CISM 2014 Questions - 2

Descrição

Certificate CISM Quiz sobre CISM 2014 Questions - 2, criado por Eduardo Castella7911 em 17-02-2016.
Eduardo Castella7911
Quiz por Eduardo Castella7911, atualizado more than 1 year ago
Eduardo Castella7911
Criado por Eduardo Castella7911 quase 9 anos atrás
3072
2

Resumo de Recurso

Questão 1

Questão
Strategic alignment is PRIMARILY achieved when services provided by the information security department:
Responda
  • A. reflect the requirements of key business stakeholders.
  • B. reflect the desires of the IT executive team.
  • C. reflect the requirements of industry best practices.
  • D. are reliable and cost-effective.

Questão 2

Questão
What is the TYPICAL output of a risk assessment?
Responda
  • A. A list of appropriate controls for reducing or eliminating risk
  • B. Documented threats to the organization
  • C. Evaluation of the consequences to the entity
  • D. An inventory of risk that may impact the organization

Questão 3

Questão
Which of the following actions is the BEST to ensure that incident response activities are consistent with the requirements of business continuity?
Responda
  • A. Develop a scenario and perform a structured walk-through.
  • B. Draft and publish a clear practice for enterprise-level incident response.
  • C. Establish a cross-departmental working group to share perspectives.
  • D. Develop a project plan for end-to-end testing of disaster recovery.

Questão 4

Questão
What is the BEST risk response for risk scenarios where the likelihood of a disruptive event for an asset is very low, but the potential financial impact is very high?
Responda
  • A. Accept the high cost of protection.
  • B. Implement detective controls.
  • C. Ensure that asset exposure is low.
  • D. Transfer the risk to a third party.

Questão 5

Questão
An effective risk management program should reduce risk to:
Responda
  • A. zero.
  • B. an acceptable level.
  • C. an acceptable percent of revenue.
  • D. an acceptable probability of occurrence.

Questão 6

Questão
The formal declaration of organizational information security goals and objectives should be found in the:
Responda
  • A. information security procedures.
  • B. information security principles.
  • C. employee code of conduct.
  • D. information security policy.

Questão 7

Questão
Which of the following is MOST effective in preventing disruptions to production systems?
Responda
  • A. Patch management
  • B. Security baselines
  • C. Virus detection
  • D. Change management

Questão 8

Questão
What is the MOST effective access control method to prevent users from sharing files with unauthorized users?
Responda
  • A. Mandatory
  • B. Discretionary
  • C. Walled garden
  • D. Role-based

Questão 9

Questão
Quantitative risk analysis is MOST appropriate when assessment results:
Responda
  • A. include customer perceptions.
  • B. contain percentage estimates.
  • C. lack specific details.
  • D. contain subjective information.

Questão 10

Questão
When should risk assessments be performed for optimum effectiveness?
Responda
  • A. At the beginning of security program development
  • B. On a continuous basis
  • C. While developing the business case for the security program
  • D. During the business change process

Questão 11

Questão
Which of the following is the BEST method or technique to ensure the effective implementation of an information security program?
Responda
  • A. Obtain the support of the board of directors.
  • B. Improve the content of the information security awareness program.
  • C. Improve the employees' knowledge of security policies.
  • D. Implement logical access controls to the information systems.

Questão 12

Questão
Which of the following is the BEST method to ensure the overall effectiveness of a risk management program?
Responda
  • A. User assessments of changes
  • B. Comparison of the program results with industry standards
  • C. Assignment of risk within the organization
  • D. Participation by all members of the organization

Questão 13

Questão
Which of the following is MOST important to the success of an information security program?
Responda
  • A. Security awareness training
  • B. Achievable goals and objectives
  • C. Senior management sponsorship
  • D. Adequate start-up budget and staffing

Questão 14

Questão
Which of the following is the MOST important step before implementing a security policy?
Responda
  • A. Communicating to employees
  • B. Training IT staff
  • C. Identifying relevant technologies for automation
  • D. Obtaining sign-off from stakeholders

Questão 15

Questão
For global organizations, which of the following is MOST essential to the continuity of operations in an emergency situation?
Responda
  • A. A documented succession plan
  • B. Distribution of key process documents
  • C. A reciprocal agreement with an alternate site
  • D. Strong senior management leadership

Questão 16

Questão
What is the PRIMARY benefit of a security awareness training program?
Responda
  • A. To reduce the likelihood of an information security event
  • B. To encourage compliance with information security policy
  • C. To comply with the local and industry-specific regulation and legislation
  • D. To provide employees with expectations for information security

Questão 17

Questão
When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:
Responda
  • A. the information security steering committee.
  • B. customers who may be impacted.
  • C. data owners who may be impacted.
  • D. regulatory agencies overseeing privacy.

Questão 18

Questão
When a major vulnerability in the security of a critical web server is discovered, immediate notification should be made to the:
Responda
  • A. system owner to take corrective action.
  • B. incident response team to investigate.
  • C. data owners to mitigate damage.
  • D. development team to remediate.

Questão 19

Questão
Which of the following vulnerabilities allowing attackers access to the application database is the MOST serious?
Responda
  • A. Validation checks are missing in data input pages.
  • B. Password rules do not allow sufficient complexity.
  • C. Application transaction log management is weak.
  • D. Application and database share a single access ID.

Questão 20

Questão
A customer credit card database has been reported as being breached by hackers. What is the FIRST step in dealing with this attack?
Responda
  • A. Confirm the incident.
  • B. Notify senior management.
  • C. Start containment.
  • D. Notify law enforcement.

Questão 21

Questão
The facilities department of a large financial organization uses electronic swipe cards to manage physical access. The information security manager requests that facilities provide the manager with read-only access to the physical access data. What is the MOST likely purpose?
Responda
  • A. To monitor that personnel are complying with contract provisions
  • B. To determine who is in the building in case of fire
  • C. To compare logical and physical access for anomalies
  • D. To ensure that the physical access control system is operating correctly

Questão 22

Questão
Who is ultimately responsible for the organization's information?
Responda
  • A. Data custodian
  • B. Chief information security officer (CISO)
  • C. Board of directors
  • D. Chief information officer (CIO)

Questão 23

Questão
Which of the following is the MOST important consideration for an organization interacting with the media during a disaster?
Responda
  • A. Communicating specially drafted messages by an authorized person
  • B. Refusing to comment until recovery
  • C. Referring the media to the authorities
  • D. Reporting the losses and recovery strategy to the media

Questão 24

Questão
What should an information security manager focus on when speaking to an organization's human resources department about information security?
Responda
  • A. An adequate budget for the security program
  • B. Recruitment of technical IT employees
  • C. Periodic risk assessments
  • D. Security awareness training for employees

Questão 25

Questão
Which of the following are the MOST important criteria when selecting virus protection software?
Responda
  • A. Product market share and annualized cost
  • B. Ability to interface with intrusion detection system (IDS) software and firewalls
  • C. Alert notifications and impact assessments for new viruses
  • D. Ease of maintenance and frequency of updates

Questão 26

Questão
Information security policy enforcement is the responsibility of the:
Responda
  • A. security steering committee.
  • B. chief information officer (CIO).
  • C. chief information security officer (CISO).
  • D. chief compliance officer (CCO).

