CISM : Certified Information Security Manager : Part 41

  1. Which of the following is the PRIMARY benefit of implementing a maturity model for information security management?

    • Information security management costs will be optimized.
    • Information security strategy will be in line with industry best practice.
    • Gaps between current and desirable levels will be addressed.
    • Staff awareness of information security compliance will be promoted.
  2. Which of the following provides the MOST comprehensive understanding of an organization’s information security posture?

    • Risk management metrics
    • External audit findings
    • Results of vulnerability assessments
    • The organization’s security incident trends
  3. Most security vulnerabilities in software exit because:

    • security features are not tested adequately.
    • software has undocumented features.
    • security is not properly designed.
    • software is developed without adherence to standards.
  4. Which of the following is a potential indicator of inappropriate Internet use by staff?

    • Increased help desk calls for password resets
    • Reduced number of pings on firewalls
    • Increased reports of slow system performance
    • Increased number of weakness from vulnerability scans
  5. A payroll application system accepts individual user sign-on IDs and then connects to its database using a single application ID. The GREATEST weakness under this system architecture is that:

    • users can gain direct access to the application ID and circumvent data controls.
    • when multiple sessions with the same application ID collide, the database locks up.
    • the database becomes unavailable if the password of the application ID expires.
    • an incident involving unauthorized access to data cannot be tied to a specific user.
  6. A new regulation has been announced that requires mandatory reporting of security incidents that affect personal client information. Which of the following should be the information security manager’s FIRST course of action?

    • Review the current security policy.
    • Inform senior management of the new regulation.
    • Update the security incident management process.
    • Determine impact to the business.
  7. An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:

    • industry best practices.
    • data ownership.
    • log sources.
    • threat assessments.
  8. Which of the following change management procedures is MOST likely to cause concern to the information security manager?

    • Fallback processes are tested the weekend before changes are made.
    • The development manager migrates programs into production.
    • A manual rather than an automated process is used to compare program versions.
    • Users are not notified of scheduled system changes.
  9. A multinational organization wants to monitor outbound traffic for data leakage from the use of unapproved cloud services. Which of the following should be the information security manager’s GREATEST consideration when implementing this control?

    • Security of cloud services
    • Data privacy regulations
    • Resistance from business users
    • Allocation of monitoring resources
  10. Following a risk assessment, new countermeasures have been approved by management. Which of the following should be performed NEXT?

    • Develop an implementation strategy.
    • Schedule the target end date for implementation activities.
    • Budget the total cost of implementation activities.
    • Calculate the residual risk for each countermeasure.
  11. Which of the following would BEST assist an IS manager in gaining strategic support from executive management?

    • Annual report of security incidents within the organization
    • Research on trends in global information security breaches
    • Rating of the organization’s security, based on international standards
    • Risk analysis specific to the organization
  12. An emergency change was made to an IT system as a result of a failure. Which of the following should be of GREATEST concern to the organization’s information security manager?

    • The change did not include a proper assessment of risk.
    • Documentation of the change was made after implementation.
    • The information security manager did not review the change prior to implementation.
    • The operations team implemented the change without regression testing.
  13. The PRIMARY advantage of single sign-on (SSO) is that it will:

    • support multiple authentication mechanisms.
    • increase the security related applications.
    • strengthen user password.
    • increase efficiency of access management.
  14. Which of the following is the MOST important reason for performing vulnerability assessments periodically?

    • Management requires regular reports.
    • The environment changes constantly.
    • Technology risks must be mitigated.
    • The current threat levels are being assessed.
  15. Which of the following architectures for e-business BEST ensures high availability?

    • Availability of an adjacent hot site and a standby server with mirrored copies of critical data
    • Intelligent middleware to direct transactions from a downed system to an alternative
    • A single point of entry allowing transactions to be received and processed quickly
    • Automatic failover to the web site of another e-business that meets the user’s needs
  16. A business case for investment in an information security management infrastructure MUST include:

    • evidence that the proposed infrastructure is certified.
    • specifics on the security applications needed.
    • data management methods currently in use.
    • impact of noncompliance with applicable standards.
  17. An organization that has outsourced its incident management capabilities just discovered a significant privacy breach by an unknown attacker. Which of the following is the MOST important action of the information security manager?

    • Follow the outsourcer’s response plan.
    • Alert the appropriate law enforcement authorities.
    • Refer to the organization’s response plan.
    • Notify the outsourcer of the privacy breach.
  18. Which of the following threats is prevented by using token-based authentication?

    • Password sniffing attack on the network
    • Denial of service attack over the network
    • Main-in-the middle attack on the client
    • Session eavesdropping attack on the network
  19. What of the following is MOST important to include in an information security policy?

    • Maturity levels
    • Best practices
    • Management objectives
    • Baselines
  20. Executive management is considering outsourcing all IT operations. Which of the following functions should remain internal?

    • Data ownership
    • Data monitoring
    • Data custodian
    • Data encryption
Notify of
Inline Feedbacks
View all comments