Isaca CISM Quiz 188 Topic 2 Questions 936-940

Question: 1

An organization was forced to pay a ransom to regain access to a critical database that had been encrypted in a ransomware attack. What would have BEST prevented The need to make this ransom payment?

AStoring backups on a segregated network.

BTraining employees on ransomware

CVerifying the firewall is configured properly

DEnsuring all changes are approved

Show Answer

Question: 2

Which of the following needs to be established between an IT service provider and its clients to BEST enable adequate continuity of service in preparation for an outage?

AReciprocal site agreement

BServer maintenance plans

CRecovery time objectives (RTOs)

DData retention policies

Show Answer

Question: 3

Which of the following is the MOST effective method for categorizing system and data criticality during the risk assessment process?

AInterview the asset owners.

BInterview senior management.

CInterview data custodians.

DInterview members of the board.

Show Answer

Question: 4

An organization's recent risk assessment has identified many areas of security risk, and senior management has asked for a five-minute overview of The assessment results. Which of the following is the information security manager's BEST option for presenting this information?

ARisk register

BSpider diagram

CRisk heat map

DBalarKed scorecard

Show Answer

Question: 5

Which of the following processes would BEST aid an information security manager in resolving systemic security issues?

ABusiness impact anal/sis (BIA)

BSecurity reviews

CReinforced security controls

DRoot cause analysis

Show Answer

Isaca CISM Quiz:188 Topic:2 Questions:936-940