Isaca CISM Quiz 272 Topic 4 Questions 1356-1360

Question: 1

When an organization lacks internal expertise to conduct highly technical forensics investigations, what is the BEST way to ensure effective and timely investigations following an information security incident?

AProvide forensics training to the information security team.

BPurchase forensic standard operating procedures.

CEnsure the incident response policy allows hiring a forensics firm.

DRetain a forensics firm prior to experiencing an incident.

Show Answer

Question: 2

An information security manager has determined that the mean time to prioritize information security incidents has increased to an unacceptable level. Which of the following processes would BEST enable the information security manager to address this concern?

A. Forensic analysis B. Incident response

CIncident classification

DVulnerability assessment

Show Answer

Question: 3

Which of the following trends BEST indicates that the maturity level of an information security program is improving?

AA decrease in residual risk

BAn increase in control self-assessments (CSAs) performed

CA decrease in the number of security incidents

DAn increase in overall security funding

Show Answer

Question: 4

Which of the following should an information security manager do FIRST upon learning that a data loss prevention (DLP) scanner has identified payment card information (PCI) stored in cleartext within accounting file shares?

AAssess the level of noncompliance.

BReport the issue to senior management.

CInitiate the incident response process.

DPerform an organization-wide risk assessment.

Show Answer

Question: 5

An organization rolled out information security awareness training and wants to perform an end-ot-year assessment to determine the program's success. Which of the following would be the BEST indicator of the program's effectiveness?

AAn increase in the number of security incidents throughout the organization

BAn increase in the number of employees completing training in a timely manner

CAn increase in the number of security-related inquiries to the help desk

DAn increase in the number of positive comments in trainee feedback surveys

Show Answer

Isaca CISM Quiz:272 Topic:4 Questions:1356-1360