Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

CISM Exam Dumps - Certified Information Security Manager

Go to page:
Question # 4

When building support for an information security program, which of the following elements is MOST important?

A.

Identification of existing vulnerabilities

B.

Information risk assessment

C.

Business impact analysis (BIA)

D.

Threat analysis

Full Access
Question # 5

An organization recently outsourced the development of a mission-critical business application. Which of the following would be the BEST way to test for the existence of backdoors?

A.

Scan the entire application using a vulnerability scanning tool.

B.

Run the application from a high-privileged account on a test system.

C.

Perform security code reviews on the entire application.

D.

Monitor Internet traffic for sensitive information leakage.

Full Access
Question # 6

An information security manager has become aware that a third-party provider is not in compliance with the statement of work (SOW). Which of the following is the BEST course of action?

A.

Notify senior management of the issue.

B.

Report the issue to legal personnel.

C.

Initiate contract renegotiation.

D.

Assess the extent of the issue.

Full Access
Question # 7

Which of the following has the GREATEST impact on the effectiveness of an organization’s security posture?

A.

Incident metrics are frequently compared against industry benchmarks

B.

New hires are mandated to attend security training

C.

Security is embedded in organizational culture

D.

Senior management has approved and endorsed security practices

Full Access
Question # 8

Which of the following should be the MOST important consideration when establishing information security policies for an organization?

A.

Job descriptions include requirements to read security policies.

B.

The policies are updated annually.

C.

Senior management supports the policies.

D.

The policies are aligned to industry best practices.

Full Access
Go to page: