Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 89

Which of the following should be updated FIRST when aligning the incident response plan with the corporate strategy?

A.

Disaster recovery plan (DRP)

B.

Incident notification plan

C.

Risk response scenarios

D.

Security procedures

Full Access
Question # 90

Which of the following is MOST important when defining how an information security budget should be allocated?

A.

Regulatory compliance standards

B.

Information security strategy

C.

Information security policy

D.

Business impact assessment

Full Access
Question # 91

A global organization is developing an incident response team. The organization wants to keep headquarters informed of all incidents and wants to be able to present a unified response to widely dispersed events. Which of the following BEST supports these objectives?

A.

Virtual incident response team

B.

Distributed incident response team

C.

Outsourced incident response team

D.

Centralized incident response team

Full Access
Question # 92

Which of the following should an information security manager do FIRST when a vulnerability has been disclosed?

A.

Perform a patch update.

B.

Conduct a risk assessment.

C.

Perform a penetration test.

D.

Conduct an impact assessment.

Full Access
Question # 93

Which of the following should be the PRIMARY objective when establishing a new information security program?

A.

Executing the security strategy

B.

Minimizing organizational risk

C.

Optimizing resources

D.

Facilitating operational security

Full Access
Question # 94

A new regulatory requirement affecting an organization ' s information security program is released. Which of the following should be the information security manager ' s FIRST course of action?

A.

Perform a gap analysis.

B.

Conduct benchmarking.

C.

Notify the legal department.

D.

Determine the disruption to the business.

Full Access
Question # 95

Which of the following is a viable containment strategy for a distributed denial of service (DDoS) attack?

A.

Block IP addresses used by the attacker

B.

Redirect the attacker ' s traffic

C.

Disable firewall ports exploited by the attacker.

D.

Power off affected servers

Full Access
Question # 96

As part of incident response activities, the BEST time to begin the recovery process is after:

A.

The eradication phase has been completed

B.

The incident response team has been established

C.

The root cause has been determined

D.

The incident manager has declared the incident

Full Access
Go to page: