing an information security strategy for a non-regulated organization?
A. Management's business goals and objectives
B. Strategies of other non-regulated companies
C. Risk assessment results
D. Industry best practices and control recommendations
Question # 23
An organization has decided to implement an Internet of Things (IoT) solution to remain competitive in the market. Which of the following should information security do FIRST?
A. Recalculate risk profile
B. Implement compensating controls
C. Reassess risk tolerance levels
D. Update the security architecture
Question # 24
Which of the following is the BEST approach for data owners to use when defining access privileges for users?
A. Implement an identity and access management (IDM) tool.
B. Define access privileges based on user roles.
C. Adopt user account settings recommended by the vendor.
D. Perform a risk assessment of the users' access privileges.
Question # 25
An incident response team recently encountered an unfamiliar type of cyber event. Though the team was able to resolve the issue, it took a significant amount of time to identify. What is the BEST way to help ensure similar incidents are identified more quickly in the future?
A. Implement a SIEM solution.
B. Perform a threat analysis.
C. Establish performance metrics for the team.
D. Perform a post-incident review.
Question # 26
During the implementation of a new system, which of the following processes proactively minimizes the likelihood of disruption, unauthorized alterations, and errors?
A. Configuration management
B. Password management
C. Change management
D. Version management
Question # 27
Which of the following is the MOST common cause of cybersecurity breaches?
A. Lack of adequate password rotation
B. Human error
C. Abuse of privileged accounts
D. Lack of control baselines
Question # 28
An information security manager notes that security incidents are not being appropriately escalated by the help desk after tickets are logged. Which of the following is the BEST automated control to resolve this issue?
A. Implementing automated vulnerability scanning in the help desk workflow
B. Changing the default setting for all security incidents to the highest priority
C. Integrating automated service level agreement (SLA) reporting into the help desk ticketing system
D. Integrating incident response workflow into the help desk ticketing system
Question # 29
An information security program is BEST positioned for success when it is closely aligned with:
A. information security best practices.
B. recognized industry frameworks.
C. information security policies.
D. the information security strategy.
Question # 30
A security incident has been reported within an organization. When should an information security manager contact the information owner?
A. After the incident has been contained
B. After the incident has been mitigated
C. After the incident has been confirmed
D. After the potential incident has been logged
Question # 31
An information security manager has discovered a new technique that cybercriminals are exploiting. Which of the following has the manager identified?
A. A risk
B. A threat
C. An incident
D. An event
Question # 32
The PRIMARY advantage of performing black-box control tests as opposed to white-box control tests is that they:
A. cause fewer potential production issues.
B. require less IT staff preparation.
C. simulate real-world attacks.
D. identify more threats.
Question # 33
Which of the following is the PRIMARY benefit of an information security awareness training program?
A. Influencing human behavior
B. Evaluating organizational security culture
C. Defining risk accountability
D. Enforcing security policy
Question # 34
Which of the following is the MOST effective way to determine the alignment of an information security program with the business strategy?
A. Evaluate the results of business continuity testing.
B. Review key performance indicators (KPIs).
C. Evaluate the business impact of incidents.
D. Engage business process owners.
Question # 35
When multiple Internet intrusions on a server are detected, the PRIMARY concern of the information security manager should be to ensure:
A. the integrity of evidence is preserved.
B. forensic investigation software is loaded on the server.
C. the incident is reported to senior management.
D. the server is unplugged from power.
Question # 36
The MOST useful technique for maintaining management support for the information security program is:
A. informing management about the security of business operations.
B. implementing a comprehensive security awareness and training program.
C. identifying the risks and consequences of failure to comply with standards.
D. benchmarking the security programs of comparable organizations.
Question # 37
An organization involved in e-commerce activities operating from its home country opened a new office in another country with stringent security laws. In this scenario, the overall security strategy should be based on:
A. the security organization structure.
B. international security standards.
C. risk assessment results.
D. the most stringent requirements.
Question # 38
Which of the following is the BEST approach for addressing noncompliance with security standards?