Questão 27

Questão
Which of the following helps management determine the resources needed to mitigate a risk to the organization?
Responda
  • A. Risk analysis process
  • B. Business impact analysis (BIA)
  • C. Risk management balanced scorecard
  • D. Risk-based audit program

Questão 28

Questão
Which of the following is the MOST important consideration when developing an information security strategy?
Responda
  • A. Resources available to implement the program
  • B. Compliance with legal and regulatory constraints
  • C. Effectiveness of risk mitigation
  • D. Resources required to implement the strategy

Questão 29

Questão
When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?
Responda
  • A. Business continuity plan
  • B. Disaster recovery plan
  • C. Incident response plan
  • D. Vulnerability management plan

Questão 30

Questão
From an information security perspective, which of the following will have the GREATEST impact on a financial enterprise with offices in various countries and involved in transborder transactions?
Responda
  • A. Current and future technologies
  • B. Evolving data protection regulations
  • C. Economizing the costs of network bandwidth
  • D. Centralization of information security

Questão 31

Questão
Which of the following control measures BEST addresses integrity?
Responda
  • A. Nonrepudiation
  • B. Timestamps
  • C. Biometric scanning
  • D. Encryption

Questão 32

Questão
An employee's computer has been infected with a new virus. What should be the FIRST action?
Responda
  • A. Execute the virus scan.
  • B. Report the incident to senior management.
  • C. Format the hard disk.
  • D. Disconnect the computer from the network.

Questão 33

Questão
What practice should FIRST be applied to an emergency security patch that has been received via email?
Responda
  • A. The patch should be loaded onto an isolated test machine.
  • B. The patch should be decompiled to check for malicious code.
  • C. The patch should be validated to ensure its authenticity.
  • D. The patch should be copied onto write-once media to prevent tampering.

Questão 34

Questão
The purpose of incident management and response is to:
Responda
  • A. recover an activity interrupted by an emergency or disaster, within a defined time and cost.
  • B. perform a walk-through of the steps required to recover from an adverse event.
  • C. reduce business disruption insurance premiums for the business.
  • D. address disruptive events with the objective of controlling impacts within acceptable levels.

Questão 35

Questão
Which of the following is characteristic of decentralized information security management across a geographically dispersed organization?
Responda
  • A. More uniformity in quality of service
  • B. Better adherence to policies
  • C. Better alignment to business unit needs
  • D. More savings in total operating costs

Questão 36

Questão
Which of the following is the MOST effective way to treat a risk such as a natural disaster that has a low probability and a high impact level?
Responda
  • A. Implement countermeasures.
  • B. Eliminate the risk.
  • C. Transfer the risk.
  • D. Accept the risk.

Questão 37

Questão
The FIRST step in developing a business case is to:
Responda
  • A. determine the probability of success.
  • B. calculate the return on investment (ROI).
  • C. analyze the cost-effectiveness.
  • D. define the issues to be addressed.

Questão 38

Questão
Which of the following is the MOST serious exposure of automatically updating virus signature files on every desktop each Friday at 11:00 p.m. (23.00 hrs.)?
Responda
  • A. Most new viruses' signatures are identified over weekends
  • B. Technical personnel are not available to support the operation
  • C. Systems are vulnerable to new viruses during the intervening week
  • D. The update's success or failure is not known until Monday

Questão 39

Questão
The purpose of an information security policy is to:
Responda
  • A. express clearly and concisely the goals of an information security protection program.
  • B. outline the intended configuration of information system security controls.
  • C. mandate the behavior and acceptable actions of all information system users.
  • D. authorize the steps and procedures necessary to protect critical information systems.

Questão 40

Questão
What is an advantage of sending messages using steganographic techniques as opposed to utilizing encryption?
Responda
  • A. The existence of messages is unknown.
  • B. Required key sizes are smaller.
  • C. Traffic cannot be sniffed.
  • D. Reliability of the data is higher in transit.

Questão 41

Questão
Which of the following is the MOST important information to include in a strategic plan for information security?
Responda
  • A. Information security staffing requirements
  • B. Current state and desired future state
  • C. IT capital investment requirements
  • D. Information security mission statement

Questão 42

Questão
Which of the following represents the MAJOR focus of privacy regulations?
Responda
  • A. Unrestricted data mining
  • B. Identity theft
  • C. Human rights protection
  • D. Identifiable personal data

Questão 43

Questão
Which of the following requirements is the MOST important when developing information security governance?
Responda
  • A. Complying with applicable corporate standards
  • B. Achieving cost effectiveness of risk mitigation
  • C. Obtaining consensus of business units
  • D. Aligning with organizational goals

Questão 44

Questão
An organization's board of directors has learned of recent legislation requiring organizations within the industry to enact specific safeguards to protect confidential customer information. What actions should the board take next?
Responda
  • A. Direct information security on what they need to do
  • B. Research solutions to determine the proper solutions
  • C. Require management to report on compliance
  • D. Nothing; information security does not report to the board

Questão 45

Questão
Once the objective of performing a security review has been defined, the NEXT step for the information security manager is to determine:
Responda
  • A. constraints.
  • B. approach.
  • C. scope.
  • D. results.

Questão 46

Questão
Which of the following should be identified in the business continuity policy?
Responda
  • A. Emergency call trees
  • B. Recovery criteria
  • C. Business impact assessment (BIA)
  • D. Critical backups inventory

Questão 47

Questão
An organization is planning to deliver subscription-based educational services to customers online that will require customers to log in with their user IDs and passwords. Which of the following is the BEST method to validate passwords entered by a customer before access to educational resources is granted?
Responda
  • A. Encryption
  • B. Content filtering
  • C. Database hardening
  • D. Hashing

Questão 48

Questão
Which person or group should have final approval of an organization's information security policies?
Responda
  • A. Business unit managers
  • B. Chief information security officer (CISO)
  • C. Senior management
  • D. Chief information officer (CIO)

Questão 49

Questão
How can access control to a sensitive intranet application by mobile users BEST be implemented?
Responda
  • A. Through data encryption
  • B. Through digital signatures
  • C. Through strong passwords
  • D. Through two-factor authentication

Questão 50

Questão
To ensure that all employees follow procedures regarding the integrity and confidentiality of personal identifiable information (PII), a hospital required that policies and procedures be put in place for data access and that all data stored should be encrypted. This is an example of what type of controls?
Responda
  • A. Administrative and technical controls
  • B. Administrative and deterrent controls
  • C. Technical and physical controls
  • D. Administrative and corrective controls

Questão 51

Questão
Which of the following is MOST likely to be responsible for establishing the information security requirements over an application?
Responda
  • A. IT steering committee
  • B. Data owner
  • C. System owner
  • D. IS auditor

Questão 52

Questão
Effective governance of enterprise IT is BEST ensured by:
Responda
  • A. utilizing a bottom-up approach.
  • B. management by the IT department.
  • C. referring the matter to the organization's legal department.
  • D. utilizing a top-down approach.

