Isaca CISM Quiz 194 Topic 3 Questions 966-970

Question: 1

A business unit uses e-commerce with a strong password policy. Many customers complain that they cannot remember their password because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST.

AChange the password policy to improve the customer experience

BReach alternative secure of identify verification

CRecommended implementing two-factor authentication.

DEvaluate the impact of the customer's experience on business revenue.

Show Answer

Question: 2

What is the PRIMARY benefit to executive management when audit risk, and security functions are aligned?

AMore effective decision making

BMore timely risk reporting

CReduced number of assurance reports

DMore efficient incident handling

Show Answer

Question: 3

An external security audit has reported multiple instances of control noncompliance. Which of the following is MOST important for the information security manager to communicate to senior managements.

AControl owner responses based on a root cause analysis

BAn accountability risk to initiate remediation activities

CA plan for mitigating the risk due to noncompliance

DThe impact of noncompliance on the organization's risk profile

Show Answer

Question: 4

Which of the following provides the MOST comprehensive understanding of an organization's information security posture?

AThe organization's security incident trends

BRisk management metrics

CResults of vulnerability assessments

DExternal audit findings

Show Answer

Question: 5

Which of the following should be the FIRST step to ensure system updates are applied in a timely manner?

ARun a patch management scan to discover which patches are missing from each machine.

BCreate a regression test plan to ensure business operation is not interrupted.

CCross-reference all missing patches to establish the date each patch was introduced.

DEstablish a risk-based assessment process for prioritizing patch implementation.

Show Answer

Isaca CISM Quiz:194 Topic:3 Questions:966-970