
[Sep-2023] Download Real CISM Exam Dumps for candidates. 100% Free Dump Files
Prepare Important Exam with CISM Exam Dumps(2023)
The CISM certification is widely recognized by employers as a benchmark for measuring the competency of their information security managers. It is also considered as one of the top certifications for security professionals who wish to advance their careers in the field of cybersecurity. Certified Information Security Manager certification exam covers four domains, which are Information Security Governance, Risk Management, Information Security Program Development and Management, and Information Security Incident Management.
NEW QUESTION # 82
Which of the following would be the MOST effective way to present quarterly reports to the board on the status of the information security program?
- A. An information security risk register
- B. A capability and maturity assessment
- C. Detailed analysis of security program KPIs
- D. An information security dashboard
Answer: D
Explanation:
An information security dashboard is an effective way to present quarterly reports to the board on the status of the information security program. It allows the board to quickly view key metrics and trends at a glance and to drill down into more detailed information as needed. The dashboard should include metrics such as total incidents, patching compliance, vulnerability scanning results, and more. It should also include high-level overviews of the security program and its components, such as the security policy, security architecture, and security controls.
NEW QUESTION # 83
A message* that has been encrypted by the sender's private key and again by the receiver's public key achieves:
- A. confidentiality and nonrepudiation.
- B. authentication and nonrepudiation.
- C. authentication and authorization.
- D. confidentiality and integrity.
Answer: A
Explanation:
Explanation
Encryption by the private key of the sender will guarantee authentication and nonrepudiation. Encryption by the public key of the receiver will guarantee confidentiality.
NEW QUESTION # 84
In addition to executive sponsorship and business alignment, which of the following is MOST critical for information security governance?
- A. Auditability of systems
- B. Allocation of training resources
- C. Compliance with policies
- D. Ownership of security
Answer: D
Explanation:
Information security governance is the process of establishing and maintaining a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. In addition to executive sponsorship and business alignment, a critical factor for effective information security governance is ownership of security, which means that the roles and responsibilities for information security are clearly defined and assigned to the appropriate stakeholders, such as business owners, information owners, information custodians, and users. Ownership of security also implies accountability for the protection of information assets and the management of security risks. Reference: https://www.isaca.org/credentialing/cism https://www.nist.gov/publications/information-security-handbook-guide-managers
NEW QUESTION # 85
An organization has experienced multiple instances of privileged users misusing their access Which of the following processes would be MOST helpful in identifying such violations?
- A. Policy exception review
- B. Log review
- C. Security assessment
- D. Review of access controls
Answer: B
NEW QUESTION # 86
Conducting a cost-benefit analysis for a security investment is important because it
- A. quantifies return on security investment
- B. supports asset classification.
- C. supports justification for expenditure.
- D. quantifies residual risk
Answer: B
NEW QUESTION # 87
An organization faces severe fines and penalties if not in compliance with local regulatory requirements by an established deadline. Senior management has asked the information security manager to prepare an action plan to achieve compliance. Which of the following would provide the useful information for planning purposes?
- A. Deadlines and penalties for noncompliance
- B. Results from a business impact analysis
- C. An inventory of security controls currently in place
- D. Results from a gap analysis
Answer: C
NEW QUESTION # 88
Which of the following practices is BEST to remove system access for contractors and other temporary users when it is no longer required?
- A. Establish predetermined automatic expiration dates
- B. Require managers to e-mail security when the user leaves
- C. Ensure each individual has signed a security acknowledgement
- D. Log all account usage and send it to their manager
Answer: A
Explanation:
Explanation/Reference:
Explanation:
Predetermined expiration dates are the most effective means of removing systems access for temporary users. Reliance on managers to promptly send in termination notices cannot always be counted on, while requiring each individual to sign a security acknowledgement would have little effect in this case.
NEW QUESTION # 89
Which of the following is MOST useful when prioritizing information security initiatives?
- A. Cost of noncompliance
- B. Risk assessment results
- C. Penetration testing results
- D. Input from senior management
Answer: B
NEW QUESTION # 90
Which of the following are seldom changed in response to technological changes?
- A. Procedures
- B. Standards
- C. Policies
- D. Guidelines
Answer: C
Explanation:
Policies are high-level statements of objectives. Because of their high-level nature and statement of broad operating principles, they are less subject to periodic change. Security standards and procedures as well as guidelines must be revised and updated based on the impact of technology changes.
NEW QUESTION # 91
When segregation of duties concerns exists between IT support staff and end users, what would be a suitable compensating control?
- A. Reviewing transaction and application logs
- B. Performing background checks prior to hiring IT staff
- C. Locking user sessions after a specified period of inactivity
- D. Restricting physical access to computing equipment
Answer: A
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Only reviewing transaction and application logs directly addresses the threat posed by poor segregation of duties. The review is a means of detecting inappropriate behavior and also discourages abuse, because people who may otherwise be tempted to exploit the situation are aware of the likelihood of being caught.
