Isaca CISM Quiz 181 Topic 5 Questions 901-905

Question: 1

Which of the following should be done FIRST when implementing policies to address an upcoming new data privacy regulation?

AUnderstand which types of personal data are covered by the new regulation.

BProhibit further collection of personal data until the regulation is implemented.

CSegregate systems processing personal data from other systems on the network-

DUnderstand what technologies are required for personal data protection.

Show Answer

Question: 2

Adding security requirements late in the software development life cycle (SDLC) would MOST likely result in:

Aclearer understanding of requirements.

Boperational efficiency.

Ccompensating controls.

Dcost savings.

Show Answer

Question: 3

Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

AAn unusual upward trend in outbound email volume

BIndustry benchmark of DLP investments

CA risk assessment on the threat of data leakage

DLack of visibility into previous data leakage incidents

Show Answer

Question: 4

A security incident has resulted in a failure of the enterprise resource planning (ERP) system. While the incident is handled by the incident response team, the help desk is overrun by queries from department managers on the state of the ERP system. What is the MOST likely reason for this situation?

ALack of knowledgeable help desk staff

BAn inadequate communication plan

CLack of organization-wide security awareness

DAn inadequate business impact analysis (BlA)

Show Answer

Question: 5

The value of information assets relative to the organization is BEST determined by:

Aa risk assessment.

Ban impact analysis.

Ca threat assessment.

Dan asset classification.

Show Answer

Isaca CISM Quiz:181 Topic:5 Questions:901-905