Isaca CISM Quiz 96 Topic 3 Questions 476-480

Question: 1

What should be information security manager's FIRST course of action when it is discovered a staff member has been posting corporate information on social media sites?

AAsses the classification of the data posted.

BImplement controls to block the social media sites.

CRefer the staff member to the information security policy

DNotify senior management

Show Answer

Question: 2

Which of the following is an information security manager's BEST course of action when informed of decision to reduce funding for the information security program?

ARemove overlapping security controls

BPrioritize security projects based on risk.

CDesign key risk indicators (KRIs)

DCreate a business case appeal decision.

Show Answer

Question: 3

Which of the following is the BEST method to defend against social engineering attacks?

AMonitor for unauthorized access attempts and failed logins.

BEmploy the use of a web-content filtering solution.

CCommunicate guideline to limit information posted to public sites

DPeriodically perform antivirus scans to identify malware

Show Answer

Question: 4

To gain a clear understanding of the impact that a new regulatory will have on an organization's security control, an information manager should FIRST.

AConduct a risk assessment

BInterview senior management

CPerform a gap analysis

DConduct a cost-benefit analysis

Show Answer

Question: 5

Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?

AMature security policy

BInformation security roles and responsibilities

COrganizational information security awareness

DOrganizational culture

Show Answer

Isaca CISM Quiz:96 Topic:3 Questions:476-480