[Q137-Q159] Top ISACA CISM Courses Online - Updated [Feb-2024]

[Q137-Q159] Top ISACA CISM Courses Online – Updated [Feb-2024]

February 10, 2024 latestexam 0 Comments

Rate this post

Top ISACA CISM Courses Online – Updated [Feb-2024]

CISM Practice Dumps – Verified By LatestCram Updated 672 Questions

Passing the CISM certification exam demonstrates to employers and peers that the candidate possesses the knowledge and skills necessary to effectively manage information security in a complex and ever-changing environment. Certified Information Security Manager certification is recognized globally and is highly respected in the information security industry. Additionally, maintaining the certification requires ongoing professional development and continuing education, ensuring that CISM-certified professionals stay current with the latest trends and best practices in the field.

Q137. Identification and prioritization of business risk enables project managers to:

establish implementation milestones.

reduce the overall amount of slack time.

address areas with most significance.

accelerate completion of critical paths.

Identification and prioritization of risk allows project managers to focus more attention on areas of greater importance and impact. It will not reduce the overall amount of slack time, facilitate establishing implementation milestones or allow a critical path to be completed any sooner.

Q138. Which of the following is an information security manager’s BEST course of action upon learning of new cybersecurity regulatory requirements that apply to the organization?

Escalate the issue to senior management.

Implement the new requirements immediately.

Treat the new requirements as an operational issue.

Perform a gap analysis of the new requirements.

Q139. Which of the following MOST efficiently ensures the proper installation of a firewall policy that restricts a small group of internal IP addresses from accessing the Internet?

A connectivity test from the restricted host

A simulated denial of service attack against the firewall

A port scan of the firewall from an external source

A review of the current firewall configuration

Q140. A business unit uses an e-commerce application with a strong password policy. Many customers complain that they cannot remember their passwords because they are too long and complex. The business unit states it is imperative to improve the customer experience. The information security manager should FIRST:

change the password policy to improve the customer experience

research alternative secure methods of identity verification

evaluate the impact of the customer’s experience on business revenue

recommend implementing two-factor authentication

Section: INFORMATION SECURITY PROGRAM MANAGEMENT

Q141. An employee clicked on a malicious link in an email that resulted in compromising company data. What is the BEST way to mitigate this risk in the future?

Conduct phishing awareness training.

Implement disciplinary procedures.

Establish an acceptable use policy.

Assess and update spam filtering rules.

Explanation
Phishing awareness training is the best way to mitigate the risk of employees clicking on malicious links in emails, as it educates them on how to recognize and avoid phishing attempts. (From CISM Review Manual
15th Edition)
References: CISM Review Manual 15th Edition, page 179, section 4.3.2.2.

Q142. Which of the following provides the BEST input to maintain an effective asset classification program?

Business impact analysis (BIA)

Annual toss expectancy

Vulnerability assessment

Risk heat map

Q143. Which of the following presents the GREATEST information security concern when deploying an identity and access management solution?

Supporting legacy applications

Complying with the human resource policy

Supporting multiple user repositories

Gaining end user acceptance

Q144. Which of the following is an example of a corrective control?

Diverting incoming traffic upon responding to the denial of service (DoS) attack

Filtering network traffic before entering an internal network from outside

Examining inbound network traffic for viruses

Logging inbound network traffic

Diverting incoming traffic corrects the situation and. therefore, is a corrective control. Choice B is a preventive control. Choices C and D are detective controls.

Q145. Which of the following should be the PRIMARY focus of a lessons learned exercise following a successful response to a cybersecurity incident?

Establishing the root cause of the incident

Identifying attack vectors utilized in the incident

When business operations were restored after the incident

How incident management processes were executed

Explanation
The primary focus of a lessons learned exercise following a successful response to a cybersecurity incident is to evaluate how the incident management processes were executed, and to identify the strengths, weaknesses, best practices, and improvement opportunities for future incidents. A lessons learned exercise is not meant to determine the root cause, the attack vectors, or the recovery time of the incident, but rather to assess the performance and effectiveness of the incident response team and the incident response plan.
References: The CISM Review Manual 2023 states that “post-incident reviews are an essential part of the incident response process” and that “they provide an opportunity to assess the performance of the incident response team, identify areas for improvement, and document lessons learned and best practices” (p. 191). The CISM Review Questions, Answers & Explanations Manual 2023 also provides the following rationale for this answer: “How incident management processes were executed is the correct answer because it is the primary focus of a lessons learned exercise, which aims to evaluate the incident response capability and to implement corrective actions and improvement plans” (p. 97). Additionally, the Cybersecurity Incident Response Exercise Guidance article from the ISACA Journal 2022 states that “The AAR [after-action review] should include the date and time of the exercise, a list of participants, scenario descriptions, findings (generic and specific), observations with recommendations, lessons learned and an evaluation of the exercise (strengths, weaknesses, lessons learned)” (p. 3)1

Q146. Which of the following is the MOST appropriate method to protect a password that opens a confidential file?

Delivery path tracing

Reverse lookup translation

Out-of-band channels

Digital signatures

Explanation/Reference:
Explanation:
Out-of-band channels are useful when it is necessary, for confidentiality, to break a message into two parts that are then sent by different means. Digital signatures only provide nonrepudiation. Reverse lookup translation involves converting ;in Internet Protocol (IP) address to a username. Delivery path tracing shows the route taken but does not confirm the identity of the sender.

Q147. When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?

Business continuity plan

Disaster recovery plan

Incident response plan

Vulnerability management plan

Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
An incident response plan documents the step-by-step process to follow, as well as the related roles and responsibilities pertaining to all parties involved in responding to an information security breach. A business continuity plan or disaster recovery plan would be triggered during the execution of the incident response plan in the case of a breach impacting the business continuity. A vulnerability management plan is a procedure to address technical vulnerabilities and mitigate the risk through configuration changes (patch management).

