FREE Certified Information Security Manager (CISM) ISACA Questions and Answers

Question 1

The following conditions lead to the MOST successful IT risk management activities:

Accepted Answer

Integrated within business processes

Answer

Effective IT-related risk management activities are most effective when they are integrated within business processes.

Question 2

For a significant proposed purchase and new procedure for an organization, a risk assessment and business impact analysis (BIA) have been finished. The business department manager and the information security manager debate about who will be in charge of assessing the outcomes and identified risks.

Which of the following would be the information security manager's BEST course of action?

Accepted Answer

Review of the risk assessment with executive management for final input

Answer

The best approach for the information security manager in this situation would be to review the risk assessment with executive management for final input.

Question 3

Who is responsible for making sure that data is categorized and that particular security precautions are taken?

Accepted Answer

Senior management

Answer

Senior management is accountable for ensuring that information is categorized and that specific protective measures are taken. As the highest level of management within an organization, senior management holds the ultimate responsibility for information security and the protection of organizational assets. This includes establishing policies and procedures for information classification and ensuring that appropriate protective measures are implemented.

Question 4

It is possible to monitor unusual server traffic between internal and external parties to:

Accepted Answer

Record the trace of advanced persistent threats

Answer

Monitoring abnormal server communication from inside the organization to external parties can serve the purpose of recording the trace of advanced persistent threats (APTs).

Question 5

Which of the following is the BEST technique to catch an intruder who breaks into a network without doing any damage?

Accepted Answer

Install a honeypot on the network

CISM - Certified Information Security Manager Practice Test

CISM - Certified Information Security Manager Practice Test

FREE Certified Information Security Manager (CISM) ISACA Questions and Answers