A. Develop new security standards.
B. Maintain a security exceptions process.
C. Discontinue affected activities until security requirements can be met.
D. Apply additional logging and monitoring to affected assets.
Question # 39
Which of the following backup methods requires the MOST time to restore data for an application?
A. Full backup
B. Incremental
C. Differential
D. Disk mirroring
Question # 40
Which of the following should be the PRIMARY consideration when developing an incident response plan?
A. The definition of an incident
B. Compliance with regulations
C. Management support
D. Previously reported incidents
Question # 41
ACISO learns that a third-party service provider did not notify the organization of a data breach that affected the service provider's data center. Which of the following should the CISO do FIRST?
A. Recommend canceling the outsourcing contract.
B. Request an independent review of the provider's data center.
C. Notify affected customers of the data breach.
D. Determine the extent of the impact to the organization.
Question # 42
Which of the following BEST ensures timely and reliable access to services?
A. Nonrepudiation
B. Authenticity
C. Availability
D. Recovery time objective (RTO)
Question # 43
An organization permits the storage and use of its critical and sensitive information on employee-owned smartphones. Which of the following is the BEST security control?
A. Establishing the authority to remote wipe
B. Developing security awareness training
C. Requiring the backup of the organization's data by the user
D. Monitoring how often the smartphone is used
Question # 44
Data classification is PRIMARILY the responsibility of:
A. senior management.
B. the data custodian.
C. the data owner.
D. the security manager.
Question # 45
Which of the following is the PRIMARY reason for an information security manager to periodically review existing controls?
A. To prioritize security initiatives
B. To avoid redundant controls
C. To align with emerging risk
D. To address end-user control complaints
Question # 46
An information security manager has confirmed the organization's cloud provider has unintentionally published some of the organization's business data. Which of the following should be done NEXT?
A. Identify users associated with the exposed data.
B. Initiate the organization's data loss prevention (DLP) processes.
C. Review the cloud provider's service level agreement (SLA).
D. Invoke the incident response plan.
Question # 47
Which of the following is the GREATEST challenge when developing key risk indicators (KRIs)?
A. Limiting the number of KRIs
B. Comprehensively reporting on KRIs
C. Aggregating common KRIs
D. Linking KRIs to specific risks
Question # 48
The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:
A. the internal audit manager.
B. the information security officer.
C. the steering committee.
D. the board of directors.
Question # 49
From an information security perspective, legal issues associated with a transborder flow of technology-related items are MOST often
A. website transactions and taxation.
B. software patches and corporate date.
C. encryption tools and personal data.
D. lack of competition and free trade.
Question # 50
Which of the following is the BEST tool to use for identifying and correlating intrusion attempt alerts?
A. Threat analytics software
B. Host intrusion detection system
C. SIEM
D. Network intrusion detection system
Question # 51
A post-incident review identified that user error resulted in a major breach. Which of the following is MOST important to determine during the review?
A. The time and location that the breach occurred
B. Evidence of previous incidents caused by the user
C. The underlying reason for the user error
D. Appropriate disciplinary procedures for user error
Question # 52
An organization experienced a loss of revenue during a recent disaster. Which of the following would BEST prepare the organization to recover?
A. Business impact analysis (BIA)
B. Business continuity plan (BCP)
C. Incident response plan
D. Disaster recovery plan (DRP)
Question # 53
Recovery time objectives (RTOs) are BEST determined by:
A. business managers
B. business continuity officers
C. executive management
D. database administrators (DBAs).
Question # 54
Which of the following would BEST justify continued investment in an information security program?
A. Reduction in residual risk
B. Security framework alignment
C. Speed of implementation
D. Industry peer benchmarking
Question # 55
A multinational organization is introducing a security governance framework. The information security manager's concern is that regional security practices differ. Which of the following should be evaluated FIRST?
A. Local regulatory requirements
B. Global framework standards
C. Cross-border data mobility
D. Training requirements of the framework
Question # 56
A small organization with limited budget hires a new information security manager who finds the same IT staff member is assigned the responsibility of system administrator, security administrator, database administrator (DBA), and application administrator What is the manager's BEST course of action?
