Isaca CISM Quiz 74 Topic 3 Questions 366-370

Question: 1

What is the BEST way for an information security manager to ensure critical assets are prioritized in a new information security program?

ABackup information assets and store them offsite

BConduct security awareness training.

CUpdate operating procedures to include new requirements.

DConduct an inventory of information assets.

Show Answer

Question: 2

Which of the following BEST enables the detection of advanced persistent threats (APTs)?

AVulnerability scanning

BPeriodic reviews of intrusion prevention system (IPS)

CSecurity information and event management system (SIEM)

DInternet gateway

Show Answer

Question: 3

Which of the following is MOST appropriate to add to a dashboard for the purpose of illustrating an organization's risk level to senior management?

ARisk heat map

BResults of risk and control testing

CBudget variance for information security

Show Answer

Question: 4

Which of the following provides the BEST assurance that a contracted third-party provider meets an organization's security requirements?

ARight-to-audit clause in the contract

BPerformance metrics

CDue diligence questionnaires

DContinuous monitoring

Show Answer

Question: 5

To prevent ransomware attacks, it is MOST important to ensure:

Aadequate backup and restoration processes are in place.

Bregular security awareness training is conducted.

Cupdated firewall software is installed.

Dthe latest security appliances are installed.

Show Answer

Isaca CISM Quiz:74 Topic:3 Questions:366-370