Updated CISM Exam Dumps For Earning Certified Information Security Manager Certified

Eleanor2022-05-27T05:47:31+00:00

By Eleanor CISM Certification, ISACA CISM, CISM exam dumps 0 Comments

Certified Information Security Manager (CISM) certification is issued by ISACA, which is a high-demanded certification to indicate expertise in information security governance, program development and management, incident management and risk management. ITPrepare has prepared CISM updated exam dumps questions and answers to help you pass CISM exam successfull and earn the Certified Information Security Manager certification smoothly. Just choose the most updated CISM exam dumps to start learning CISM exam questions and answers now.

Read CISM Free Dumps Online First

Page 1 of 10

1. The PRIMARY purpose of asset valuation for the management of information security is to:

prioritize risk management activities.

provide a basis for asset classification.

determine the value of each asset

eliminate the least significant assets.

2. Which of the following processes would BEST help to ensure that information security risks will be evaluated when implementing a new payroll system?

Change management

Problem management

Configuration management

Incident management

3. When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

The security awareness programs

Firewall logs

The risk management processes

Post-incident analysis results

4. Which of the following is MOST likely to result from a properly conducted post-incident review?

Breach information is provided to the organization's key stakeholders and us«rs.

The cause of the incident is discovered and remediated.

Forensic evidence is reviewed and provided to law enforcement

The incident response team discovers inefficiencies in the recovery process.

5. Which of the following is the BEST indication that a recently adopted information security framework is a good fit for an organization?

The framework includes industry-recognized information security best practices.

The number of security incidents has significantly declined

The business has obtained framework certification.

Objectives in the framework correlate directly to business practices

6. Which of the following is the MOST effective data loss control when connecting a personally owned mobile device to the corporate email system?

Users must agree to allow the mobile device to be wiped if it is lost

Email must be stored in an encrypted format on the mobile device

A senior manager must approve each new connection

Email synchronization must be prevented when connected to a public Wi-Fi hotspot.

7. Which of the following BEST enables an effective escalation process within an incident response program?

Dedicated funding for incident management

Adequate incident response staffing

Monitored program metrics

Defined incident thresholds

8. An information security manager is reviewing the impact of a regulation on the organization’s human resources system.

The NEXT course of action should be to:

perform a gap analysis of compliance requirements

assess the penalties for noncompliance.

review the organization s most recent audit report

determine the cost of compliance

9. An information security manager is concerned that executive management does not su the following is the BEST way to address this situation?

Revise the information security strategy to meet executive management expectations.

Escalate noncompliance concerns to the internal audit manager

Report the risk and status of the information security program to the board.

Demonstrate alignment of the information security function with business needs.

10. Which of the following is the MOST useful metric for determining how well firewall logs are being monitored?

The number of port scanning attempts

The number of log entries reviewed

The number of investigated alerts

The number of dropped malformed packets

Page 2 of 10

11. Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards?

Existence of an industry-accepted framework

Up-to-date policy and procedures documentation

A report on the maturity of controls

Results of an independent assessment

12. Senior management has approved employees working off-site by using a virtual private network (VPN) connection.

It is MOST important for the information security manager to periodically:

perform a cost-benefit analysis.

perform a risk assessment.

review firewall configuration.

review the security policy.

13. Due lo budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).

Which of the following is the information security manager's BEST course of action?

Inform the legal department of the deficiency

Analyze and report the issue to server management

Require the application owner to implement the controls.

Assess and present the risks to the application owner

14. Within a security governance framework, which of the following is the MOST important characteristic of the information security committee? The committee:

has a clearly defined charier and meeting protocols.

includes a mix of members from all levels of management.

conducts frequent reviews of the security policy.

has established relationships with external professionals.

15. An organization has implemented an enhanced password policy for business applications which requires significantly more business resource to support clients.

The BEST approach to obtain the support of business management would be to:

Present an analysis of the cost and benefit of the changes

Elaborate on the positive impact to information security

Present industry benchmarking results to business units

Discuss the risk and impact of security incidents if not implemented

16. A business unit uses e-commerce with a strong password policy. Many customers complain that they cannot remember their password because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST.

Change the password policy to improve the customer experience

Reach alternative secure of identify verification

Recommended implementing two-factor authentication.

Evaluate the impact of the customer’s experience on business revenue.

17. Which of the following is the MOST important driver when developing an effective information security strategy?

Information security standards

Compliance requirements

Security audit reports

Benchmarking reports

18. An information security manager s PRIMARY objective for presenting key risks to the board of directors is to:

re-evaluate the risk appetite

quantify reputational risks

meet information security compliance requirements.

ensure appropriate information security governance.

19. Which of the following is the BEST way to prevent employees from making unauthorized comments to the media about security incidents in progress?

Establish standard media responses for employees to control the message

Communicate potential disciplinary actions for noncompliance.

Include communication policies In regular information security training

training Implement controls to prevent discussion with media during an Incident.

20. Which of the following would provide senior management with the BEST overview of the performance of information security risk treatment options?

Before-and-after heat maps

Analysis of recent incident

Detailed risk analysis of the treatments

individual risk assessments

Page 3 of 10

21. A company has purchased a rival organization and is looking to integrate security strategies.

Which of the following is the GREATEST issue to consider?

The organizations have different risk appetites

Differing security skills within the organizations

Confidential information could be leaked

Differing security technologies

22. Which of the following is the MOST effective way to detect social engineering attacks?

Implement real-time monitoring of security-related events.

Encourage staff to report any suspicious activities.

Implement an acceptable use policy.

Provide incident management training to all start.

23. The PRIMARY benefit of integrating information security activities into change management processes is to:

provide greater accountability for security-related changes In the business

protect the organization from unauthorized changes.

protect the business from collusion and compliance threats.

ensure required controls are Included in changes.

24. During which phase of an incident response process should corrective actions to the response procedure be considered and implemented?

Review

Identification

Eradication

Containment

25. After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?

Risk heat map

Recent audit results

Balanced scorecard

Gap analysis

26. A multinational organization wants to ensure its privacy program appropriately addresses privacy risk throughout its operations.

Which of the following would be of MOST concern to senior management?

The organization uses a decentralized privacy governance structure

Privacy policies ire only reviewed annually

The organization doe* not have a dedicated privacy officer

The privacy program does not include a formal warning component

27. Which of the following is MOST important to the successful development of an information security strategy?

An implemented development life cycle process

A well-implemented governance framework

Current state and desired objectives

Approved policies and standards

28. Which of the following would provide the MOST useful input when creating an information security program?

Business case

Information security budget

Key risk indicators (KRls)

Information security strategy

29. When developing a new application, which of the following is the BEST approach to ensure compliance with security requirements?

Provide security training for developers.

Prepare detailed acceptance criteria

Adhere to change management processes.

Perform a security gap analysis.

30. An emergency change was made to an IT system as a result of a failure.

Which of the following should be of GREATEST concern to the organizations information security manager?

The change did not include a proper assessment of risk.

Documentation of the change was made after implementation.

The operations team implemented the change without regression testing,

The information security manager did not review the change prior to implementation.

Page 4 of 10

31. Which of the following would contribute MOST to employees' understanding of data handling responsibilities?

Demonstrating support by senior management of the security program

Implementing a tailored security awareness training program

Requiring staff acknowledgement of security policies

Labeling documents according to appropriate security classification

32. The PRIMARY purpose of vulnerability assessments is to:

provide clear evidence that the system is sufficiently secure.

test intrusion detection systems (IDS) and response procedures

detect deficiencies that could lead to a system compromise.

determine the impact of potential threats,

33. Which of the following is the PRIMARY reason to invoke continuity and recovery plans?

To achieve service delivery objectives

To coordinate with senior management

To enforce service level agreements (SLAs)

To protect corporate networks

34. Relying on which of the following methods when detecting new threats using IDS should be of MOST concern?

Statistical pattern recognition

Attack signatures

Heuristic analysis

Traffic analysis

35. Senior management learns of several web application security incidents and wants to know the exposure risk to the organization.

What is the information security manager's BEST course of action?

Perform a vulnerability assessment.

Review audit logs from IT systems.

Activate the incident response plan

Assess IT system configurations

36. Which of the following metrics is MOST useful to demonstrate the effectiveness of an incident response plan?

Average time to resolve an incident

Total number of reported incidents

Total number of incident responses

Average time to respond to an incident

37. When using a newly implemented security information and event management (SIEM) infrastructure, which of the following should be considered FIRST?

Encryption

Retention

Report distribution

Tuning

38. Which of the following is the MOST effective approach for integrating security into application development?

Including security in user acceptance testing sign-off

Performing vulnerability scans

Defining security requirements

Developing security models in parallel

39. Which of the following activities BEST enables executive management to ensure value delivery within an information security program?

Requiring employees to undergo information security awareness training

Assigning an information security manager to a senior management position

Approving an industry-recognized information security framework

Reviewing business cases for information security initiatives

40. Which is MOST important to enable a timely response to a security breach?

Knowledge sharing and collaboration

Security event logging

Roles and responsibilities

Forensic analysis

Page 5 of 10

41. Which of the following is an information security manager's BEST course of action to address a significant materialized risk that was not prevented by organizational controls?

Update the business impact analysis (BIA)

Update the risk register.

Perform root cause analysis.

Invoke the incident response plan.

42. Which of the following external entities would provide the BEST guideance to an organization facing advanced attacks?

Recognised threat intelligence communities

Open-source reconnaissance

Disaster recovery consultants widely endorsed in industry forums

Incident response experts from highly regarded peer organizations

43. Labeling information according to its security classification:

affects the consequences if information is handled insecurely,

induces the number and type of counter measures required

enhances the likelihood of people handling information securely,

reduces the need to identify baseline controls for each classification.

44. Which of the following is an information security manager’s BEST course of action when informed of decision to reduce funding for the information security program?

Remove overlapping security controls

Prioritize security projects based on risk.

Design key risk indicators (KRIs)

Create a business case appeal decision.

45. Which of the following would BEST justify spending for a compensating control?

Risk analysis

Vulnerability analysis

Threats analysis

Peer benchmarking

46. Which of the following provides the BEST input to maintain an effective asset classification program?

Business impact analysis (BIA)

Annual toss expectancy

Vulnerability assessment

Risk heat map

47. Meeting which of the following security objectives BEST ensures that information is protected against unauthorized modification?

Availability

Integrity

Confidentiality

Authenticity

48. Which of the following would present the GREATEST need to revise information security poll'

Implementation of a new firewall

An increase in reported incidents

A merger with a competing company

Changes in standards and procedures

49. Which of the following is the BEST way for an information security manager to promote the integration of information security considerations into key business processes?

Provide information security awareness training.

Conduct a business impact analysis (BIA).

Facilitate the creation of an information security steering group

Conduct information security briefings for executives

50. The GREATEST benefit of choosing a private cloud over a public cloud would be:

containment of customer data

collection of data forensic

online service availability.

server protection.

Page 6 of 10

51. Which of the following would be of GREATEST concern to an information security manager when evaluating a cloud service provider (CSP)?

Security controls offered by the provider are inadequate

Service level agreements (SLAs) art not well defined.

Data retention policies may be violated.

There is no right to audit the security of the provider

52. A third-party contract signed by a business unit manager failed to specify information security requirements.

Which of the following is the BEST way for an information security manager to prevent this situation from reoccurring?

Inform business unit management of the information security requirements.

Provide information security training to the business units

Integrate information security into the procurement process

Involve the information security team in contract negotiations

53. 1.Which of the following MOST effectively prevents internal users from modifying sensitive data?

Network segmentation

Role-based access controls

Multi-factor authentication -

Acceptable use policies

54. A threat intelligence report indicates there has been a significant rise in the number of attacks targeting the industry.

What should the information security manager do NEXT?

Discuss the risk with senior management.

Conduct penetration testing to identity vulnerabilities.

Allocate additional resources to monitor perimeter security systems,

Update the organization’s security awareness campaign.

55. Which of the following is the BEST way to improve the timely reporting of information security incidents?

Perform periodic simulations with the incident response team.

Regularly reassess and update the incident response plan.

Integrate an intrusion detection system (IDS) in the DMZ

Incorporate security procedures in help desk processes

56. The MOST important factors in determining the scope and timing for testing a business continuity plan are:

the experience level of personnel and the function location.

prior testing results and the degree of detail of the business continuity plan

the importance of the function to be tested and the cost of testing,

manual processing capabilities and the test location

57. Which of the following is the BEST resource for evaluating the strengths and weaknesses of an incident response plan?

Recovery time objectives (RTOs)

Mission, goals and objectives

Incident response maturity assessment

Documentation from preparedness tests

58. To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:

criteria consistent with classification levels

efficient technical processing considerations,

overall IT capacity and operational constraints,

established guidelines

59. Which of the following is the PRIMARY objective of a business impact analysis (BIA):

Define the recovery point objective (RPO).

Determine recovery priorities.

Confirm control effectiveness.

Analyze vulnerabilities

60. Executive management is considering outsourcing all IT operations.

Which of the following functions should remain internal?

Data encryption

Data ownership

Data custodian

Data monitoring

Page 7 of 10

61. A contract bid is digitally signed and electronically mailed The PRIMARY advantage to using a digital signature is that

any alteration of the bid will invalidate the signature.

the signature can be authenticated even if no encryption is used,

the bid cannot be forged even if the keys are compromised.

the bid and the signature can be copied from one document to another

62. When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:

implement controls to mitigate the risk.

monitor for business changes.

review the residual risk level

report compliance to management

63. A new program has been implemented to standardize security configurations across a multinational organization Following implementation, the configuration standards should:

remain unchanged to avoid variations across the organization

be updated to address emerging threats and vulnerabilities.

be changed for different subsets of the systems to minimize impact,

not deviate from industry best practice baselines.

64. Which of the following BEST reduces the likelihood of leakage of private information via email?

User awareness training

Email encryption

Strong user authentication protocols

Prohibition on the personal use of email

65. Which of the following is the MOST important outcome from vulnerability scanning?

Prioritization of risks

Information about steps necessary to hack the system

Identification of back doors

Verification that systems are property configured

66. Which of the following is MOST likely to result from a properly conducted post-incident review?

Breach information is provided to the organization's key stakeholders and users.

The cause of the incident is discovered and remediated.

Forensic evidence is reviewed and provided to law enforcement

The incident response team discovers inefficiencies in the recovery process.

67. Which of the following processes is the FIRST step in establishing an information security policy?

Review of current global standards

Business risk assessment

Security controls evaluation

Information security audit

68. Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

Mature security policy

Information security roles and responsibilities

Organizational information security awareness

Organizational culture

69. The success of a computer forensic investigation depends on the concept of:

chain of evidence.

chain of attack.

forensic chain

evidence of attack.

70. Which of the following is the MOST important requirement for the successful implementation of security governance?

Mapping to organizational

Implementing a security balanced scorecard

Performance an enterprise-wide risk assessment

Aligning to an international security framework

Page 8 of 10

71. Which of the following control type is the FIRST consideration for aligning employee behavior with an organization’s information security objectives?

Physical security control

Directive security

Technical security controls

Logical access control

72. Which of the following is MOST critical to review when preparing to outsource a data repository to a cloud-based solution?

Disaster recovery plan

Identity and access management

Vendor’s information security policy

A risk assessment

73. An information security manager is concerned that executive management does not support information security initiatives.

Which of the following is the BEST way to address this situation?

Revise the information security strategy to meet executive management's expectations.

Escalate noncompliance concerns to the internal audit manager

Report the risk and status of the information security program to the board.

Demonstrate alignment of the information security function with business needs.

74. Which of the following is the MOST effective defense against spear phishing attacks?

Unified threat management

Web filtering

Anti-spam solution

User awareness training

75. A message is being sent with a hash. The risk of an attacker changing the message and generating an authentic hash value c*n be mitigated by:

generating hash output that is the same size as the original message,

requiring the recipient to use a different hash algorithm,

using the senders public key to encrypt the message.

using a secret key m conjunction with the hash algorithm.

76. Which of the following would BEST assist an information security manager in gaining strategic support from executive management?

Risk analysis specific to the organization

Research on trends in global information security breaches

Rating of the organization s security, based on international standards

Annual report of security incidents within the organization

77. Which of the following should be define* I FIRST when creating an organization's information security strategy?

Budget

Policies and processes

Objectives

Organizational structures

78. The PRIMARY reason an organization would require that users sign an acknowledgment of their system access responsibilities is to:

assign accountability for transactions made with the user's I

maintain compliance with industry best practices.

serve as evidence of security awareness training.

maintain an accurate record of users access rights

79. After a server has been attacked, which of the following is the BEST course of action?

Review vulnerability assessment

Conduct a security audit

Initiate modem response

Isolate the system.

80. An access rights review revealed that some former employees' access is still active.

Once the access is revoked, which of the following is the BEST course of action to help prevent recurrence?

Implement a periodic recertification program.

Initiate an access control policy review.

Validate HR offboarding processes.

Conduct a root cause analysis.

Page 9 of 10

81. To gain a clear understanding of the impact that a new regulatory will have on an organization’s security control, an information manager should FIRST.

Conduct a risk assessment

Interview senior management

Perform a gap analysis

Conduct a cost-benefit analysis

82. Which of the following will BEST protect an organization against spear phishing?

Antivirus software

Acceptable use policy

Email content filtering

End-user training

83. As part of an international expansion plan, an organization has acquired a company located in another jurisdiction.

Which of the following would be the BEST way to maintain an effective information security program?

Determine new factors that could influence the information security strategy.

Implement the current information security program in the acquired company.

Merge the two information security programs to establish continuity.

Ensure information security s included in any change control efforts

84. Which of the following sites would be MOST appropriate in the case of a very short recovery time objective (RTO)?

Redundant

Shared

Warm

Mobile

85. Which of the following is a PRIMARY security responsibility of an information owner?

Testing information classification controls

Determining the controls associated with information classification

Maintaining the integrity of data in the information system

Deciding what level of classification the information requires

86. Which of the following would provide nonrepudiation of electronic transactions?

Two-factor authentication

Periodic reaccredinations

Third-party certificates

Receipt acknowledgment

87. A policy has been established requiting users to install mobile device management (MDM) software on their personal devices.

Which of the following would BEST mitigate the risk created by noncompliance with this policy?

Disabling remote access from the mobile device

Requiring users to sign off on terms and conditions

Issuing company-configured mobile devices

Issuing warnings and documenting noncompliance

88. What should be information security manager’s FIRST course of action when it is discovered a staff member has been posting corporate information on social media sites?

Asses the classification of the data posted.

Implement controls to block the social media sites.

Refer the staff member to the information security policy

Notify senior management

89. Which of the following is the PRIMARY reason social media has become a popular target for attack?

The reduced effectiveness of access controls

The accessibility of social media from multiple locations

The prevalence of strong perimeter protection

The element of trust created by social media

90. Over the last year, an information security manager has performed risk assessments on multiple third-party vendors.

Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?

Criticality of the service to the organization

Compliance requirements associated with the regulation

Compensating controls in place to protect information security

Corresponding breaches associated with each vendor

Page 10 of 10

91. An organization's security policy is to disable access to USB storage devices on laptops and desktops.

Which of the following is the STRONGEST justification foi granting an exception to the policy?

Access is restricted to read-only.

USB storage devices are enabled based on user roles

Users accept the risk of noncompliance.

The benefit is greater than the potential risk

92. Which of the following is the BEST way to increase the visibility of information security within an organization's culture?

Requiring cross-functional information security training

Implementing user awareness campaigns for the entire company

Publishing an acceptable use policy

Establishing security policies based on industry standards

93. Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

Implement more stringent countermeasures.

Evaluate whether an excessive level of control is being applied.

Ask senior management to increase the acceptable risk levels

Ask senior management to lower the acceptable risk levels.

94. Which of the following will BEST help to ensure security is addressed when developing a custom application?

Conducting security training for the development staff

Integrating security requirements into the development process

Requiring a security assessment before implementation

Integrating a security audit throughout the development process

95. Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?

The patch should be applied to critical systems.

The patch should be validated using a hash algorithm.

The patch should be evaluated in a testing environment.

The patch should be deployed quickly to systems that are vulnerable.

96. Which of the following would be MOST effective when justifying the cost of adding security controls to an existing web application?

Vulnerability assessment results

Application security policy

A business case

Internal audit reports

97. Which of the following is the BEST indication that a recently adopted information security framework is a good fit for an organization?

The framework includes industry-recognized information security best practices.

The number of security incidents has significantly declined

The business has obtained framework certification.

Objectives in the framework correlate directly to business practices

98. Which of the following provides the MOST relevant evidence of incident response maturity?

Red team testing results

Average incident closure time

Independent audit assessment

Tabletop exercise results

99. Which of the following should be PRIMARILY included in a security training program for business process owners?

Application recovery time

Impact of security risks

Application vulnerabilities

List of security incidents reported

100. Which of the following is the BEST method to defend against social engineering attacks?

Monitor for unauthorized access attempts and failed logins.

Employ the use of a web-content filtering solution.

Communicate guideline to limit information posted to public sites

Periodically perform antivirus scans to identify malware

Updated CISM Exam Dumps For Earning Certified Information Security Manager Certified