Isaca CISM Quiz 47 Topic 6 Questions 231-235

Question: 1

An organization performed a risk analysis and found a large number of assets with low-impact vulnerabilities. The NEXT action of the information security manager should be to:

Adetermine appropriate countermeasures.

Bquantify the aggregated risk.

Creport to management

Dtransfer the risk to a third party.

Show Answer

Question: 2

Which of the following is a PRIMARY responsibility of the information security governance function?

ADefining security strategies to support organizational programs

BAdministering information security awareness training

CEnsuring adequate support for solutions using emerging technologies

DAdvising senior management on optimal levels of risk appetite and tolerance

Show Answer

Question: 3

The BEST way to avoid session hijacking is to use:

Astrong password controls.

Ba firewall,

Ca reverse lookup.

Da secure protocol.

Show Answer

Question: 4

Which of the following should an information security manager perform FIRST when an organization's residual risk has increased?

AAssess the business impact

BTransfer the risk to third parties.

CImplement security measures to reduce the risk.

DCommunicate the information to senior management.

Show Answer

Question: 5

Which of the following should be done FIRST when selecting performance metrics to report. on the vendor risk management process?

AIdentify the data owner.

BReview the confidentiality requirements.

CIdentify the intended audience.

DSelect the data source.

Show Answer

Isaca CISM Quiz:47 Topic:6 Questions:231-235