A. Automate user provisioning activities.
B. Maintain strict control over user provisioning activities.
C. Formally document IT administrator activities.
D. Implement monitoring of IT administrator activities.
Question # 57
After a ransomware incident an organization's systems were restored. Which of the following should be of MOST concern to the information security manager?
A. The service level agreement (SLA) was not met.
B. The recovery time objective (RTO) was not met.
C. The root cause was not identified.
D. Notification to stakeholders was delayed.
Question # 58
An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:
A. service level agreements (SLAs)
B. security requirements for the process being outsourced.
C. risk-reporting methodologies.
D. security metrics
Question # 59
Which of the following would BEST mitigate accidental data loss events?
A. Conduct periodic user awareness training.
B. Obtain senior management support for the information security strategy.
C. Conduct a data loss prevention (DLP) audit.
D. Enforce a data hard drive encryption policy.
Question # 60
Which of the following is the BEST way lo monitor for advanced persistent threats (APT) in an organization?
A. Network with peers in the industry to share information.
B. Browse the Internet to team of potential events
C. Search for anomalies in the environment
D. Search for threat signatures in the environment.
Question # 61
Which of the following is a prerequisite for formulating a business continuity plan (BCP)?
A. Recovery time objectives (RTOs) for the business processes
B. Process maps for production applications
C. System recovery procedures for alternate-site processing
D. Comprehensive property inventory
Question # 62
Which of the following is the BEST reason to implement an information security architecture?
A. Assess the cost-effectiveness of the integration.
B. Fast-track the deployment of information security components.
C. Serve as a post-deployment information security road map.
D. Facilitate consistent implementation of security requirements.
Question # 63
Which of the following BEST determines the allocation of resources during a security incident response?
A. Senior management commitment
B. A business continuity plan (BCP)
C. An established escalation process
D. Defined levels of severity
Question # 64
Which of the following eradication methods is MOST appropriate when responding to an incident resulting in malware on an application server?
A. Disconnect the system from the network.
B. Change passwords on the compromised system.
C. Restore the system from a known good backup.
D. Perform operation system hardening.
Question # 65
Which of the following should an information security manager do FIRST when there is a conflict between the organization's information security policy and a local regulation?
A. Enforce the local regulation.
B. Obtain legal guidance.
C. Enforce the organization's information security policy.
D. Obtain an independent assessment of the regulation.
Question # 66
Which of the following BEST facilitates recovery of data lost as a result of a cybersecurity incident?
A. Removable storage media
B. Disaster recovery plan (DRP)
C. Offsite data backups
D. Encrypted data drives
Question # 67
Which of the following is MOST important for an information security manager to verify before conducting full-functional continuity testing?
A. Risk acceptance by the business has been documented
B. Teams and individuals responsible for recovery have been identified
C. Copies of recovery and incident response plans are kept offsite
D. Incident response and recovery plans are documented in simple language
Question # 68
Which of the following roles is MOST appropriate to determine access rights for specific users of an application?
A. Data owner
B. Data custodian
C. System administrator
D. Senior management
Question # 69
Which of the following BEST enables an organization to provide ongoing assurance that legal and regulatory compliance requirements can be met?
A. Embedding compliance requirements within operational processes
B. Engaging external experts to provide guidance on changes in compliance requirements
C. Performing periodic audits for compliance with legal and regulatory requirements
D. Assigning the operations manager accountability for meeting compliance requirements
Question # 70
Which of the following is the BEST course of action when confidential information is inadvertently disseminated outside the organization?
A. Review compliance requirements.
B. Communicate the exposure.
C. Declare an incident.
D. Change the encryption keys.
Question # 71
Which of the following should be the KEY consideration when creating an information security communication plan with industry peers?
A. Balancing the benefits of information sharing with the drawbacks of sharing sensitive information
B. Reducing the costs associated with information sharing by automating the process
C. Ensuring information is detailed enough to be of use to other organizations
D. Notifying the legal department whenever incident-related information is shared
Question # 72
An organization is planning to outsource the execution of its disaster recovery activities. Which of the following would be MOST important to include in the outsourcing agreement?