Inadequate segregation of duties is more likely to be exploited via logical access to data and computing resources rather than physical access. Choice C is a useful control to ensure IT staff are trustworthy and competent but does not directly address the lack of an optimal segregation of duties. Choice D acts to prevent unauthorized users from gaining system access, but the issue of a lack of segregation of duties is more the misuse (deliberately or inadvertently} of access privileges that have officially been granted.
NEW QUESTION # 92
Which of the following is MOST likely to reduce the effectiveness of a signature-based intrusion detection system (IDS)?
- A. The environment is complex.
- B. The pattern of normal behavior changes quickly and dramatically.
- C. The activities being monitored deviate from what is considered normal.
- D. The information regarding monitored activities becomes stale.
Answer: D
NEW QUESTION # 93
Which of the following is the BEST way for an organization to determine the maturity level of its information security program?
- A. Review the results of information security awareness testing
- B. Track the trending of information security incidents.
- C. Benchmark the information security policy against industry standards.
- D. Validate the effectiveness of implemented security controls.
Answer: D
NEW QUESTION # 94
Which of the following is the MOST effective approach of delivering security incident response training?
- A. Engage external consultants to present real-world examples within the industry.
- B. Perform role-playing exercises to simulate real-world incident response scenarios.
- C. Include incident response training within new staff orientation.
- D. Provide on-the-job training and mentoring for the incident response team.
Answer: B
NEW QUESTION # 95
Which is the BEST way to measure and prioritize aggregate risk deriving from a chain of linked system vulnerabilities?
- A. Code reviews
- B. Vulnerability scans
- C. Security audits
- D. Penetration tests
Answer: D
Explanation:
A penetration test is normally the only security assessment that can link vulnerabilities together by exploiting them sequentially. This gives a good measurement and prioritization of risks. Other security assessments such as vulnerability scans, code reviews and security audits can help give an extensive and thorough risk and vulnerability overview', but will not be able to test or demonstrate the final consequence of having several vulnerabilities linked together. Penetration testing can give risk a new perspective and prioritize based on the end result of a sequence of security problems.
NEW QUESTION # 96
An unauthorized user gained access to a merchant's database server and customer credit card information.
Which of the following would be the FIRST step to preserve and protect unauthorized intrusion activities?
- A. Shut down and power off the server.
- B. Copy the database log file to a protected server.
- C. Duplicate the hard disk of the server immediately.
- D. Isolate the server from the network.
Answer: D
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Isolating the server will prevent further intrusions and protect evidence of intrusion activities left in memory and on the hard drive. Some intrusion activities left in virtual memory may be lost if the system is shut down.
Duplicating the hard disk will only preserve the evidence on the hard disk, not the evidence in virtual memory, and will not prevent further unauthorized access attempts. Copying the database log file to a protected server will not provide sufficient evidence should the organization choose to pursue legal recourse.
NEW QUESTION # 97
Which of the following is the PRIMARY responsibility of an information security manager in an organization that is implementing the use of company-owned mobile devices in its operations?
- A. Require remote wipe capabilities for devices.
- B. Conduct security awareness training.
- C. Review and update existing security policies.
- D. Enforce passwords and data encryption on the devices.
Answer: D
NEW QUESTION # 98
Which of the following is the PRIMARY objective of a business impact analysis (BIA)?
- A. Determine recovery priorities.
- B. Define the recovery point objective (RPO).
- C. Analyze vulnerabilities
- D. Confirm control effectiveness
Answer: A
NEW QUESTION # 99
Which of the following is the MOST appropriate method for deploying operating system (OS) patches to production application servers?
- A. Batch patches into frequent server updates
- B. Initially load the patches on a test machine
- C. Set up servers to automatically download patches
- D. Automatically push all patches to the servers
Answer: B
Explanation:
Some patches can conflict with application code. For this reason, it is very important to first test all patches in a test environment to ensure that there are no conflicts with existing application systems. For this reason, choices C and D are incorrect as they advocate automatic updating. As for frequent server updates, this is an incomplete (vague) answer from the choices given.
NEW QUESTION # 100
A business unit uses an e-commerce application with a strong password policy. Many customers complain that they cannot remember their passwords because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST:
- A. research alternative secure methods of identity verification
- B. evaluate the impact of the customer's experience on business revenue
- C. recommend implementing two-factor authentication
- D. change the password policy to improve the customer experience
Answer: A
Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
NEW QUESTION # 101
......
CISM Questions - Truly Beneficial For Your ISACA Exam: https://www.lead1pass.com/ISACA/CISM-practice-exam-dumps.html
Pass Exam Questions Efficiently With CISM Questions: https://drive.google.com/open?id=11qW5Vn-Q-I2RgZVgXECCgBvTsOIPDpbm