Management > QUESTIONS & ANSWERS > Certified Information Security Manager Questions with 100% Correct Answers (All)
Certified Information Security Manager Questions with 100% Correct Answers
Document Content and Description Below
Certified Information Security Manager Questions with 100% Correct Answers Resource allocation is crucial during incident triage as it assists in prioritization and categorization. Why would this b... e critical for most organizations when conducting triage? A. Most organizations have limited incident handling resources B. Categorization assists in mitigation C. Prioritization aides in detection D. Most organizations assign incidents based on criticality -Answer- A. Most organizations have limited incident handling resources Who is in the best position to judge the risks and impacts since they are most knowledgeable concerning their systems? A. Internal auditors B. Security management C. Business process owners D. External regulatory agencies -Answer- C. Business process owners In order to establish prioritization in the effective implementation of an organization's security governance, primary emphasis should be placed on? A. Consultation B. Negotiation C. Facilitation D. Planning -Answer- D. Planning All actions dealing with incidents must be worked with cyclical consideration. What is the primary post-incident review takeaway? A. Pursuit of legal action B. Identify personnel failures C. Incident management report D. Derive ways to improve the response process -Answer- not b or c Which of the following is the most significant challenge when developing an incident management plan? A. A plan not aligning with organizational goals B. Compliance and regulatory requirements C. A cohesive incident threat matrix D. Lack of management and leadership buy-in -Answer- D. Lack of management and leadership buy-in Residual risks can be determined by: A. Calculating remaining vulnerabilities after creating controls B. Performing a threat analysis C. Performing a risk assessment D. Through risk transference -Answer- C. Performing a risk assessment Which is the most effective solution for preventing internal users from modifying sensitive and/or classified information? A. Baseline security standards B. System access violation logs C. Role-based access control D. Exit routines -Answer- C. Role-based access control As part of the Risk Management process, assessments must be performed on the information systems and resources of an organization. If there are vulnerabilities disclosed during an assessment, those vulnerabilities should be: A. Handled as a risk without a threat consideration B. Prioritized for re-mediation solely based on impact C. Reviewed to analyse information security controls D. Evaluated and prioritized based on credible threat and impact if exploited and and mitigation cost -Answer- D. Evaluated and prioritized based on credible threat and impact if exploited and and mitigation cost [Show More]
Last updated: 2 years ago
Preview 1 out of 12 pages
Buy this document to get the full access instantly
Instant Download Access after purchase
Buy NowInstant download
We Accept:
Also available in bundle (1)
CISM Bundled Exams with complete solution
CISM 3131 - Final Exam / Test 3 Questions with Complete Solution CISM 4350: Final Exam 2022 with complete solution CISM 3330 Exam 2 Questions with Answers CISM Practice Exam 2 CISM Exam 3...
By Excel 2 years ago
$16
13
Reviews( 0 )
$8.00
Can't find what you want? Try our AI powered Search
Document information
Connected school, study & course
About the document
Uploaded On
Sep 01, 2022
Number of pages
12
Written in
Additional information
This document has been written for:
Uploaded
Sep 01, 2022
Downloads
0
Views
155
.png)
.png)
.png)
