Isaca CISM Quiz 69 Topic 6 Questions 341-345

Question: 1

Which of the following should be an information security manager's MOST important criterion for determining when to review the incident response plan?

ABefore an internal audit of the incident response process

BWhen recovery time objectives (RTOs) are not met

CWhen missing information impacts recovery from an incident

DAt intervals indicated by industry best practice

Show Answer

Question: 2

When developing an escalation process for an incident response plan, the information security manager should PRIMARILY consider the:

Aavailability of technical resources.

Baffected stakeholders.

Cincident response team.

Dmedia coverage.

Show Answer

Question: 3

Which of the following BEST protects against phishing attacks?

AEmail filtering

BApplication whitelisting

CNetwork encryption

DSecurity strategy training

Show Answer

Question: 4

Following a risk assessment, new countermeasures have been approved by management. Which of the following should be performed NEXT?

ASchedule the target end date for implementation activities.

BCalculate the cost for each countermeasure.

CDevelop an implementation strategy.

DBudget the total cost of implementation activities.

Show Answer

Question: 5

An employee clicked on a link in a phishing email, triggering a ransomware attack. Which of the following should be the information security manager's FIRST step?

AWipe the affected system.

Bisolate the impacted endpoints.

CNotify senior management

DNotify internal legal counsel.

Show Answer

Isaca CISM Quiz:69 Topic:6 Questions:341-345