Latest Mar-2024 CISM Dumps PDF And Certification Training [Q19-Q40]

QUESTION 19
After a risk assessment study, a bank with global operations decided to continue doing business in certain regions of the world where identity theft is rampant. The information security manager should encourage the business to:

increase its customer awareness efforts in those regions.

implement monitoring techniques to detect and react to potential fraud.

outsource credit card processing to a third party.

make the customer liable for losses if they fail to follow the bank’s advice.

QUESTION 20
In a large organization, defining recovery time objectives (RTOs) is PRIMARILY the responsibility of:

the IT manager.

the information security manager.

the business unit manager.

senior manager.

QUESTION 21
The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:

evaluate the effect of the changes on the levels of residual risk.

identity changes in the risk environment.

update information security policies in accordance with the changes.

change business objectives based on potential impact.

QUESTION 22
When integrating information security requirements into software development, which of the following practices should be FIRST in the development lifecycle?

Penetration testing

Source code review

Dynamic code analysis

Threat modeling

QUESTION 23
Which of the following is the BEST method to defend against social engineering attacks?

Monitor for unauthorized access attempts and failed logins.

Employ the use of a web-content filtering solution.

Communicate guideline to limit information posted to public sites

Periodically perform antivirus scans to identify malware

QUESTION 24
An organization is in the process of adopting a hybrid data infrastructure, transferring all non-core applications to cloud service providers and maintaining all core business functions house. The information security manager has determined a defense in depth strategy should be used. Which of the following BEST describes this strategy?

Multi-factor login requirements for cloud service applications, timeouts, and complex passwords

Deployments of nested firewalls within the infrastructure

Separate security controls for applications, platforms, programs, and endpoints

Strict enforcement of role-based access control (RBAC)

QUESTION 25
Which of the following is done PRIMARILY to address the integrity of information?

Assignment of appropriate control permissions

Implementation of an Internet security application

Implementation of a duplex server system

Encryption of email

QUESTION 26
Which of the following is MOST effective in preventing weaknesses from being introduced into existing production systems?

Patch management

Change management

Security baselines

Virus detection

QUESTION 27
If civil litigation is a goal for an organizational response to a security incident, the PRIMARY step should be to:

contact law enforcement.

document the chain of custody.

capture evidence using standard server-backup utilities.

reboot affected machines in a secure area to search for evidence.

QUESTION 28
The purpose of a corrective control is to:

reduce adverse events.

indicate compromise.

mitigate impact.

ensure compliance.

QUESTION 29
An information security manager wants to document requirements detailing the minimum security controls required for user workstations.
Which of the following resources would be MOST appropriate for this purpose’?

Procedures

Standards

Policies

Guidelines

QUESTION 30
Which of the following is the MOST important item to consider when evaluating products to monitor security across the enterprise?

Ease of installation

Product documentation

Available support

System overhead

QUESTION 31
Which of the following is characteristic of centralized information security management?

More expensive to administer

Better adherence to policies

More aligned with business unit needs

Faster turnaround of requests

QUESTION 32
Which of the following would BEST assist an information security manager in measuring the existing level of development of security processes against their desired state?

Security audit reports

Balanced scorecard

Capability maturity model (CMM)

Systems and business security architecture

QUESTION 33
An organization’s information security team presented the risk register at a recent information security steering committee meeting. Which of the following should be of MOST concern to the committee?

No owners were identified for some risks.

Business applications had the highest number of risks.

Risk mitigation action plans had no timelines.

Risk mitigation action plan milestones were delayed.

QUESTION 34
Who can BEST approve plans to implement an information security governance framework?

Internal auditor

Information security management

Steering committee

Infrastructure management

QUESTION 35
Which of the following BEST indicates the effectiveness of the vendor risk management process?

Increase in the percentage of vendors certified to a globally recognized security standard

Increase in the percentage of vendors with a completed due diligence review

Increase in the percentage of vendors conducting mandatory security training

Increase in the percentage of vendors that have reported security breaches

Explanation
This answer best indicates the effectiveness of the vendor risk management process because it shows that the organization has established and enforced clear and consistent security requirements and expectations for its vendors, and that the vendors have demonstrated their compliance and commitment to security best practices.
A globally recognized security standard, such as ISO 27001, NIST CSF, or COBIT, provides a comprehensive and objective framework for assessing and improving the security posture and performance of vendors.
References: The CISM Review Manual 2023 states that “the information security manager is responsible for ensuring that the security requirements and expectations for third-party products and services are defined, communicated, and enforced” and that “the information security manager should verify that the third parties have implemented adequate security controls and practices, and that they comply with applicable standards and regulations” (p. 138). The CISM Review Questions, Answers & Explanations Manual 2023 also provides the following rationale for this answer: “Increase in the percentage of vendors certified to a globally recognized security standard is the correct answer because it best indicates the effectiveness of the vendor risk management process, as it shows that the organization has established and enforced clear and consistent security requirements and expectations for its vendors, and that the vendors have demonstrated their compliance and commitment to security best practices” (p. 63). Additionally, the article Vendor Risk Management Demystified from the ISACA Journal 2015 states that “a globally recognized security standard provides a common language and framework for evaluating and improving the security posture and performance of vendors” and that “a vendor certification to a globally recognized security standard can help to reduce the risk of security breaches, increase the trust and confidence of customers and stakeholders, and enhance the reputation and competitiveness of the vendor” (p. 3

QUESTION 36
What is the BEST way to reduce the impact of a successful ransomware attack?

Purchase or renew cyber insurance policies.

Mionitor the network and provide alerts on intrusions.

Perform frequent backups and store them offline.

Include provisions to pay ransoms in the information security budget.

QUESTION 37
In the course of examining a computer system for forensic evidence, data on the suspect media were inadvertently altered. Which of the following should have been the FIRST course of action in the investigative process?

Perform a backup of the suspect media to new media.

Perform a bit-by-bit image of the original media source onto new media.

Make a copy of all files that are relevant to the investigation.

Run an error-checking program on all logical drives to ensure that there are no disk errors.

QUESTION 38
Senior management has endorsed a comprehensive information security policy. Which of the following should the organization do NEXT?

Promote awareness of the policy among employees.

Seek policy buy-in from business stakeholders.

Implement an authentication and authorization system.

Identify relevant information security frameworks for adoption.

QUESTION 39
Which of the following is the FIRST step to establishing an effective information security program?

Conduct a compliance review.

Assign accountability.

Perform a business impact analysis (BIA).

Create a business case.

QUESTION 40
Which of the following metrics would be the MOST useful in measuring how well information security is monitoring violation logs?

Penetration attempts investigated

Violation log reports produced

Violation log entries

Frequency of corrective actions taken

Premium VCE Dumps

Premium VCE Dumps

Latest Mar-2024 CISM Dumps PDF And Certification Training [Q19-Q40]

Leave a Reply Cancel reply