CISM Online Practice Questions and Answers

The MOST complete business case for security solutions is one that.

A. includes appropriate justification.

B. explains the current risk profile.

C. details regulatory requirements.

D. identifies incidents and losses.

A company's mail server allows anonymous file transfer protocol (FTP) access which could be exploited. What process should the information security manager deploy to determine the necessity for remedial action?

A. A penetration test

B. A security baseline review

C. A risk assessment

D. A business impact analysis (BIA)

Which of the following ensures that newly identified security weaknesses in an operating system are mitigated in a timely fashion?

A. Patch management

B. Change management

C. Security baselines

D. Acquisition management

Which of the following is MOST effective in preventing the introduction of a code modification that may reduce the security of a critical business application?

A. Patch management

B. Change management

C. Security metrics

D. Version control

Which of the following is MOST important to the success of an information security program?

A. Security' awareness training

B. Achievable goals and objectives

C. Senior management sponsorship

D. Adequate start-up budget and staffing

Which of the following should be the MOST important criteria when defining data retention policies?

A. Capacity requirements

B. Audit findings

C. Regulatory requirements

D. Industry best practices

Which of the following is MOST helpful to management in determining whether risks are within an organization's tolerance level?

A. Audit findings

B. Heat map

C. Penetration test results

D. Maturity level

A database was compromised by guessing the password for a shared administrative account and confidential customer information was stolen. The information security manager was able to detect this breach by analyzing which of the following?

A. Invalid logon attempts

B. Write access violations

C. Concurrent logons

D. Firewall logs

Which of the following BEST enables an information security manager to assess the effectiveness of the information security program?

A. Maturity level

B. Risk register

C. Penetration testing results

D. Information security architecture

Which of the following is MOST helpful for determining which information security policies should be implemented by an organization?

A. Risk assessment

B. Business impact analysis (BIA)

C. Vulnerability assessment

D. Industry best practices

Which of the following desired outcomes BEST supports a decision to invest in a new security initiative?

A. Enhanced security monitoring and reporting

B. Reduced control complexity

C. Enhanced threat detection capability

D. Reduction of organizational risk

Which of the following should be the PRIMARY focus of a post-incident review following a successful response to a cybersecurity incident?

A. Which control failures contributed to the incident

B. How incident response processes were executed

C. What attack vectors were utilized

D. When business operations were restored

Which of the following security initiatives should be the FIRST step in helping an organization maintain compliance with privacy regulations?

A. Implementing a data classification framework

B. Implementing security information and event management (SIEM)

C. Installing a data loss prevention (DLP) solution

D. Developing security awareness training

Which of the following methods enables the MOST rigorous testing while avoiding the disruption of normal business operations?

A. Walk-through test

B. Full interruption test

C. Parallel test

D. Checklist review test

Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:

A. web surfing controls

B. packet filtering

C. application awareness

D. log monitoring