Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 265

Which of the following is the PRIMARY preventive method to mitigate risks associated with privileged accounts?

A.

Eliminate privileged accounts.

B.

Perform periodic certification of access to privileged accounts.

C.

Frequently monitor activities on privileged accounts.

D.

Provide privileged account access only to users who need it.

Full Access
Question # 266

Which of the following risks is an example of risk transfer?

A.

Utilizing third-party applications

B.

Moving risk ownership to another department

C.

Conducting off-site backups

D.

Purchasing cybersecurity insurance

Full Access
Question # 267

Which of the following is MOST important to include in an information security status report to senior management?

A.

Key risk indicators (KRIs)

B.

Review of information security policies

C.

Information security budget requests

D.

List of recent security events

Full Access
Question # 268

Which of the following processes BEST supports the evaluation of incident response effectiveness?

A.

Root cause analysis

B.

Post-incident review

C.

Chain of custody

D.

Incident logging

Full Access
Question # 269

Which of the following is the BEST approach for data owners to use when defining access privileges for users?

Define access privileges based on user roles.

Adopt user account settings recommended by the vendor.

Perform a risk assessment of the users ' access privileges.

A.

Implement an identity and access management (IDM) tool.

Full Access
Question # 270

Which of the following is MOST important for an information security manager to consider when developing a business continuity plan (BCP) for ransomware attacks?

A.

Backups are maintained offline and regularly tested.

B.

Impacted networks can be detached at the network switch level.

C.

Production data is continuously replicated between primary and secondary sites.

D.

Backups are maintained on multiple sites and regularly reviewed.

Full Access
Question # 271

An organization provides notebook PCs, cable wire locks, smartphone access, and virtual private network (VPN) access to its remote employees. Which of the following is MOST important for the information security manager to ensure?

A.

Employees use smartphone tethering when accessing from remote locations.

B.

Employees physically lock PCs when leaving the immediate area.

C.

Employees are trained on the acceptable use policy.

D.

Employees use the VPN when accessing the organization ' s online resources.

Full Access
Question # 272

Which of the following is MOST important for building 4 robust information security culture within an organization?

A.

Mature information security awareness training across the organization

B.

Strict enforcement of employee compliance with organizational security policies

C.

Security controls embedded within the development and operation of the IT environment

D.

Senior management approval of information security policies

Full Access
Go to page: