Isaca CISM Quiz 57 Topic 3 Questions 281-285

Question: 1

Which of the following is the MOST important security consideration when developing an incident response strategy with a cloud provider?

ASecurity audit reports

BTechnological capabilities

CRecovery time objective (RTO)

DEscalation processes

Show Answer

Question: 2

An incident response team recently encountered an unfamiliar type of cyber event. Though the team was able to resolve the issue, it took a significant amount of time to identify, What is the BEST way to help ensure similar incidents are identified more quickly in the future?

AImplement a SIEM solution.

BPerform a post-incident review.

CPerform a threat analysis.

DEstablish performance metrics for the team.

Show Answer

Question: 3

When determining an acceptable risk level, which of the following is the MOST important consideration?

ASystem criticalities

BThreat profiles

CVulnerability scores

DRisk matrices

Show Answer

Question: 4

An organization that uses external cloud services extensively is concerned with risk monitoring and timely response. The BEST way to address this concern is to ensure:

Athe availability of continuous technical support.

Bappropriate service level agreements (SLAs) are in place.

Ca right-to-audit clause is included in contracts.

Dinternal security standards are in place.

Show Answer

Question: 5

Which of the following is the MOST beneficial outcome of testing an incident response plan?

AThe plan is enhanced to reflect the findings of the test.

BThe response includes escalation to senior management.

CIncident response time is improved.

DTest plan results are documented.

Show Answer

Isaca CISM Quiz:57 Topic:3 Questions:281-285