Q148. Which of the following is the BEST technical defense against unauthorized access to a corporate network through social engineering?

Requiring challenge/response information

Requiring multi factor authentication

Enforcing frequent password changes

Enforcing complex password formats

Social engineering is a technique used by attackers to manipulate individuals into divulging sensitive information or performing actions that can compromise the security of an organization. Multi-factor authentication (MFA) is a security mechanism that requires users to provide at least two forms of authentication to verify their identity. By requiring MFA, even if an attacker successfully obtains a user’s credentials through social engineering, they will not be able to access the network without the additional form of authentication.

Q149. Which of the following metrics is the MOST appropriate for measuring how well information security is performing in dealing with outside attacks?

Number of incident detected.

Number of emergencies declared

Elapsed time to resolve incidents

Elapsed time to declare emergencies.

Q150. To prevent computers on the corporate network from being used as part of a distributed denial of service attack, the information security manager should use:

incoming traffic filtering

outgoing traffic filtering

IT security policy dissemination

rate limiting

Q151. Investments in information security technologies should be based on:

vulnerability assessments.

value analysis.

business climate.

audit recommendations.

Investments in security technologies should be based on a value analysis and a sound business case. Demonstrated value takes precedence over the current business climate because it is ever changing. Basing decisions on audit recommendations would be reactive in nature and might not address the key business needs comprehensively. Vulnerability assessments are useful, but they do not determine whether the cost is justified.

Q152. When creating a bring your own device (BYOD) program, it is MOST important to:

ensure the organization’s ownership of data and management of the device.

establish metrics to evaluate the effectiveness of the program.

develop remote wipe capabilities and procedures.

balance the costs between private versus business usage and define the method to track usage.

Q153. Which of the following is MOST critical for the successful implementation and maintenance of a security policy?

Assimilation of the framework and intent of a written security policy by all appropriate parties

Management support and approval for the implementation and maintenance of a security policy

Enforcement of security rules by providing punitive actions for any violation of security rules

Stringent implementation, monitoring and enforcing of rules by the security officer through access control software

Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Assimilation of the framework and intent of a written security policy by the users of the system is critical to the successful implementation and maintenance of the security policy. A good password system may exist, but if the users of the system keep passwords written on their desk, the password is of little value. Management support and commitment is no doubt important, but for successful implementation and maintenance of security policy, educating the users on the importance of security is paramount. The stringent implementation, monitoring and enforcing of rules by the security officer through access control software, and provision for punitive actions for violation of security rules, is also required, along with the user’s education on the importance of security.

Q154. Which of the following is the BKT approach for an information security manager when developing new information security policies?

Create a stakeholder nap

Reference an industry standard.

Establish an information security governance committee

Download a policy template

Q155. Which of the following would BEST protect an organization’s confidential data stored on a laptop computer from unauthorized access?

Strong authentication by password

Encrypted hard drives

Multifactor authentication procedures

Network-based data backup

Explanation
Encryption of the hard disks will prevent unauthorized access to the laptop even when the laptop is lost or stolen. Strong authentication by password can be bypassed by a determined hacker. Multifactor authentication can be bypassed by removal of the hard drive and insertion into another laptop. Network- based data backups do not prevent access but rather recovery from data loss.

Q156. Which of the following BEST indicates an effective vulnerability management program?

Risks are managed within acceptable limits.

Threats are identified accurately.

Vulnerabilities are managed proactively.

Vulnerabilities are reported in a timely manner.

Q157. Which of the following is the NEXT course of action for an incident response team if an Incident cannot be investigated in the allocated time?

Discontinue the investigation.

Activate the business continuity plan (BCP).

Request an exception to the service level agreement (SLA).

Escalate to senior management for resolution.

Q158. Which of the following terms and conditions represent a significant deficiency if included in a commercial hot site contract?

A hot site facility will be shared in multiple disaster declarations

All equipment is provided “at time of disaster, not on floor”

The facility is subject to a “first-come, first-served” policy

Equipment may be substituted with equivalent model

Equipment provided “at time of disaster (ATOD), not on floor” means that the equipment is not available but will be acquired by the commercial hot site provider ON a best effort basis. This leaves the customer at the mercy of the marketplace. If equipment is not immediately available, the recovery will be delayed. Many commercial providers do require sharing facilities in cases where there are multiple simultaneous declarations, and that priority may be established on a first-come, first-served basis. It is also common for the provider to substitute equivalent or better equipment, as they are frequently upgrading and changing equipment.

Q159. Which of the following would BEST help to ensure compliance with an organization’s information security requirements by an IT service provider?

Defining information security requirements with internal IT

Requiring regular reporting frame the IT service provider

Requiring an external security audit of the IT service provider

Defining the business recovery plan with the IT service provider

Loading …

New (2024) ISACA CISM Exam Dumps: https://www.latestcram.com/CISM-exam-cram-questions.html

Related Certifications

E_BW4HANA207 (1)
C-TS452-2022 (1)
C_C4H225_12 (2)
P_S4FIN_2020 (1)
P-SAPEA-2023 (1)
C_S4CS_2302 (1)
C-ARSUM-2208 (1)
C-THR94-2311 (1)
C-THR96-2205 (1)
C-FIOAD-1909 (1)

Free Cram & Latest Exams Dumps

[Q137-Q159] Top ISACA CISM Courses Online – Updated [Feb-2024]

leave a comment Cancel reply

Related Certifications

Recent Posts

Archives

Categories