Isaca CISM Quiz 12 Topic 6 Questions 56-60

Question: 1

Which of the following should be the PRIMARY basis for an information security strategy?

AResults of a comprehensive gap analysis

BThe organization's vision and mission

CAudit and regulatory requirements

DInformation security policies

Show Answer

Question: 2

If an organization does not have an information security governance framework in place, which of the following would BEST facilitate the adoption of a future governance program?

AIT department support

BInformation security funding

CInvolvement of business stakeholders

DAudit recommendations

Show Answer

Question: 3

Recovery time objectives (RTOs) are BEST determined by

Aexecutive management.

Bbusiness managers.

Cdatabase administrators (DBAs).

Dbusiness continuity officers.

Show Answer

Question: 4

A security review identifies that confidential information on the file server has been accessed by unauthorized users in following should the information security manager do FIRST?

AInvoke the incident response plan.

BImplement role-based access control.

CDelete the information from the file server.

DRemove access to the information.

Show Answer

Question: 5

Which of the following is the BEST method to ensure compliance with password standards?

AA user-awareness program

BUsing password-cracking software

CAutomated enforcement of password syntax rules

DImplementing password-synchronization software

Show Answer

Isaca CISM Quiz:12 Topic:6 Questions:56-60