Isaca CISM Quiz 189 Topic 3 Questions 941-945

Question: 1

When designing an incident response plan to be agreed upon with a cloud computing vendor, including which of the following will BEST help to ensure the effectiveness of the plan?

AResponsibility and accountability assignments

BRequirements for onsite recovery testing

CAn audit and compliance program

DA training program for the vendor staff

Show Answer

Question: 2

An organization is concerned with the risk of information leakage caused by incorrect use of personally owned smart devices by employees. What is the BEST way for the information security manager to mitigate the associated risk?

ARequire employees to sign a nondisclosure agreement

BImplement a mobile device management solution.

Cimplement a multi-factor authentication solution.

DDocument a bong-your-own-device (BYOD) policy.

Show Answer

Question: 3

Which of the following outsourced services has the GREATEST need for security monitoring?

AApplication development

BEnterprise infrastructure

CWeb site hosting

DVirtual private network (VPN) services

Show Answer

Question: 4

What should be the PRIMARY basis for establishing a recovery time objective (RTO) for a critical business application?

ARisk assessment results

BBusiness impact analysis (BIA) results

CRelated business benchmarks

DLegal and regulatory requirements

Show Answer

Question: 5

An organization's information security manager has learned that similar organizations have become increasingly susceptible to spear phishing attacks. What is the BEST way to address this concern?

ACreate a new security policy that staff must read and sign.

BInclude tips to identify threats in awareness training.

CConduct a business impact analysis (BIA) of the threat.

DUpdate data loss prevention (DLP) rules for email.

Show Answer

Isaca CISM Quiz:189 Topic:3 Questions:941-945