Questão 53

Questão
After performing an asset classification, the information security manager is BEST able to determine the:
Responda
  • A. level of risk to information resources.
  • B. impact of a compromise.
  • C. requirements for control strength.
  • D. annual loss expectancy (ALE).

Questão 54

Questão
An information security manager is performing a security review and determines that not all employees comply with the access control policy for the data center. The FIRST step to address this issue should be to:
Responda
  • A. assess the risk of noncompliance.
  • B. initiate security awareness training.
  • C. prepare a status report for management.
  • D. increase compliance enforcement.

Questão 55

Questão
The MOST effective use of a risk register is to:
Responda
  • A. identify risks and assign roles and responsibilities for mitigation.
  • B. identify threats and probabilities.
  • C. facilitate a thorough review of all IT-related risks on a periodic basis.
  • D. record the annualized financial amount of expected losses due to risks.

Questão 56

Questão
The factor that is MOST likely to result in identification of security incidents is:
Responda
  • A. effective communication and reporting processes.
  • B. clear policies detailing incident severity levels.
  • C. intrusion detection system (IDS) capabilities.
  • D. security awareness training.

Questão 57

Questão
Which of the following is the MOST important element to ensure the successful recovery of a business during a disaster?
Responda
  • A. Detailed technical recovery plans are maintained offsite
  • B. Network redundancy is maintained through separate providers
  • C. Hot site equipment needs are recertified on a regular basis
  • D. Appropriate declaration criteria have been established

Questão 58

Questão
What is the PRIMARY purpose of using risk analysis within a security program?
Responda
  • A. The risk analysis helps justify the security expenditure.
  • B. The risk analysis helps prioritize the assets to be protected.
  • C. The risk analysis helps inform executive management of the residual risk.
  • D. The risk analysis helps assess exposures and plan remediation.

Questão 59

Questão
What is the MOST cost-effective means of improving security awareness of staff personnel?
Responda
  • A. Employee monetary incentives
  • B. User education and training
  • C. A zero-tolerance security policy
  • D. Reporting of security infractions

Questão 60

Questão
Which is the BEST way to assess aggregate risk derived from a chain of linked system vulnerabilities?
Responda
  • A. Vulnerability scans
  • B. Penetration tests
  • C. Code reviews
  • D. Security audits

Questão 61

Questão
Which of the following provides the BEST defense against the introduction of malware in end-user computers via the Internet browser?
Responda
  • A. Input validation checks on SQL injection
  • B. Restricting access to social media sites
  • C. Deleting temporary files
  • D. Restricting execution of mobile code

Questão 62

Questão
Of the following, retention of business records should be PRIMARILY based on:
Responda
  • A. periodic vulnerability assessment.
  • B. regulatory and legal requirements.
  • C. device storage capacity and longevity.
  • D. past litigation.

Questão 63

Questão
Which of the following is the BEST way to ensure that an intruder who successfully penetrates a network will be detected before significant damage is inflicted?
Responda
  • A. Perform periodic penetration testing
  • B. Establish minimum security baselines
  • C. Implement vendor default settings
  • D. Install a honeypot on the network

Questão 64

Questão
A newly hired information security manager notes that existing information security practices and procedures appear ad hoc. Based on this observation, the next action should be to:
Responda
  • A. assess the commitment of senior management to the program.
  • B. assess the maturity level of the organization.
  • C. review the corporate standards.
  • D. review corporate risk management practices.

Questão 65

Questão
Risk management programs are designed to reduce risk to:
Responda
  • A. a level that is too small to be measurable.
  • B. the point at which the benefit exceeds the expense.
  • C. a level that the organization is willing to accept.
  • D. a rate of return that equals the current cost of capital.

Questão 66

Questão
An organization's operations staff places payment files in a shared network folder and then the disbursement staff picks up the files for payment processing. This manual intervention will be automated some months later, thus cost-efficient controls are sought to protect against file alterations. Which of the following would be the BEST solution?
Responda
  • A. Design a training program for the staff involved to heighten information security awareness
  • B. Set role-based access permissions on the shared folder
  • C. The end user develops a PC macro program to compare sender and recipient file contents
  • D. Shared folder operators sign an agreement to pledge not to commit fraudulent activities

Questão 67

Questão
An organization has recently developed and approved an access control policy. Which of the following will be MOST effective in communicating the access control policy to the employees?
Responda
  • A. Requiring employees to formally acknowledge receipt of the policy
  • B. Integrating security requirements into job descriptions
  • C. Making the policy available on the intranet
  • D. Implementing an annual retreat for employees on information security

Questão 68

Questão
Which of the following is the MOST important area of focus when examining potential security compromise of a new wireless network?
Responda
  • A. Signal strength
  • B. Number of administrators
  • C. Bandwidth
  • D. Encryption strength

Questão 69

Questão
Which of the following is MOST important when deciding whether to build an alternate facility or subscribe to a third-party hot site?
Responda
  • A. Cost to build a redundant processing facility and invocation
  • B. Daily cost of losing critical systems and recovery time objectives (RTOs)
  • C. Infrastructure complexity and system sensitivity
  • D. Criticality results from the business impact analysis (BIA)

Questão 70

Questão
Who can BEST approve plans to implement an information security governance framework?
Responda
  • A. Internal auditor
  • B. Information security management
  • C. Steering committee
  • D. Infrastructure management

Questão 71

Questão
Successful implementation of information security governance will FIRST require:
Responda
  • A. security awareness training.
  • B. updated security policies.
  • C. a computer incident management team.
  • D. a security architecture.

Questão 72

Questão
Which of the following measures would be MOST effective against insider threats to confidential information?
Responda
  • A. Role-based access control
  • B. Audit trail monitoring
  • C. Privacy policy
  • D. Defense-in-depth

Questão 73

Questão
When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:
Responda
  • A. aligned with the IT strategic plan.
  • B. based on the current rate of technological change.
  • C. three-to-five years for both hardware and software.
  • D. aligned with the business strategy.

Questão 74

Questão
What is the PRIMARY basis for the prioritization of security spending and budgeting?
Responda
  • A. The identified levels of risk
  • B. Industry trends
  • C. An increased cost of services
  • D. The allocated revenue of the enterprise

Questão 75

Questão
Which of the following approaches is BEST for addressing regulatory requirements?
Responda
  • A. Treat regulatory compliance as any other risk.
  • B. Ensure that policies address regulatory requirements.
  • C. Make regulatory compliance mandatory.
  • D. Obtain insurance for noncompliance.

