Summer Certification Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CISM Exam Dumps - Certified Information Security Manager

Searching for workable clues to ace the Isaca CISM Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CISM PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 281

Which of the following metrics BEST demonstrates the effectiveness of an organization ' s security awareness program?

A.

Number of security incidents reported to the help desk

B.

Percentage of employees who regularly attend security training

C.

Percentage of employee computers and devices infected with malware

D.

Number of phishing emails viewed by end users

Full Access
Question # 282

Which of the following should be the KEY consideration when creating an information security communication plan with industry peers?

A.

Balancing the benefits of information sharing with the drawbacks of sharing sensitive information

B.

Reducing the costs associated with information sharing by automating the process

C.

Ensuring information is detailed enough to be of use to other organizations

D.

Notifying the legal department whenever incident-related information is shared

Full Access
Question # 283

A newly appointed information security manager of a retailer with multiple stores discovers an HVAC (heating, ventilation, and air conditioning) vendor has remote access to the stores to enable real-time monitoring and equipment diagnostics. Which of the following should be the information security manager ' s FIRST course of action?

A.

Conduct a penetration test of the vendor.

B.

Review the vendor ' s technical security controls

C.

Review the vendor contract

D.

Disconnect the real-time access

Full Access
Question # 284

Which of the following is MOST helpful to identify whether information security policies have been followed?

A.

Preventive controls

B.

Detective controls

C.

Directive controls

D.

Corrective controls

Full Access
Question # 285

Which of the following is an information security manager ' s BEST recommendation to senior management following a breach at the organization ' s Software as a Service (SaaS) vendor?

A.

Update the vendor risk assessment.

B.

Engage legal counsel.

C.

Renegotiate the vendor contract.

D.

Terminate the relationship with the vendor.

Full Access
Question # 286

Which of the following is a PRIMARY benefit of managed security solutions?

A.

Wider range of capabilities

B.

Easier implementation across an organization

C.

Greater ability to focus on core business operations

D.

Lower cost of operations

Full Access
Question # 287

An investigation of a recent security incident determined that the root cause was negligent handing of incident alerts by system admit manager to address this issue?

A.

Conduct a risk assessment and share the result with senior management.

B.

Revise the incident response plan-to align with business processes.

C.

Provide incident response training to data custodians.

D.

Provide incident response training to data owners.

Full Access
Question # 288

Which of the following should be the PRIMARY goal of information security?

A.

Information management

B.

Regulatory compliance

C.

Data governance

D.

Business alignment

Full Access
Go to page: