Isaca CISM Quiz 72 Topic 5 Questions 356-360

Question: 1

Which type of control is an incident response team?

ADetective

BDirective

CPreventive

DCorrective

Show Answer

Question: 2

An organization is concerned with the potential for exploitation of vulnerabilities in its server systems. Which of the following is the BEST control to mitigate the associated risk?

AEnforcing configurations for secure logging and audit trails on server systems

BEnforcing standard system configurations based on secure configuration benchmarks

CImplementing network and system-based anomaly monitoring software for server systems.

DImplementing host-based intrusion detection systems (IDS) on server systems

Show Answer

Question: 3

Regular vulnerability scanning on an organization's internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?

ASend regular notifications directly to senior managers.

BInclude the impact of the risk as part of regular metrics.

CRecommend the security steering committee conduct a review.

DUpdate the risk assessment at regular intervals.

Show Answer

Question: 4

For an organization that provides web-based services, which of the following security events would MOST likely initiate an incident response plan and be escalated to management?

AMultiple failed login attempts on an employee's workstation

BSeveral port scans of the web server

CSuspicious network traffic originating from the demilitarized zone (DMZ)

DAnti-malware alerts on several employees' workstations

Show Answer

Question: 5

Which of the following is the MOST important function of an information security steering committee?

ADefining the objectives of the information security framework

BApproving security awareness content prior to publication

CConducting regular independent reviews of the state of security in the business

DEvaluating the effectiveness of information security controls on a periodic basis

Show Answer

Isaca CISM Quiz:72 Topic:5 Questions:356-360