Isaca CISM Quiz 309 Topic 1 Questions 1541-1545

Question: 1

Which of the following is the MOST important consideration during a forensics investigation?

AChain of custody

BDisclosure requirements

CManagement directives

DEvidence hardening

Show Answer

Question: 2

Which of the following is MOST important to the effectiveness of an information security steering committee?

AThe committee has strong regulatory knowledge.

BThe committee has cross-organizational representation.

CThe committee has strong representation from IT.

DThe committee is driven by industry best practices.

Show Answer

Question: 3

An organization engages 4 third-party vendor to monitor and support a financial application under scrutiny by regulators. Maintaining strict

data integrity and confidentiality for this application is critical to the business. Which of the following controls would MOST effectively

manage risk to the organization?

AImplementing periodic access reviews of vendor employees

BDisabling vendor access and only re-enabling when access is needed

CActivating access and data logging

DImplementing segregation of duties between systems and data

Show Answer

Question: 4

A newly appointed information security manager has been asked to update all security-related policies and procedures that have been

Static for five years or more. What is the BEST next step?

ATo update in accordance with the best business practices

BTo assess corporate culture

CTo perform a risk assessment of the current IT environment

DTo gain an understanding of the current business direction

Show Answer

Question: 5

A business manager has decided not to implement a control based on the risk assessment of a mission-critical business application

because of its impact on performance. What is the information security manager's BEST course of action'?

AInstruct the business managerto implement the mitigation control.

BUpdate the organization's risk profile.

CEscalate the issue to senior management for a final decision.

DRecommend possible compensating controls.

Show Answer

Isaca CISM Quiz:309 Topic:1 Questions:1541-1545