Last Updated on October 26, 2022 by InfraExam
CISM : Certified Information Security Manager : Part 50
Which of the following devices, when placed in a demilitarized zone (DMZ), would be considered a significant exposure?
- Authentication server
- Web server
- Proxy server
- Intrusion detection server
For a user of commercial software downloaded from the Internet, which of the following is the MOST effective means of ensuring authenticity?
- Digital signatures
- Digital certificates
- Digital code signing
In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?
- Compliance with security requirements
- Frequency of status reporting
- Nondisclosure clause
- Intellectual property (IP)
Due to budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).
Which of the following is the information security manager’s BEST course of action?
- Inform the legal department of the deficiency.
- Analyze and report the issue to senior management.
- Require the application owner to implement the controls.
- Assess and present the risks to the application owner.
Which of the following is the GREATEST benefit of integrating a security information and event management (SIEM) solution with traditional security tools such as IDS, anti-malware, and email screening solutions?
- The elimination of false positive detections
- A reduction in operational costs
- An increase in visibility into patterns of potential threats
- The consolidation of tools into a single console
An organization is MOST at risk from a new worm being introduced through the intranet when:
- desktop virus definition files are not up to date.
- system software does not undergo integrity checks.
- hosts have static IP addresses.
- executable code is run from inside the firewall.
Which of the following is the MOST effective way to identify changes in an information security environment?
- Continuous monitoring
- Security baselining
- Annual risk assessments
- Business impact analysis
A risk analysis for a new system is being performed.
For which of the following is business knowledge MORE important than IT knowledge?
- Vulnerability analysis
- Balanced scorecard
- Cost-benefit analysis
- Impact analysis
Which of the following is MOST likely to drive an update to the information security strategy?
- A recent penetration test has uncovered a control weakness.
- A major business application has been upgraded.
- Management has decided to implement an emerging technology.
- A new chief technology officer has been hired.
A risk has been formally accepted and documented.
Which of the following is the MOST important action for an information security manager?
- Update risk tolerance levels.
- Notify senior management and the board.
- Monitor the environment for changes.
- Re-evaluate the organization’s risk appetite.
From a business perspective, the MOST important function of information security is to support:
- predictable operations.
- international standards.
- security awareness.
- corporate policy.
Which of the following is the MOST effective method for assessing the effectiveness of a security awareness program?
- Post-incident review
- Social engineering test
- Vulnerability scan
- Tabletop test
Which of the following is the BEST way to sustain employee interest in information awareness in an organization?
- Ensuring a common security awareness program for all staff
- Relating security awareness programs to security policies
- Ensuring all staff are involved
- Using a variety of delivery methods
In a resource-restricted security program, which of the following approaches will provide the BEST use of the limited resources?
- Risk avoidance
- Risk prioritization
- Threat management
An organization will be outsourcing mission-critical processes.
Which of the following is MOST important to verify before signing the service level agreement (SLA)?
- The provider has implemented the latest technologies.
- The provider’s technical staff are evaluated annually.
- The provider is widely known within the organization’s industry.
- The provider has been audited by a recognized audit firm.
Which of the following should be the PRIMARY input when defining the desired state of security within an organization?
- Acceptable risk level
- Annual loss expectancy
- External audit results
- Level of business impact
What is the BEST way for a customer to authenticate an e-commerce vendor?
- Use a secure communications protocol for the connection.
- Verify the vendor’s certificate with a certificate authority.
- Request email verification of the order.
- Encrypt the order using the vendor’s private key.
Which of the following would BEST enhance firewall security?
- Placing the firewall on a screened subnet
- Logging of security events
- Implementing change-control practices
- Providing dynamic address assignment
Which of the following would provide nonrepudiation of electronic transactions?
- Two-factor authentication
- Periodic reaccreditations
- Third-party certificates
- Receipt acknowledgment
The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:
- evaluate the effect of the changes on the levels of residual risk.
- identify changes in the risk environment.
- update information security policies in accordance with the changes.
- change business objectives based on potential impact.