Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 225

When properly implemented, secure transmission protocols protect transactions:

A.

from eavesdropping.

B.

from denial of service (DoS) attacks.

C.

on the client desktop.

D.

in the server ' s database.

Full Access
Question # 226

Which of the following is the MOST essential element of an information security program?

A.

Benchmarking the program with global standards for relevance

B.

Prioritizing program deliverables based on available resources

C.

Involving functional managers in program development

D.

Applying project management practices used by the business

Full Access
Question # 227

Which of the following is the PRIMARY reason to regularly update business continuity and disaster recovery documents?

A.

To enforce security policy requirements

B.

To maintain business asset inventories

C.

To ensure audit and compliance requirements are met

D.

To ensure the availability of business operations

Full Access
Question # 228

Which of the following would be MOST useful when determining the business continuity strategy for a large organization ' s data center?

A.

Stakeholder feedback analysis

B.

Business continuity risk analysis

C.

Incident root cause analysis

D.

Business impact analysis (BIA)

Full Access
Question # 229

An online bank identifies a successful network attack in progress. The bank should FIRST:

A.

isolate the affected network segment.

B.

report the root cause to the board of directors.

C.

assess whether personally identifiable information (Pll) is compromised.

D.

shut down the entire network.

Full Access
Question # 230

When an information security manager presents an information security program status report to senior management, the MAIN focus should be:

A.

Key controls evaluation

B.

Net present value

C.

Security return on investment

D.

Key performance indicators

Full Access
Question # 231

During a tabletop exercise, a security operations center team identifies a lack of resources to contain a security incident within an acceptable time frame. Which of the following is MOST likely to reduce containment time?

A.

Security orchestration, automation, and response

B.

Zero Trust Architecture

C.

Security information and event management

D.

Intrusion detection system

Full Access
Question # 232

Which of the following roles is PRIMARILY responsible for developing an information classification framework based on business needs?

A.

Information security manager

B.

Information security steering committee

C.

Information owner

D.

Senior management

Full Access
Go to page: