Isaca CISM Quiz 25 Topic 1 Questions 121-125

Question: 1

Which of the following has the GREATEST impact on efforts to improve an organization's security posture?

AAutomation of security controls

BRegular reporting to senior management

CSupportive tone at the top regarding security

DWell-documented security policies and procedures

Show Answer

Question: 2

Which of the following should be the MOST important consideration when reviewing an information security strategy?

ANew business initiatives

BChanges to the security budget

CRecent security incidents

DInternal audit findings

Show Answer

Question: 3

Which of the following has the MOST direct impact on the usability of an organization's asset classification policy?

AThe support of IT management for the classification scheme

BThe granularity of classifications in the hierarchy

CThe frequency of updates to the organization's risk register

DThe business objectives of the organization

Show Answer

Question: 4

For an enterprise implementing a bring your own device (BYOD) program, which of the following would provide the BEST security of corporate

data residing on unsecured mobile devices?

AAcceptable use policy

BData loss prevention (DLP)

CDevice certification process

DContainerization solution

Show Answer

Question: 5

Which of the following is MOST likely to be a component of a security incident escalation policy?

ASample scripts and press releases for statements to media

BNames and telephone numbers of key management personnel

CDecision criteria for when to alert various groups

DA severity-ranking mechanism tied only to the duration of the outage

Show Answer

Isaca CISM Quiz:25 Topic:1 Questions:121-125