Questão 76

Questão
What is the BEST way to ensure that an external service provider complies with organizational security policies?
Responda
  • A. Explicitly include the service provider in the security policies
  • B. Receive acknowledgement in writing stating the provider has read all policies
  • C. Cross-reference to policies in the service level agreement
  • D. Perform periodic reviews of the service provider

Questão 77

Questão
When performing a business impact analysis (BIA), which of the following would be the MOST appropriate to calculate the recovery time and cost estimates?
Responda
  • A. Information security manager
  • B. Information owners
  • C. Business continuity coordinator
  • D. Information technology (IT) operations manager

Questão 78

Questão
Which of the following is the BEST approach to obtain senior management commitment to the information security program?
Responda
  • A. Describe the reduction of risk.
  • B. Present the emerging threat environment.
  • C. Benchmark against other enterprises.
  • D. Demonstrate the alignment of the program to business objectives.

Questão 79

Questão
Which of the following would be the BEST indicator of an asset's value to an organization?
Responda
  • A. Risk assessment
  • B. Security audit
  • C. Certification
  • D. Classification

Questão 80

Questão
An information security manager believes that a network file server was compromised by a hacker. Which of the following should be the FIRST action taken?
Responda
  • A. Ensure that critical data on the server are backed up.
  • B. Shut down the compromised server.
  • C. Initiate the incident response process.
  • D. Shut down the network.

Questão 81

Questão
Which of the following is an indicator of effective governance?
Responda
  • A. A defined information security architecture
  • B. Compliance with international security standards
  • C. Periodic external audits
  • D. An established risk management program

Questão 82

Questão
What activity should information security management perform FIRST when assessing the potential impact of new privacy legislation on the organization?
Responda
  • A. Develop an operational plan for achieving compliance with the legislation.
  • B. Identify systems and processes that contain privacy components.
  • C. Restrict the collection of personal information until compliant.
  • D. Identify privacy legislation in other countries that may contain similar requirements.

Questão 83

Questão
Who has the FINAL responsibility for classifying information?
Responda
  • A. Data custodian
  • B. Legal department
  • C. Data owner
  • D. Chief information security officer (CISO)

Questão 84

Questão
Which of the following is involved when conducting a business impact analysis (BIA)?
Responda
  • A. Identifying security threats and vulnerabilities
  • B. Developing notification and activation procedures
  • C. Listing investigative priorities
  • D. Listing critical business resources

Questão 85

Questão
Which of the following has the highest priority when defining an emergency response plan?
Responda
  • A. Critical data
  • B. Critical infrastructure
  • C. Safety of personnel
  • D. Vital records

Questão 86

Questão
Why is public key infrastructure (PKI) the preferred model when providing encryption keys to a large number of individuals?
Responda
  • A. It is computationally more efficient.
  • B. It is more scalable than a symmetric key.
  • C. It is less costly to maintain than a symmetric key approach.
  • D. It provides greater encryption strength than a secret key model.

Questão 87

Questão
Which of the following activities will MOST effectively foster effective security behavior?
Responda
  • A. Implementing a security awareness program
  • B. Rewarding compliance with security policies and guidelines
  • C. Implementing a discipline and reward system
  • D. Implementing a whistle-blower hotline

Questão 88

Questão
How should an information security manager proceed when selecting a public cloud vendor to provide outsourced infrastructure and software?
Responda
  • A. Insist on strict service level agreements (SLAs) to guarantee application availability.
  • B. Verify that the vendor's security architecture meets the organization's requirements.
  • C. Update the organization's security policies to reflect the vendor agreement.
  • D. Consult a third party to provide an audit report to assess the vendor's security program.

Questão 89

Questão
Once residual risk has been determined, the enterprise should NEXT:
Responda
  • A. transfer the remaining risk to a third party.
  • B. acquire insurance against the effects of the residual risk.
  • C. validate that the residual risk is acceptable.
  • D. formally document and accept the residual risk.

Questão 90

Questão
The use of insurance is an example of which of the following?
Responda
  • A. Risk mitigation
  • B. Risk acceptance
  • C. Risk elimination
  • D. Risk transfer

Questão 91

Questão
Who should approve user access in business-critical applications?
Responda
  • A. The information security manager
  • B. The data owner
  • C. The data custodian
  • D. Business management

Questão 92

Questão
The PRIMARY goal of developing an information security strategy is to:
Responda
  • A. establish security metrics and performance monitoring.
  • B. educate business process owner s regarding their duties.
  • C. ensure that legal and regulatory requirements are met.
  • D. support the business objectives of the organization.

Questão 93

Questão
To determine how a security breach occurred on the corporate network, a security manager looks at the logs of various devices. Which of the following BEST facilitates the correlation and review of these logs?
Responda
  • A. Database server
  • B. Domain name server (DNS)
  • C. Time server
  • D. Proxy server

Questão 94

Questão
What is the BEST technique to determine which security controls to implement with a limited budget?
Responda
  • A. Risk analysis
  • B. Annualized loss expectancy (ALE) calculations
  • C. Cost-benefit analysis
  • D. Impact analysis

Questão 95

Questão
In implementing information security governance, the information security manager is PRIMARILY responsible for:
Responda
  • A. developing the security strategy.
  • B. reviewing the security strategy.
  • C. communicating the security strategy.
  • D. approving the security strategy.

Questão 96

Questão
Who has the inherent authority to grant an exception to information security policy?
Responda
  • A. The business process owner
  • B. The departmental manager
  • C. The policy approver
  • D. The information security manager

Questão 97

Questão
What should be the PRIMARY basis of a road map for implementing information security governance?
Responda
  • A. Policies
  • B. Architecture
  • C. Legal requirements
  • D. Strategy

Questão 98

Questão
Which of the following would BEST address the risk of data leakage?
Responda
  • A. File backup procedures
  • B. Database integrity checks
  • C. Acceptable use policies
  • D. Incident response procedures

Questão 99

Questão
Which of the following is the BEST approach to deal with inadequate funding of the information security program?
Responda
  • A. Eliminate low-priority security services.
  • B. Require management to accept the increased risk.
  • C. Use third-party providers for low-risk activities.
  • D. Reduce monitoring and compliance enforcement activities.

Questão 100

Questão
Which of the following events generally has the highest information security impact?
Responda
  • A. Opening a new office
  • B. Merging with another organization
  • C. Relocating the data center
  • D. Rewiring the network

Questão 101

Questão
An organization's board of directors is concerned about recent fraud attempts that originated over the Internet. What action should the board take to address this concern?
Responda
  • A. Direct information security regarding specific resolutions that are needed to address the risk.
  • B. Research solutions to determine appropriate actions for the company.
  • C. Take no action; information security does not report to the board.
  • D. Direct management to assess the risk and to report the results to the board.

