Isaca CISM Quiz 73 Topic 6 Questions 361-365

Question: 1

Which of the following is MOST important for an information security manager to communicate to stakeholders when approving exceptions to the information security policy?

ARequirements for senior management reporting

BImpact on the risk profile

CTime period for review

DNeed for compensating controls

Show Answer

Question: 2

Which of the following is an information security manager's BEST approach when selecting cost-effective controls needed to meet business objectives?

AFocus on preventive controls.

BAlign with the risk appetite

CAlign with industry best practice.

DConduct a gap analysis.

Show Answer

Question: 3

Which of the following functions is MOST critical when initiating the removal of system access for terminated employees?

AHelp desk

BHuman resources (HR)

CInformation security

DLegal

Show Answer

Question: 4

Company A, a cloud service provider, is in the process of acquiring Company B to gain new benefits by incorporating their technologies within its cloud services. Which of the following should be the PRIMARY focus of Company A's information security manager?

AThe cost to align to Company A's security policies

BThe organizational structure of Company B

CCompany A's security architecture

DCompany B's security policies

Show Answer

Question: 5

During which of the following development phases is it MOST challenging to implement security controls?

ADesign phase

BPost-implementation phase

CDevelopment phase

DImplementation phase

Show Answer

Isaca CISM Quiz:73 Topic:6 Questions:361-365