A. Definition of when a disaster should be declared
B. Requirements for regularly testing backups
C. Recovery time objectives (RTOs)
D. The disaster recovery communication plan
Question # 73
Which of the following should an information security manager do FIRST upon learning that a competitor has experienced a ransomware attack?
A. Perform a full data backup.
B. Conduct ransomware awareness training for all staff.
C. Update indicators of compromise in the security systems.
D. Review the current risk assessment.
Question # 74
A new type of ransomware has infected an organization's network. Which of the following would have BEST enabled the organization to detect this situation?
A. Regular review of the threat landscape
B. Periodic information security training for end users
C. Use of integrated patch deployment tools
D. Monitoring of anomalies in system behavior
Question # 75
Which of the following is MOST effective in preventing the introduction of vulnerabilities that may disrupt the availability of a critical business application?
A. A patch management process
B. Version control
C. Change management controls
D. Logical access controls
Question # 76
The MAIN benefit of implementing a data loss prevention (DLP) solution is to:
A. enhance the organization's antivirus controls.
B. eliminate the risk of data loss.
C. complement the organization's detective controls.
D. reduce the need for a security awareness program.
Question # 77
The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented, even though the recommendations are required by regulatory oversight. What should the information security manager do NEXT?
A. Review the risk monitoring plan.
B. Formally document the decision.
C. Review the regulations.
D. Advise the risk management team.
Question # 78
What should be the GREATEST concern for an information security manager of a large multinational organization when outsourcing data processing to a cloud service provider?
A. Vendor service level agreements (SLAs)
B. Independent review of the vendor
C. Local laws and regulations
D. Backup and restoration of data
Question # 79
When designing security controls, it is MOST important to:
A. Apply a risk-based approach
B. Apply technical controls for sensitive data
C. Consider business impact analysis (BIA) results
D. Focus on preventive controls
Question # 80
An organization's HR department requires that employee account privileges be removed from all corporate IT systems within three days of termination to comply with a government regulation However, the systems all have different user directories, and it currently takes up to four weeks to remove the privileges Which of the following would BEST enable regulatory compliance?
A. Multi-factor authentication (MFA) system
B. Identity and access management (IAM) system
C. Privileged access management (PAM) system
D. Governance, risk, and compliance (GRC) system
Question # 81
Several critical systems have been compromised with malware. Which of the following is the BEST strategy to eradicate this incident?
A. Perform malware scanning
B. Reimage the systems
C. Block access to the impacted systems
D. Perform a vulnerability assessment
Question # 82
Which of the following is MOST important for an organization to have in place to determine the effectiveness of information security governance?
A. Program metrics
B. Key risk indicators (KRIs)
C. Risk register
D. Security strategy
Question # 83
An incident management team is alerted to a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:
A. conduct an incident forensic analysis.
B. fallow the incident response plan
C. notify the business process owner.
D. fallow the business continuity plan (BCP).
Question # 84
Which of the following control types should be considered FIRST for aligning employee behavior with an organization's information security objectives?
A. Administrative security controls
B. Technical security controls
C. Physical security controls
D. Access security controls
Question # 85
Which of the following is BEST to include in a business case when the return on investment (ROI) for an information security initiative is difficult to calculate?
A. Projected Increase in maturity level
B. Estimated reduction in risk
C. Projected costs over time
D. Estimated increase in efficiency
Question # 86
Which of the following is the BEST way to determine the effectiveness of an incident response plan?
A. Reviewing previous audit reports
B. Conducting a tabletop exercise
C. Benchmarking the plan against best practices
D. Performing a penetration test
Question # 87
The PRIMARY consideration when responding to a ransomware attack should be to ensure:
A. backups are available.
B. the most recent patches have been applied.
C. the ransomware attack is contained
D. the business can operate
Question # 88
Which of the following is the GREATEST value provided by a security information and event management (SIEM) system?