Questão 102

Questão
An information security manager wants to implement a security information and event management system (SIEM) not funded in the current budget. Which of the following choices is MOST likely to persuade management of this need?
Responda
  • A. A comprehensive risk assessment
  • B. An enterprisewide impact assessment
  • C. A well-developed business case
  • D. Computing the net present value (NPV) of future savings

Questão 103

Questão
Which of the following should be performed FIRST in the aftermath of a denial-of-service attack?
Responda
  • A. Restore servers from backup media stored offsite
  • B. Conduct an assessment to determine system status
  • C. Perform an impact analysis of the outage
  • D. Isolate the screened subnet

Questão 104

Questão
When a significant security breach occurs, what should be reported FIRST to senior management?
Responda
  • A. A summary of the security logs that illustrates the sequence of events
  • B. An explanation of the incident and corrective action taken
  • C. An analysis of the impact of similar attacks at other organizations
  • D. A business case for implementing stronger logical access controls

Questão 105

Questão
Which of the following are the essential ingredients of a business impact analysis (BIA)?
Responda
  • A. Downtime tolerance, resources and criticality
  • B. Cost of business outages in a year as a factor of the security budget
  • C. Business continuity testing methodology being deployed
  • D. Structure of the crisis management team

Questão 106

Questão
The use of public key encryption for the purpose of providing encryption keys between a large number of individuals is preferred PRIMARILY because:
Responda
  • A. public key encryption is computationally more efficient.
  • B. scaling is less of a problem than using a symmetrical key.
  • C. public key encryption is less costly to maintain than symmetric key approaches.
  • D. public key encryption provides greater encryption strength than secret key options.

Questão 107

Questão
What is the FIRST step of performing an information risk analysis?
Responda
  • A. Establish the ownership of assets.
  • B. Evaluate the risks to the assets.
  • C. Take an asset inventory.
  • D. Categorize the assets.

Questão 108

Questão
Integrating a number of different activities in the development of an information security infrastructure is BEST achieved by developing:
Responda
  • A. a business plan.
  • B. an architecture.
  • C. requirements.
  • D. specifications.

Questão 109

Questão
Which of the following is the MOST important guideline when using software to scan for security exposures within a corporate network?
Responda
  • A. Never use open source tools
  • B. Focus only on production servers
  • C. Follow a linear process for attacks
  • D. Do not interrupt production processes

Questão 110

Questão
Which of the following would be the BEST approach to securing approval for information security expenditures?
Responda
  • A. Developing a business case
  • B. Conducting a cost-benefit analysis
  • C. Calculating return on investment (ROI)
  • D. Evaluating loss history

Questão 111

Questão
Asset classification should be MOSTLY based on:
Responda
  • A. business value.
  • B. book value.
  • C. replacement cost.
  • D. initial cost.

Questão 112

Questão
At what interval should a risk assessment TYPICALLY be conducted?
Responda
  • A. Once a year for each business process and subprocess
  • B. Every three to six months for critical business processes
  • C. On a continuous basis
  • D. Annually or whenever there is a significant change

Questão 113

Questão
Untested response plans:
Responda
  • A. depend on up-to-date contact information.
  • B. pose an unacceptable risk to the organization.
  • C. pose a risk that the plan will not work when needed.
  • D. are quickly distinguished from tested plans.

Questão 114

Questão
Which of the following situations must be corrected FIRST to ensure successful information security governance within an organization?
Responda
  • A. The information security department has had difficulty filling vacancies.
  • B. The chief information officer (CIO) approves changes to the security policy.
  • C. The information security oversight committee only meets quarterly.
  • D. The data center manager has final signoff on all security projects.

Questão 115

Questão
An organization's chief information security officer (CISO) would like to ensure that operations are prioritized correctly for recovery in case of a disaster. Which of the following would be the BEST to use?
Responda
  • A. A business impact assessment
  • B. An organization risk assessment
  • C. A business process map
  • D. A threat statement

Questão 116

Questão
What task should be performed once a security incident has been verified?
Responda
  • A. Identify the incident.
  • B. Contain the incident.
  • C. Determine the root cause of the incident.
  • D. Perform a vulnerability assessment.

Questão 117

Questão
An organization has commissioned an information security expert to perform network penetration testing and has provided the expert with information about the infrastructure to be tested. The benefit of this approach is:
Responda
  • A. more time is devoted to exploitation than to fingerprinting and discovery.
  • B. this accurately simulates an external hacking attempt.
  • C. the ability to exploit Transmission Control Protocol/Internet Protocol (TCP/IP) vulnerabilities.
  • D. the elimination of the need for penetration testing tools.

Questão 118

Questão
Which of the following is the BEST way to mitigate the risk of the database administrator reading sensitive data from the database?
Responda
  • A. Log all access to sensitive data.
  • B. Employ application-level encryption.
  • C. Install a database monitoring solution.
  • D. Develop a data security policy.

Questão 119

Questão
Which of the following is MOST essential when assessing risk?
Responda
  • A. Providing equal coverage for all asset types
  • B. Benchmarking data from similar organizations
  • C. Considering both monetary value and likelihood of loss
  • D. Focusing on valid past threats and business losses

Questão 120

Questão
Obtaining another party's public key is required to initiate which of the following activities?
Responda
  • A. Authorization
  • B. Digital signing
  • C. Authentication
  • D. Nonrepudiation

Questão 121

Questão
A regulatory authority has just introduced a new regulation pertaining to the release of quarterly financial results. The FIRST task that the security officer should perform is to:
Responda
  • A. identify whether current controls are adequate.
  • B. communicate the new requirement to audit.
  • C. implement the requirements of the new regulation.
  • D. conduct a cost-benefit analysis of implementing the control.

Questão 122

Questão
Which of the following is the MOST important to ensure a successful recovery?
Responda
  • A. Backup media is stored offsite
  • B. Recovery location is secure and accessible
  • C. More than one hot site is available
  • D. Network alternate links are regularly tested

Questão 123

Questão
Which of the following is the MOST important consideration when developing a service level agreement (SLA) to mitigate the risk that outsourcing will result in a loss to the business?
Responda
  • A. The nature of the indemnity clause
  • B. Ensuring that the business objectives are defined and met
  • C. Alignment of information system security objectives with enterprise goals
  • D. Compliance with legal requirements

Questão 124

Questão
Which of the following BEST prevents successful social engineering attacks?
Responda
  • A. Preemployment screening
  • B. Close monitoring of users' access patterns
  • C. Periodic awareness training
  • D. Efficient termination procedures

Questão 125

Questão
The assessment of risk is always subjective. To improve accuracy, which of the following is the MOST important action to take?
Responda
  • A. Train or "calibrate" the assessor.
  • B. Utilize only standardized approaches.
  • C. Ensure the impartiality of the assessor.
  • D. Utilize multiple methods of analysis.

Questão 126

Questão
The decision as to whether an IT risk has been reduced to an acceptable level should be determined by:
Responda
  • A. organizational requirements.
  • B. information systems requirements.
  • C. information security requirements.
  • D. international standards.

Questão 127

Questão
Which of the following is the MOST critical activity to ensure the ongoing security of outsourced IT services?
Responda
  • A. Provide security awareness training to the third-party provider's employees
  • B. Conduct regular security reviews of the third-party provider
  • C. Include security requirements in the service contract
  • D. Request that the third-party provider comply with the organization's information security policy

Questão 128

Questão
What is the MOST important reason for conducting security awareness programs throughout an organization?
Responda
  • A. Reducing the human risk
  • B. Maintaining evidence of training records to ensure compliance
  • C. Informing business units about the security strategy
  • D. Training personnel in security incident response

Questão 129

Questão
The PRIMARY reason to consider information security during the first stage of a project life cycle is:
Responda
  • A. the cost of security is higher in later stages.
  • B. information security may affect project feasibility.
  • C. information security is essential to project approval.
  • D. it ensures proper project classification.

