Isaca CISM Quiz 78 Topic 7 Questions 386-390

Question: 1

Which of the following is MOST likely to be included in an enterprise information security policy?

APassword composition requirements

BConsequences of noncompliance

CAudit trail review requirements

DSecurity monitoring strategy

Show Answer

Question: 2

Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:

Apacket filtering.

Bweb surfing controls.

Clog monitoring.

Dapplication awareness.

Show Answer

Question: 3

After the occurrence of a major information security corrective actions?

ACalculating cost of the incident

BPerforming an impact analysis

CConducting a postmortem assessment

DPreserving the evidence

Show Answer

Question: 4

A financial company executive is concerned about recently increasing cyberattacks and needs to take action to reduce risk. The organization would BEST respond by:

Aincreasing budget and staffing levels for the incident response team.

Btesting the business continuity plan (BCP).

Cimplementing an intrusion detection system (IDS).

Drevalidating and mitigating risks to an acceptable level.

Show Answer

Question: 5

Which of the following is the MOST important consideration for a global organization that is designing an information security awareness program?

AProgram costs

BCultural backgrounds

CNational regulations

DLocal languages

Show Answer

Isaca CISM Quiz:78 Topic:7 Questions:386-390