Last Updated on October 26, 2022 by InfraExam

CISM : Certified Information Security Manager : Part 50

  1. Which of the following devices, when placed in a demilitarized zone (DMZ), would be considered a significant exposure?

    • Authentication server
    • Web server
    • Proxy server
    • Intrusion detection server
  2. For a user of commercial software downloaded from the Internet, which of the following is the MOST effective means of ensuring authenticity?

    • Digital signatures
    • Digital certificates
    • Digital code signing
    • Steganography
  3. In a large organization requesting outsourced services, which of the following contract clauses is MOST important to the information security manager?

    • Compliance with security requirements
    • Frequency of status reporting
    • Nondisclosure clause
    • Intellectual property (IP)
  4. Due to budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA).

    Which of the following is the information security manager’s BEST course of action?

    • Inform the legal department of the deficiency.
    • Analyze and report the issue to senior management.
    • Require the application owner to implement the controls.
    • Assess and present the risks to the application owner.
  5. Which of the following is the GREATEST benefit of integrating a security information and event management (SIEM) solution with traditional security tools such as IDS, anti-malware, and email screening solutions?

    • The elimination of false positive detections
    • A reduction in operational costs
    • An increase in visibility into patterns of potential threats
    • The consolidation of tools into a single console
  6. An organization is MOST at risk from a new worm being introduced through the intranet when:

    • desktop virus definition files are not up to date.
    • system software does not undergo integrity checks.
    • hosts have static IP addresses.
    • executable code is run from inside the firewall.
  7. Which of the following is the MOST effective way to identify changes in an information security environment?

    • Continuous monitoring
    • Security baselining
    • Annual risk assessments
    • Business impact analysis
  8. A risk analysis for a new system is being performed.

    For which of the following is business knowledge MORE important than IT knowledge?

    • Vulnerability analysis
    • Balanced scorecard
    • Cost-benefit analysis
    • Impact analysis
  9. Which of the following is MOST likely to drive an update to the information security strategy?

    • A recent penetration test has uncovered a control weakness.
    • A major business application has been upgraded.
    • Management has decided to implement an emerging technology.
    • A new chief technology officer has been hired.
  10. A risk has been formally accepted and documented.

    Which of the following is the MOST important action for an information security manager?

    • Update risk tolerance levels.
    • Notify senior management and the board.
    • Monitor the environment for changes.
    • Re-evaluate the organization’s risk appetite.
  11. From a business perspective, the MOST important function of information security is to support:

    • predictable operations.
    • international standards.
    • security awareness.
    • corporate policy.
  12. Which of the following is the MOST effective method for assessing the effectiveness of a security awareness program?

    • Post-incident review
    • Social engineering test
    • Vulnerability scan
    • Tabletop test
  13. Which of the following is the BEST way to sustain employee interest in information awareness in an organization?

    • Ensuring a common security awareness program for all staff
    • Relating security awareness programs to security policies
    • Ensuring all staff are involved
    • Using a variety of delivery methods
  14. In a resource-restricted security program, which of the following approaches will provide the BEST use of the limited resources?

    • Cross-training
    • Risk avoidance
    • Risk prioritization
    • Threat management
  15. An organization will be outsourcing mission-critical processes.

    Which of the following is MOST important to verify before signing the service level agreement (SLA)?

    • The provider has implemented the latest technologies.
    • The provider’s technical staff are evaluated annually.
    • The provider is widely known within the organization’s industry.
    • The provider has been audited by a recognized audit firm.
  16. Which of the following should be the PRIMARY input when defining the desired state of security within an organization?

    • Acceptable risk level
    • Annual loss expectancy
    • External audit results
    • Level of business impact
  17. What is the BEST way for a customer to authenticate an e-commerce vendor?

    • Use a secure communications protocol for the connection.
    • Verify the vendor’s certificate with a certificate authority.
    • Request email verification of the order.
    • Encrypt the order using the vendor’s private key.
  18. Which of the following would BEST enhance firewall security?

    • Placing the firewall on a screened subnet
    • Logging of security events
    • Implementing change-control practices
    • Providing dynamic address assignment
  19. Which of the following would provide nonrepudiation of electronic transactions?

    • Two-factor authentication
    • Periodic reaccreditations
    • Third-party certificates
    • Receipt acknowledgment
  20. The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:

    • evaluate the effect of the changes on the levels of residual risk.
    • identify changes in the risk environment.
    • update information security policies in accordance with the changes.
    • change business objectives based on potential impact.