Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 105

Which of the following BEST facilitates effective incident response testing?

A.

Including all business units in testing

B.

Simulating realistic test scenarios

C.

Reviewing test results quarterly

D.

Testing after major business changes

Full Access
Question # 106

Results from which of the following would BEST provide an understanding of the effectiveness of an organization’s information security program?

A.

Security spot checks

B.

Internal audits

C.

Enterprise risk assessments

D.

Control self-assessments (CSAs)

Full Access
Question # 107

Which of the following will BEST facilitate integrating the information security program into corporate governance?

A.

Documentation of the threat landscape

B.

An up-to-date security strategy

C.

A minimum security baseline

D.

Documentation of residual risk

Full Access
Question # 108

Which of the following is the FIRST step when conducting a post-incident review?

A.

Identify mitigating controls.

B.

Assess the costs of the incident.

C.

Perform root cause analysis.

D.

Assign responsibility for corrective actions.

Full Access
Question # 109

Which of the following presents the GREATEST risk associated with the use of an automated security information and event management (SIEM) system?

A.

Low number of false positives

B.

Low number of false negatives

C.

High number of false positives

D.

High number of false negatives

Full Access
Question # 110

Following a breach where the risk has been isolated and forensic processes have been performed, which of the following should be done NEXT?

A.

Place the web server in quarantine.

B.

Rebuild the server from the last verified backup.

C.

Shut down the server in an organized manner.

D.

Rebuild the server with relevant patches from the original media.

Full Access
Question # 111

Which of the following is the MOST effective way to protect the authenticity of data in transit?

A.

Digital signature

B.

Private key

C.

Access controls

D.

Public key

Full Access
Question # 112

Which of the following should be an information security manager ' s FIRST course of action when a newly introduced privacy regulation affects the business?

A.

Consult with IT staff and assess the risk based on their recommendations

B.

Update the security policy based on the regulatory requirements

C.

Propose relevant controls to ensure the business complies with the regulation

D.

Identify and assess the risk in the context of business objectives

Full Access
Go to page: