Isaca CISM Quiz 86 Topic 3 Questions 426-430

Question: 1

Which of the following is MOST important for guiding the development and management of a comprehensive information security program?

AEstablishing and maintaining an information security governance framework

BAdopting information security program management best practices

CImplementing policies and procedures to address the information security strategy

DAligning the organization's business objectives with IT objectives

Show Answer

Question: 2

A data loss prevention (DLP) tool has flagged personally identifiable information (Pll) during transmission. Which of the following should the information security manager do FIRST?

AEscalate the issue to senior management.

BNotify authorities and the cyber insurance company

CValidate the scope and Impact with the business process owner.

DDisable the data loss prevention (DLP) policy.

Show Answer

Question: 3

An information security team is investigating an alleged breach of an organization's network. Which of the following would be the BEST single source of evidence to review?

AIntrusion detection system (IDS)

BSecurity information and event management (SIEM) tool

CFile integrity monitoring (FIM) software.

DAntivirus software

Show Answer

Question: 4

Which of the following is the FIRST step in developing a disaster recovery plan (DRP)?

ASet a recovery point objective (RPO).

BPerform a business impact analysis (BIA).

CSet a recovery time objective (RTO).

DIdentify potential third-party service providers

Show Answer

Question: 5

A recent comprehensive vulnerability assessment identified emerging threats to the continuity of critical business services. What should be the information security manager's FIRST course of action?

AConduct a gap analysis.

BConduct a risk assessment

CPerform a patch update.

DPerform a penetration test

Show Answer

Isaca CISM Quiz:86 Topic:3 Questions:426-430