Isaca CISM Quiz 250 Topic 6 Questions 1246-1250

Question: 1

Shortly after installation, an intrusion detection system (IDS) reports a violation. Which of the following is the MOST likely explanation?

AThe violation is a false positive.

BA routine IDS log file upload has occurred,

CAn intrusion has occurred-

DA routine IDS signature file download has occurred.

Show Answer

Question: 2

The BEST way to ensure information security efforts and initiatives continue to support corporate strategy is by:

Aincluding the CIO in the information security steering committee.

Bconducting benchmarking with industry best practices.

Cincluding information security metrics in the organizational metrics.

Dperforming periodic internal audits of the information security program

Show Answer

Question: 3

Which of the following is the MOST appropriate board-level activity for information security governance?

AInclude security in job performance appraisals

BDevelop 'what-if' scenarios on incidents

CEstablish measures for security baselines.

DEstablish security and continuity ownership

Show Answer

Question: 4

While conducting a test of a business continuity plan (BCP). which of the following is the MOST important consideration?

AThe test involves IT members in the test process

BThe test simulates actual prime-time processing conditions.

CThe test addresses the critical components

DThe test is scheduled to reduce operational impact

Show Answer

Question: 5

An information security manager is concerned about the risk of fire at its data processing center To address this concern, an automatic fire suppression system has been installed Which of the following risk treatments has been applied?

AAcceptance

BTransfer

CMitigation

DAvoidance

Show Answer

Isaca CISM Quiz:250 Topic:6 Questions:1246-1250