Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

CISM Exam Dumps - Certified Information Security Manager

Go to page:
Question # 4

Which of the following would be MOST useful when determining the business continuity strategy for a large organization's data center?

A.

Stakeholder feedback analysis

B.

Business continuity risk analysis

C.

Incident root cause analysis

D.

Business impact analysis (BIA)

Full Access
Question # 5

A data discovery project uncovers an unclassified process document. Of the following, who is BEST suited to determine the classification?

A.

Information security manager

B.

Security policy author

C.

Creator of the document

D.

Data custodian

Full Access
Question # 6

A business requires a legacy version of an application to operate but the application cannot be patched. To limit the risk exposure to the business, a firewall is implemented in front of the legacy application. Which risk treatment option has been applied?

A.

Mitigate

B.

Accept

C.

Transfer

D.

Avoid

Full Access
Question # 7

Which of the following provides the BEST input to determine the level of protection needed for an IT system?

A.

Vulnerability assessment

B.

Asset classification

C.

Threat analysis

D.

Internal audit findings

Full Access
Question # 8

Which of the following BEST enables the assignment of risk and control ownership?

A.

Aligning to an industry-recognized control framework

B.

Adopting a risk management framework

C.

Obtaining senior management buy-in

D.

Developing an information security strategy

Full Access
Go to page: