Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CISM Exam Dumps - Isaca Certification Questions and Answers

Question # 324

The MOST effective tools for responding to new and advanced attacks are those that detect attacks based on:

Options:

A.

signature analysis.

B.

behavior analysis.

C.

penetration testing.

D.

data packet analysis.

Buy Now
Question # 325

Which of the following is MOST important to include in an incident response plan to ensure incidents are responded to by the appropriate individuals?

Options:

A.

Skills required for the incident response team

B.

A list of external resources to assist with incidents

C.

Service level agreements (SLAs)

D.

A detailed incident notification process

Buy Now
Question # 326

Which of the following is the MOST important security consideration when developing an incident response strategy with a cloud provider?

Options:

A.

Escalation processes

B.

Technological capabilities

C.

Recovery time objective (RTO)

D.

Security audit reports

Buy Now
Question # 327

Which of the following is MOST useful to an information security manager when reporting the performance of the information security program to senior management?

Options:

A.

Number of policy exceptions

B.

Number of incidents identified and remediated

C.

System vulnerability scan results

D.

Results of an independent security audit

Buy Now
Question # 328

Which of the following is MOST important to include in an information security policy?

Options:

A.

Best practices

B.

Management objectives

C.

Baselines

D.

Maturity levels

Buy Now
Question # 329

An organization has implemented controls to mitigate risks resulting from identified vulnerabilities in an application. Which of the following is the BEST way to verify all weaknesses have been addressed?

Options:

A.

Conduct an internal audit.

B.

Conduct penetration testing.

C.

Perform a vulnerability assessment.

D.

Prepare compensating controls.

Buy Now
Question # 330

Which of the following is the PRIMARY role of the information security manager in application development?

Options:

A.

To ensure security is integrated into the system development life cycle (SDLC)

B.

To ensure compliance with industry best practice

C.

To ensure enterprise security controls are implemented

D.

To ensure control procedures address business risk

Buy Now
Question # 331

Which of the following is the MOST important consideration when defining a recovery strategy in a business continuity plan (BCP)?

Options:

A.

Legal and regulatory requirements

B.

Likelihood of a disaster

C.

Organizational tolerance to service interruption

D.

Geographical location of the backup site

Buy Now
Question # 332

The MOST important reason for an organization to establish a social media policy is to:

Options:

A.

Protect the company brand

B.

Increase employee productivity

C.

Monitor employee activity on the internet

D.

Prevent the spread of malware

Buy Now
Question # 333

Which of the following should review and approve the objectives within an organization’s information security framework?

Options:

A.

Information security steering committee

B.

Chief information security officer

C.

Chief information officer

D.

Information security manager

Buy Now
Question # 334

An organization has introduced a new bring your own device (BYOD) program. The security manager has determined that a small number of employees are utilizing free cloud storage services to store company data through their mobile devices. Which of the following is the MOST effective course of action?

Options:

A.

Allow the practice to continue temporarily for monitoring purposes.

B.

Disable the employees ' remote access to company email and data

C.

Initiate remote wipe of the devices

D.

Assess the business need to provide a secure solution

Buy Now
Question # 335

The MOST important reason to classify security incidents is to:

Options:

A.

Improve the efficiency and effectiveness of incident resolution

B.

Better manage security event and incident logging

C.

Align the incident response plan with corporate policy

D.

Enhance the reporting of incident status to the incident lead

Buy Now
Question # 336

What is the BEST way to inform senior management of the value of information security?

Options:

A.

Present the benefits of security awareness training

B.

Describe how security enables business objectives

C.

Describe potential impact of compromises

D.

Present anticipated return on security investment

Buy Now
Question # 337

An anomaly-based intrusion detection system (IDS) operates by gathering data on:

Options:

A.

normal network behavior and using it as a baseline lor measuring abnormal activity

B.

abnormal network behavior and issuing instructions to the firewall to drop rogue connections

C.

abnormal network behavior and using it as a baseline for measuring normal activity

D.

attack pattern signatures from historical data

Buy Now
Question # 338

Which of the following is the BEST way to determine the gap between the present and desired state of an information security program?

Options:

A.

Perform a risk analysis for critical applications.

B.

Determine whether critical success factors (CSFs) have been defined.

C.

Conduct a capability maturity model evaluation.

D.

Review and update current operational procedures.

Buy Now
Question # 339

Which of the following is the BEST way to ensure data is not co-mingled or exposed when using a cloud service provider?

Options:

A.

Obtain an independent audit report.

B.

Require the provider to follow stringent data classification procedures.

C.

Include high penalties for security breaches in the contract.

D.

Review the provider ' s information security policies.

Buy Now
Question # 340

An organization is selecting security metrics to measure security performance, and a firewall specialist suggests tracking the number of external attacks blocked by the firewalls. Which of the following is the GREATEST concern with using this metric?

Options:

A.

The number of blocked external attacks is not representative of the true threat profile.

B.

The number of blocked external attacks will vary by month, causing inconsistent graphs.

C.

The number of blocked external attacks is an indicator of the organization ' s popularity.

D.

The number of blocked external attacks over time does not explain the attackers ' motivations.

Buy Now
Question # 341

Which of the following is the MOST important reason for obtaining input from risk owners when implementing controls?

Options:

A.

To reduce risk mitigation costs

B.

To resolve vulnerabilities in enterprise architecture (EA)

C.

To manage the risk to an acceptable level

D.

To eliminate threats impacting the business

Buy Now
Question # 342

Which of the following is the BEST way to contain an SQL injection attack that has been detected by a web application firewall?

Options:

A.

Force password changes on the SQL database.

B.

Reconfigure the web application firewall to block the attack.

C.

Update the detection patterns on the web application firewall.

D.

Block the IPs from where the attack originates.

Buy Now
Question # 343

An information security manager has confirmed the organization ' s cloud provider has unintentionally published some of the organization ' s business data. Which of the following should be done NEXT?

Options:

A.

Identify users associated with the exposed data.

B.

Initiate the organization ' s data loss prevention (DLP) processes.

C.

Review the cloud provider ' s service level agreement (SLA).

D.

Invoke the incident response plan.

Buy Now
Exam Code: CISM
Exam Name: Certified Information Security Manager
Last Update: Jul 6, 2026
Questions: 1135
CISM pdf

CISM PDF

$59.7  $199
CISM Engine

CISM Testing Engine

$67.5  $225
CISM PDF + Engine

CISM PDF + Testing Engine

$74.7  $249