Questão 130

Questão
Which of the following should be the PRIMARY basis for making a decision to establish an alternate site for disaster recovery?
Responda
  • A. A business impact analysis (BIA), which identifies the requirements for continuous availability of critical business processes
  • B. Adequate distance between the primary site and the alternate site so that the same disaster does not simultaneously impact both sites
  • C. A benchmarking analysis of similarly situated enterprises in the same geographic region to demonstrate due diligence
  • D. Differences between the regulatory requirements applicable at the primary site and those at the alternate site

Questão 131

Questão
Why is "slack space" of value to an information security manager as part of an incident investigation?
Responda
  • A. Hidden data may be stored there
  • B. The slack space contains login information
  • C. Slack space is encrypted
  • D. It provides flexible space for the investigation

Questão 132

Questão
Which of the following areas is MOST susceptible to the introduction of security weaknesses?
Responda
  • A. Database management
  • B. Tape backup management
  • C. Configuration management
  • D. Incident response management

Questão 133

Questão
Several business units reported problems with their systems after multiple security patches were deployed. What is the FIRST step to handle this problem?
Responda
  • A. Assess the problems and institute rollback procedures, if needed.
  • B. Disconnect the systems from the network until the problems are corrected.
  • C. Uninstall the patches from these systems.
  • D. Contact the vendor regarding the problems that occurred.

Questão 134

Questão
Which of the following choices BEST helps determine appropriate levels of information resource protection?
Responda
  • A. A business case
  • B. A vulnerability assessment
  • C. Asset classification
  • D. Asset valuation

Questão 135

Questão
In a social engineering scenario, which of the following will MOST likely reduce the likelihood of an unauthorized individual gaining access to computing resources?
Responda
  • A. Implementing on-screen masking of passwords
  • B. Conducting periodic security awareness programs
  • C. Increasing the frequency of password changes
  • D. Requiring that passwords be kept strictly confidential

Questão 136

Questão
An appropriate control for ensuring the authenticity of orders received in an electronic data interchange (EDI) system application is to:
Responda
  • A. acknowledge receipt of electronic orders with a confirmation message.
  • B. perform reasonableness checks on quantities ordered before filling orders.
  • C. encrypt electronic orders.
  • D. verify the identity of senders and determine whether orders correspond to contract terms.

Questão 137

Questão
Which of the following is the BEST approach to mitigate online brute-force attacks on user accounts?
Responda
  • A. Passwords stored in encrypted form
  • B. User awareness
  • C. Strong passwords that are changed periodically
  • D. Implementation of lock-out policies

Questão 138

Questão
Which of the following BEST ensures nonrepudiation?
Responda
  • A. Delivery path tracing
  • B. Reverse lookup translation
  • C. Out-of-band channels
  • D. Digital signatures

Questão 139

Questão
What must change management achieve from a risk management perspective?
Responda
  • A. It must be operated by information security to ensure that security is maintained.
  • B. It must be overseen by the steering committee because of its importance.
  • C. It must be secondary to release and configuration management.
  • D. It must include mandatory notification of the information security department.

Questão 140

Questão
Addressing risk at various life cycle stages is BEST supported by:
Responda
  • A. change management.
  • B. release management.
  • C. incident management.
  • D. configuration management.

Questão 141

Questão
Which of the following choices is the MOST important incident response resource for timely identification of an information security incident?
Responda
  • A. A fully updated intrusion detection system (IDS)
  • B. Multiple channels for distribution of information
  • C. A well-defined and structured communication plan
  • D. A regular schedule for review of network device logs

Questão 142

Questão
What makes an incident management program effective?
Responda
  • A. It identifies, assesses and prevents reoccurrence of incidents.
  • B. It detects and documents incidents.
  • C. It includes a risk management strategy.
  • D. It reflects the capabilities of the organization.

Questão 143

Questão
Which of the following is the MOST effective at preventing an unauthorized individual from following an authorized person through a secured entrance (tailgating or piggybacking)?
Responda
  • A. Card-key door locks
  • B. Photo identification
  • C. Biometric scanners
  • D. Awareness training

Questão 144

Questão
What is the PRIMARY goal of developing an information security program?
Responda
  • A. To implement the strategy
  • B. To optimize resources
  • C. To deliver on metrics
  • D. To achieve assurance

Questão 145

Questão
Responsibility for information security and related activities involves multiple departments. What is the PRIMARY reason the information security manager should develop processes that integrate these roles and responsibilities?
Responda
  • A. To mitigate the tendency for security gaps to exist between assurance functions
  • B. To reduce manpower requirements for providing effective information security
  • C. To ensure effective business continuity and disaster recovery
  • D. To simplify specification development and acquisition processes

Questão 146

Questão
An organization plans to contract with an outside service provider to host its corporate web site. The MOST important concern for the information security manager is to ensure that:
Responda
  • A. an audit of the service provider uncovers no significant weakness.
  • B. the contract includes a nondisclosure agreement (NDA) to protect the organization's intellectual property.
  • C. the contract should mandate that the service provider will comply with security policies.
  • D. the third-party service provider conducts regular penetration testing.

Questão 147

Questão
What is the BEST way to ensure data protection upon termination of employment?
Responda
  • A. Retrieve identification badge and card keys
  • B. Retrieve all personal computer equipment
  • C. Erase all of the employee's folders
  • D. Ensure all logical access is removed

Questão 148

Questão
The FIRST step to create an internal culture that embraces information security is to:
Responda
  • A. implement stronger controls.
  • B. conduct periodic awareness training.
  • C. actively monitor operations.
  • D. gain endorsement from executive management.

Questão 149

Questão
Which of the following is MOST important for measuring the effectiveness of a security awareness program?
Responda
  • A. Reduced number of security violation reports
  • B. A quantitative evaluation to ensure user comprehension
  • C. Increased interest in focus groups on security issues
  • D. Increased number of security violation reports

Questão 150

Questão
Highly integrated enterprise IT systems pose a challenge to the information security manager when attempting to set security baselines PRIMARILY from the perspective of:
Responda
  • A. increased difficulty in problem management.
  • B. added complexity in incident management.
  • C. determining the impact of cascading risk.
  • D. less flexibility in setting service delivery objectives.

Questão 151

Questão
Who is responsible for ensuring that information is classified?
Responda
  • A. Senior management
  • B. The security manager
  • C. The data owner
  • D. The data custodian

Questão 152

Questão
Evidence from a compromised server has to be acquired for a forensic investigation. What would be the BEST source?
Responda
  • A. A bit-level copy of all hard drive data
  • B. The last verified backup stored offsite
  • C. Data from volatile memory
  • D. Backup servers

Questão 153

Questão
What is the PRIMARY role of the information security manager related to the data classification and handling process within an organization?
Responda
  • A. Defining and ratifying the organization's data classification structure
  • B. Assigning the classification levels to the information assets
  • C. Securing information assets in accordance with their data classification
  • D. Confirming that information assets have been properly classified

Questão 154

Questão
After completing a full IT risk assessment, who is in the BEST position to decide which mitigating controls should be implemented?
Responda
  • A. Senior management
  • B. The business manager
  • C. The IT audit manager
  • D. The information security officer (ISO)

Questão 155

Questão
Which of the following items is the BEST basis for determining the value of intangible assets?
Responda
  • A. Contribution to revenue generation
  • B. A business impact analysis (BIA)
  • C. Threat assessment and analysis
  • D. Replacement costs

Questão 156

Questão
Which of the following needs to be MOST seriously considered when designing a risk-based incident response management program?
Responda
  • A. The chance of collusion among staff
  • B. Degradation of investigation quality
  • C. Minimization of false-positive alerts
  • D. Monitoring repeated low-risk events

Questão 157

Questão
Which of the following is the MOST appropriate control to address compliance with specific regulatory requirements?
Responda
  • A. Policies
  • B. Standards
  • C. Procedures
  • D. Guidelines

Questão 158

Questão
What should documented standards/procedures for the use of cryptography across the enterprise achieve?
Responda
  • A. They should define the circumstances where cryptography should be used.
  • B. They should define cryptographic algorithms and key lengths.
  • C. They should describe handling procedures of cryptographic keys.
  • D. They should establish the use of cryptographic solutions.

Questão 159

Questão
A project manager is developing a developer portal and requests that the security manager assign a public IP address so that it can be accessed by in-house staff and by external consultants outside the organization's local area network (LAN). What should the security manager do FIRST?
Responda
  • A. Understand the business requirements of the developer portal
  • B. Perform a vulnerability assessment of the developer portal
  • C. Install an intrusion detection system (IDS)
  • D. Obtain a signed nondisclosure agreement (NDA) from the external consultants before allowing external access to the server

Questão 160

Questão
Which of the following BEST describes the key objective of an information security program?
Responda
  • A. Achieve strategic business goals and objectives.
  • B. Protect information assets using manual and automated controls.
  • C. Automate information security controls.
  • D. Eliminate threats to the organization.

Questão 161

Questão
Which of the following is MOST important when collecting evidence for forensic analysis?
Responda
  • A. Ensure the assignment of qualified personnel.
  • B. Request the IT department do an image copy.
  • C. Disconnect from the network and isolate the affected devices.
  • D. Ensure law enforcement personnel are present before the forensic analysis commences.

Questão 162

Questão
During a business continuity plan (BCP) test, one department discovered that its new software application was not going to be restored soon enough to meet the needs of the business. This situation can be avoided in the future by:
Responda
  • A. conducting a periodic and event-driven business impact analysis (BIA) to determine the needs of the business during a recovery.
  • B. assigning new applications a higher degree of importance and scheduling them for recovery first.
  • C. developing a help-desk ticket process that allows departments to request recovery of software during a disaster.
  • D. conducting a thorough risk assessment prior to purchasing the software.

Questão 163

Questão
What activity BEST helps ensure that contract personnel do not obtain unauthorized access to sensitive information?
Responda
  • A. Set accounts to pre-expire
  • B. Avoid granting system administration roles
  • C. Ensure they successfully pass background checks
  • D. Ensure their access is approved by the data owner

Questão 164

Questão
Which of the following is MOST important in developing a security strategy?
Responda
  • A. Creating a positive business security environment
  • B. Understanding key business objectives
  • C. Having a reporting line to senior management
  • D. Allocating sufficient resources to information security

Questão 165

Questão
What action should an incident response team take if the investigation of an incident response event cannot be completed in the time allocated?
Responda
  • A. Continue to work the current action.
  • B. Escalate to the next level for resolution.
  • C. Skip on to the next action in the plan.
  • D. Declare a disaster.

Questão 166

Questão
Who is accountable for ensuring that information is categorized and that specific protective measures are taken?
Responda
  • A. The security officer
  • B. Senior management
  • C. The end user
  • D. The custodian

Questão 167

Questão
A web-based business application is being migrated from test to production. Which of the following is the MOST important management signoff for this migration?
Responda
  • A. User
  • B. Network
  • C. Operations
  • D. Database

Questão 168

Questão
An enterprise is implementing an information security program. During which phase of the implementation should metrics be established to assess the effectiveness of the program over time?
Responda
  • A. Testing
  • B. Initiation
  • C. Design
  • D. Development

Questão 169

Questão
Systems thinking as it relates to information security is:
Responda
  • A. a prescriptive methodology for designing the systems architecture.
  • B. an understanding that the whole is greater than the sum of its parts.
  • C. a process that ensures alignment with business objectives.
  • D. a framework for information security governance.

Questão 170

Questão
Which of the following MOST effectively reduces false-positive alerts generated by a security information and event management (SIEM) process?
Responda
  • A. Building use cases
  • B. Conducting a network traffic analysis
  • C. Performing an asset-based risk assessment
  • D. The quality of the logs

Questão 171

Questão
The return on investment of information security can BEST be evaluated through which of the following?
Responda
  • A. Support of business objectives
  • B. Security metrics
  • C. Security deliverables
  • D. Process improvement models

Questão 172

Questão
Which of the following MOST commonly falls within the scope of an information security governance steering committee?
Responda
  • A. Interviewing candidates for information security specialist positions
  • B. Developing content for security awareness programs
  • C. Prioritizing information security initiatives
  • D. Approving access to critical financial systems

Questão 173

Questão
Due to limited storage media, an IT operations employee has requested permission to overwrite data stored on a magnetic tape. The decision of the authorizing manager will MOST likely be influenced by the data:
Responda
  • A. classification policy.
  • B. retention policy.
  • C. creation policy.
  • D. leakage protection.

Questão 174

Questão
Which of the following indicators is MOST likely to be of strategic value?
Responda
  • A. Number of users with privileged access
  • B. Trends in incident frequency
  • C. Annual network downtime
  • D. Vulnerability scan results

Questão 175

Questão
What is a PRIMARY characteristic of a well-established information security culture?
Responda
  • A. Alignment of information security and business objectives
  • B. Alignment of security controls with information technology
  • C. Alignment of concurrent security strategies
  • D. Alignment of values to protect corporate assets

Questão 176

Questão
Which of the following is the BEST method for ensuring that temporary employees do not receive excessive access rights?
Responda
  • A. Mandatory access controls
  • B. Discretionary access controls
  • C. Lattice-based access controls
  • D. Role-based access controls

Questão 177

Questão
When outsourcing to an offshore provider, the MOST difficult element to determine during a security review will be:
Responda
  • A. technical competency.
  • B. incompatible culture.
  • C. defense in depth.
  • D. adequate policies.

Questão 178

Questão
An internal review of a web-based application system reveals that it is possible to gain access to all employees' accounts by changing the employee's ID used for accessing the account on the URL. The vulnerability identified is:
Responda
  • A. broken authentication.
  • B. unvalidated input.
  • C. cross-site scripting.
  • D. structured query language (SQL) injection.

Questão 179

Questão
Which of the following roles is PRIMARILY responsible for determining the information classification levels for a given information asset?
Responda
  • A. Manager
  • B. Custodian
  • C. User
  • D. Owner

Questão 180

Questão
What is the FIRST action an information security manager should take when a company laptop is reported stolen?
Responda
  • A. Evaluate the impact of the information loss
  • B. Update the corporate laptop inventory
  • C. Ensure compliance with reporting procedures
  • D. Disable the user account immediately

Questão 181

Questão
Which one of the following considerations is MOST likely to be overlooked when conducting an information security review of a potential outsourcing service provider?
Responda
  • A. Cultural differences
  • B. Technical competency
  • C. Adequate controls
  • D. Information security policies

Questão 182

Questão
While implementing information security governance an organization should FIRST:
Responda
  • A. adopt security standards.
  • B. determine security baselines.
  • C. define the security strategy.
  • D. establish security policies.

Questão 183

Questão
Which of the following risk scenarios would BEST be assessed using qualitative risk assessment techniques?
Responda
  • A. Theft of purchased software
  • B. Power outage lasting 24 hours
  • C. Permanent decline in customer confidence
  • D. Temporary loss of email services

Questão 184

Questão
There is a delay between the time when a security vulnerability is first published, and the time when a patch is delivered. Which of the following should be carried out FIRST to mitigate the risk during this time period?
Responda
  • A. Identify the vulnerable systems and apply compensating controls
  • B. Minimize the use of vulnerable systems
  • C. Communicate the vulnerability to system users
  • D. Update the signatures database of the intrusion detection system (IDS)

Questão 185

Questão
Which of the following BEST indicates senior management commitment toward supporting information security?
Responda
  • A. Assessment of risk to the assets
  • B. Approval of risk management methodology
  • C. Review of inherent risk to information assets
  • D. Review of residual risk for information assets

Questão 186

Questão
Which of the following is the BEST source for determining the value of information assets?
Responda
  • A. Individual business managers
  • B. Business systems analysts
  • C. Information security management
  • D. Industry benchmarking results

Questão 187

Questão
Business objectives should be evident in the security strategy by:
Responda
  • A. inferred connections.
  • B. standardized controls.
  • C. managed constraints.
  • D. direct traceability.

Questão 188

Questão
A financial institution plans to allocate information security resources to each of its business divisions. What areas should security activities focus on?
Responda
  • A. Areas where strict regulatory requirements apply
  • B. Areas that require the shortest recovery time objective (RTO)
  • C. Areas that can maximize return on security investment (ROSI)
  • D. Areas where threat likelihood and impact are greatest

Questão 189

Questão
Which of the following gives the MOST assurance of the effectiveness of an organization's disaster recovery plan (DRP)?
Responda
  • A. Checklist test
  • B. Tabletop exercise
  • C. Full interruption test
  • D. Simulation test

Questão 190

Questão
The MOST likely reason that management would choose not to mitigate a risk that exceeds the risk appetite is that it:
Responda
  • A. is the residual risk after controls are applied.
  • B. is a risk that is expensive to mitigate.
  • C. falls within the risk tolerance level.
  • D. is a risk of relatively low frequency.

Questão 191

Questão
What is the BEST approach to manage a security incident involving a successful penetration?
Responda
  • A. Allow business processes to continue during the response.
  • B. Allow the security team to assess the attack profile.
  • C. Permit the incident to continue to trace the source.
  • D. Examine the incident response process for deficiencies.

Questão 192

Questão
Which of the following is the MOST likely outcome of a well-designed information security awareness course?
Responda
  • A. Increased reporting of security incidents to the incident response function
  • B. Decreased reporting of security incidents to the incident response function
  • C. Decrease in the number of password resets
  • D. Increase in the number of identified system vulnerabilities

Questão 193

Questão
Which of the following techniques MOST clearly indicates whether specific risk-reduction controls should be implemented?
Responda
  • A. Cost-benefit analysis
  • B. Penetration testing
  • C. Frequent risk assessment programs
  • D. Annual loss expectancy (ALE) calculation

Questão 194

Questão
Which of the following recovery strategies has the GREATEST chance of failure?
Responda
  • A. Hot site
  • B. Redundant site
  • C. Reciprocal arrangement
  • D. Cold site

Questão 195

Questão
Requiring all employees and contractors to meet personnel security/suitability requirements commensurate with their position sensitivity level and subject to personnel screening is an example of a security:
Responda
  • A. policy.
  • B. strategy.
  • C. guideline.
  • D. baseline.

Questão 196

Questão
Which of the following is MOST important to understand when developing a meaningful information security strategy?
Responda
  • A. Regulatory environment
  • B. International security standards
  • C. Organizational risks
  • D. Organizational goals

Questão 197

Questão
In a large enterprise, what makes an information security awareness program MOST effective?
Responda
  • A. The program is developed by a professional training company.
  • B. The program is embedded into the orientation process.
  • C. The program is customized to the audience using the appropriate delivery channel.
  • D. The program is required by the information security policy.

Questão 198

Questão
Which of the following controls would BEST prevent accidental system shutdown from the console or operations area?
Responda
  • A. Redundant power supplies
  • B. Protective switch covers
  • C. Shutdown alarms
  • D. Biometric readers

Questão 199

Questão
A company has installed biometric fingerprint scanners at all entrances in response to a management requirement for better access control. Due to the large number of employees coupled with a slow system response, it takes a substantial amount of time for all workers to gain access to the building and workers are increasingly piggybacking. What is the BEST course of action for the information security manager to address this issue?
Responda
  • A. Replace the system for better response time.
  • B. Escalate the issue to management.
  • C. Revert to manual entry control procedures.
  • D. Increase compliance enforcement.

Questão 200

Questão
Which of the following is the FIRST action to be taken when the information security manager notes that the controls for a critical application are inadequate?
Responda
  • A. Perform a risk assessment to determine the level of exposure.
  • B. Classify the risk as acceptable to senior management.
  • C. Deploy additional countermeasures immediately.
  • D. Transfer the remaining risk to another organization.

Semelhante

CISM 2014 Questions - 1
Eduardo Castella7911
CISM 2014 Questions - 3
Eduardo Castella7911
CISM 2014 Questions - With duplicates.
Eduardo Castella7911
CISM Quiz
Martin Covill
CISM 2014 Questions - 1
Rob van der Heijden
CISM 2014 Questions - 3
Rob van der Heijden
NOÇÕES DE INFORMÁTICA
Viviana Veloso
ORAÇÕES SUBORDINADAS ADVERBIAIS
trackerian
Informática - questões gerais
António Mordido
Conteúdo de Português - 6° ano
biallima6
Contextualização Aula 02 - Desenvolvimento e Sustentabilidade Ambiental - Medicina
Jéssica Meireles