A. Maintaining a repository base of security policies
B. Measuring impact of exploits on business processes
C. Facilitating the monitoring of risk occurrences
D. Redirecting event logs to an alternate location for business continuity plan
Question # 89
Of the following, who would provide the MOST relevant input when aligning the information security strategy with organizational goals?
A. Enterprise risk committee
B. Information security steering committee
C. Data privacy officer (DPO)
D. Chief information security officer (CISO)
Question # 90
Which of the following BEST enables an information security manager to demonstrate the effectiveness of the information security and risk program to senior management?
A. Updated risk assessments
B. Counts of information security incidents
C. Audit reports
D. Monthly metrics
Question # 91
Which of the following change management procedures is MOST likely to cause concern to the information security manager?
A. Fallback processes are tested the weekend before changes are made
B. Users are not notified of scheduled system changes
C. A manual rather than an automated process is used to compare program versions.
D. The development manager migrates programs into production
Question # 92
Which of the following presents the GREATEST risk associated with the use of an automated security information and event management (SIEM) system?
A. Low number of false positives
B. Low number of false negatives
C. High number of false positives
D. High number of false negatives
Question # 93
Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?
A. Lack of knowledgeable personnel
B. Lack of communication processes
C. Lack of process documentation
D. Lack of alignment with organizational goals
Question # 94
Which of the following is the BEST course of action for an information security manager to align security and business goals?
A. Conducting a business impact analysis (BIA)
B. Reviewing the business strategy
C. Defining key performance indicators (KPIs)
D. Actively engaging with stakeholders
Question # 95
Which of the following is a desired outcome of information security governance?
A. Penetration test
B. Improved risk management
C. Business agility
D. A maturity model
Question # 96
Which of the following is the MOST critical input to developing policies, standards, and procedures to secure information assets?
A. Vulnerability assessment
B. Regulatory requirements
C. Industry best practices
D. Enterprise goals
Question # 97
A cloud application used by an organization is found to have a serious vulnerability. After assessing the risk, which of the following would be the information security manager's BEST course of action?
A. Instruct the vendor to conduct penetration testing.
B. Suspend the connection to the application in the firewall
C. Report the situation to the business owner of the application.
D. Initiate the organization's incident response process.
Question # 98
The PRIMARY reason for creating a business case when proposing an information security project is to:
A. articulate inherent risks.
B. provide demonstrated return on investment (ROI).
C. establish the value of the project in relation to business objectives.
D. gain key business stakeholder engagement.
Question # 99
Which of the following is the MOST critical factor for information security program success?
A. comprehensive risk assessment program for information security
B. The information security manager's knowledge of the business
C. Security staff with appropriate training and adequate resources
D. Ongoing audits and addressing open items
Question # 100
The PRIMARY reason to create and externally store the disk hash value when performing forensic data acquisition from a hard disk is to:
A. validate the confidentiality during analysis.
B. reinstate original data when accidental changes occur.
C. validate the integrity during analysis.
D. provide backup in case of media failure.
Question # 101
When performing a business impact analysis (BIA), who should calculate the recovery time and cost estimates?
A. Business process owner
B. Business continuity coordinator
C. Senior management
D. Information security manager
Question # 102
Which of the following is the BEST way to achieve compliance with new global regulations related to the protection of personal information?
A. Execute a risk treatment plan.
B. Review contracts and statements of work (SOWs) with vendors.
C. Implement data regionalization controls.
D. Determine current and desired state of controls.
Question # 103
When remote access is granted to a company's internal network, the MOST important consideration should be that access is provided:
A. on a need-to-know basis subject to controls.
B. subject to legal and regulatory requirements.
C. by the use of a remote access server.
D. if a robust IT infrastructure exists.
Question # 104
An organization has recently purchased cybersecurity insurance after the board voiced concern about the potential for a security breach. With this response to the perceived risk, the organization:
A. Has avoided the risk associated with a security breach
B. Can safely reduce its internal security expenditure
C. Remains ultimately accountable for the impact of a breach
D. Has implemented redundant controls against a breach
Copyright © PassExamHub. All rights reserved.