Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 273

An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy. Business management indicates that the practice creates operational efficiencies. What is the information security manager ' s BEST course of action?

A.

Enforce the policy.

B.

Modify the policy.

C.

Present the risk to senior management.

D.

Create an exception for the deviation.

Full Access
Question # 274

Which of the following is the BEST way to improve an organization ' s ability to detect and respond to incidents?

A.

Conduct a business impact analysis (BIA).

B.

Conduct periodic awareness training.

C.

Perform a security gap analysis.

D.

Perform network penetration testing.

Full Access
Question # 275

The PRIMARY benefit of integrating information security activities into change management processes is to:

A.

protect the organization from unauthorized changes.

B.

ensure required controls are included in changes.

C.

provide greater accountability for security-related changes in the business.

D.

protect the business from collusion and compliance threats.

Full Access
Question # 276

Which of the following is the BEST way to monitor the effectiveness of security controls?

A.

Benchmark security controls against similar organizations

B.

Review application and system audit logs

C.

Establish and report security metrics

D.

Conduct regular threat assessments

Full Access
Question # 277

An organization is experiencing a sharp increase in incidents related to phishing messages. The root cause is an outdated email filtering system that is no longer supported by the vendor. Which of the following should be the information security manager ' s FIRST course of action?

A.

Reinforce security awareness practices for end users.

B.

Temporarily outsource the email system to a cloud provider.

C.

Develop a business case to replace the system.

D.

Monitor outgoing traffic on the firewall.

Full Access
Question # 278

An organization has identified IT failures in a call center application. Of the following, who should own this risk?

A.

Information security manager

B.

Head of the call center

C.

Chief executive officer (CEO)

D.

Head of the IT department

Full Access
Question # 279

Which of the following is the BEST course of action for an information security manager to align security and business goals?

A.

Conducting a business impact analysis (BIA)

B.

Reviewing the business strategy

C.

Defining key performance indicators (KPIs)

D.

Actively engaging with stakeholders

Full Access
Question # 280

Which of the following is BEST used to determine the maturity of an information security program?

A.

Security budget allocation

B.

Organizational risk appetite

C.

Risk assessment results

D.

Security metrics

Full Access
Go to page: