FREE Certified Information Security Manager (CISM) General Questions and Answers
IT risk management initiatives are MOST successful when they:
Correct!
Wrong!
For a significant proposed purchase and new procedure for an organization, a risk assessment and business impact analysis (BIA) have been finished. The business department manager and the information security manager debate about who will be in charge of assessing the outcomes and identified risks. Which of the following would be the information security manager's BEST course of action?
Correct!
Wrong!
Executive management will be in the best position to consider the big picture and the trade-offs between security and functionality in the entire organization.
Unusual server communication between internal and external parties may be observed to:
Correct!
Wrong!
The most important feature of target attacks as seen in advanced persistent threats is that malware secretly sends information back to a command and control server. Therefore, monitoring of outbound server communications that do not follow predefined routes will be the best control to detect such security events.
Which of the following poses the BIGGEST risk to an enterprise resource planning (ERP) system's security?
Correct!
Wrong!
Who is responsible for making sure that data is categorized and that particular security precautions are taken?
Correct!
Wrong!
Routine administration of all aspects of security is delegated, but top management must retain overall accountability.
What authentication technique stops authentication replay?
Correct!
Wrong!
Which of the following is the BEST technique to catch an intruder who breaks into a network without doing any damage?
Correct!
Wrong!