Isaca CISM Quiz 180 Topic 5 Questions 896-900

Question: 1

A risk assessment report shows that phishing attacks are an emerging threat for an organization that supports online financial services. Which of the following is the information security manager's BEST course of action?

AConduct corporate awareness training.

BImplement spam protection.

CTransfer risk with insurance coverage.

DUpdate antivirus software

Show Answer

Question: 2

Which of the following would BEST help to ensure an organization's information security strategy is aligned with business objectives?

ARequesting senior management to periodically review security incidents

BEstablishing a change control process for continued updating of security policies

CImplementing an automated solution for monitoring information security processes

DEstablishing metrics to measure the effectiveness of the information security program

Show Answer

Question: 3

An organization with a maturing incident response program conducts post-incident reviews for all major information security incidents. The PRIMARY goal of these reviews should be to:

Aprepare properly vetted notifications regarding the incidents to external parties

Bidentify who should be held accountable for the security incidents.

Cdocument and report the root cause of the incidents for senior management

Didentify security program gaps or systemic weaknesses that need correction.

Show Answer

Question: 4

Which of the following has the PRIMARY responsibility of ensuring an organizations information security strategy supports business goals?

AChief information security officer (CISO)

BInformation security steering committee

CAudit committee

DChief executive officer (CEO)

Show Answer

Question: 5

Which type of test is MOST effective in communicating the roles of end users to support timely identification and response to information security incidents?

ASimulation

BWalk-through

CParallel

DComplete failover

Show Answer

Isaca CISM Quiz:180 Topic:5 Questions:896-900