Isaca CISM Quiz 279 Topic 2 Questions 1391-1395

Question: 1

A significant gap in an organization's breach containment process has been identified. Which of the following is MOST important for the information security manager to consider updating?

AIncident test plan

BBusiness continuity plan (BCP)

CCrisis management plan

DIncident response plan

Show Answer

Question: 2

Senior management is concerned several security incidents were not reported in a timely manner. Which of the following should the information security manager do FIRST to address this situation?

ARequest a review from internal audit.

BPerform a root cause analysis of the issue.

CAssess the communication skills of the Incident response Team.

DUpdate reporting requirements in the incident response plan.

Show Answer

Question: 3

Which of the following should provide the PRIMARY basis for formulating an information security strategy?

AThe regulatory environment

BThe information security framework

CThe business strategy

DThe IT strategy

Show Answer

Question: 4

Which activity is MOST important when identifying the appropriate security controls for a new business application?

AInterviewing senior management

BConducting a risk assessment

CAssigning data classification to assets

DPerforming a business impact analysts (BIA)

Show Answer

Question: 5

Due to recent cyber-attacks on industry peers, an organization has decided to create a separate Internal network to reduce the risk of similar attacks. Which of the following should the Information security manager do FIRST?

AUpdate security policies and procedures.

BEvaluate the impact on the business functions.

CUpdate the risk register to include the network separation

DIdentify resources required for implementation.

Show Answer

Isaca CISM Quiz:279 Topic:2 Questions:1391-1395