Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 137

Spoofing should be prevented because it may be used to:

A.

gain illegal entry to a secure system by faking the sender ' s address,

B.

predict which way a program will branch when an option is presented

C.

assemble information, track traffic, and identify network vulnerabilities.

D.

capture information such as passwords traveling through the network

Full Access
Question # 138

A business continuity plan (BCP) should contain:

A.

Hardware and software inventories

B.

Data restoration procedures

C.

Information about eradication activities

D.

Criteria for activation

Full Access
Question # 139

Which of the following roles is BEST able to influence the security culture within an organization?

A.

Chief information security officer (CISO)

B.

Chief information officer (CIO)

C.

Chief executive officer (CEO)

D.

Chief operating officer (COO)

Full Access
Question # 140

Which of the following BEST conveys minimum information security requirements to an organization in alignment with policies?

A.

Standards

B.

Procedures

C.

Regulations

D.

Baselines

Full Access
Question # 141

Which of the following should be updated FIRST to account for new regulatory requirements that impact current information security controls?

A.

Control matrix

B.

Business impact analysis (BIA)

C.

Risk register

D.

Information security policy

Full Access
Question # 142

The PRIMARY objective of timely declaration of a disaster is to:

A.

ensure engagement of business management in the recovery process.

B.

assess and correct disaster recovery process deficiencies.

C.

protect critical physical assets from further loss.

D.

ensure the continuity of the organization ' s essential services.

Full Access
Question # 143

When preventive controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager?

A.

Managing the impact

B.

Identifying unacceptable risk levels

C.

Assessing vulnerabilities

D.

Evaluating potential threats

Full Access
Question # 144

Which of the following BEST indicates that information security governance and corporate governance are integrated?

A.

The information security team is aware of business goals.

B.

The board is regularly informed of information security key performance indicators (KPIs),

C.

The information security steering committee is composed of business leaders.

D.

A cost-benefit analysis is conducted on all information security initiatives.

Full Access
Go to page: