Isaca CISM Quiz 111 Topic 1 Questions 551-555

Question: 1

Which of the following activities should take place FIRST when a security patch for Internet software is received from a vendor?

AThe patch should be applied to critical systems.

BThe patch should be validated using a hash algorithm.

CThe patch should be evaluated in a testing environment.

DThe patch should be deployed quickly to systems that are vulnerable.

Show Answer

Question: 2

Which of the following is the BEST approach for encouraging business units to assume their roles and responsibilities in an information security program?

APerform a risk assessment

BConduct an awareness program

CConduct a security audit.

DDevelop controls and countermeasures

Show Answer

Question: 3

When developing a disaster recovery plan, which of the following would be MOST helpful in prioritizing the order in which systems should be recovered?

AReviewing the business strategy

BReviewing the information security policy

CPerforming a business impact analysis (BIA)

DMeasuring the volume of data in each system

Show Answer

Question: 4

What is the MOST important consideration when establishing metrics for reporting to the information security strategy committee?

AAgreeing on baseline values for the metrics

BDeveloping a dashboard for communicating the metrics

CProviding real-time insight on the security posture of the organization

DBenchmarking the expected value of the metrics against industry standards

Show Answer

Question: 5

An organization has recently experienced unauthorized device access to its network. To proactively manage the problem and mitigate this risk, the BEST preventive control would be to:

Akeep an inventory of network and hardware addresses of all systems connected to the network

Bimplement network-level authentication and login to regulate access of devices to the network

Cdeploy an automated asset inventory discovery tool to identify devices that access the network

Dinstall a stateful inspection firewall to prevent unauthorized network traffic

Show Answer

Isaca CISM Quiz:111 Topic:1 Questions:551-555