CISM 2014 Questions - 1

Question

In which of the following areas are data owners PRIMARILY responsible for establishing risk mitigation?

Answer 1

A. Platform security

Answer 2

B. Entitlement changes

Answer 3

C. Intrusion detection

Answer 4

D. Antivirus controls

Answer 5

A. Cost reduction

Answer 6

B. Compliance with company policies

Answer 7

C. Protection of business assets

Answer 8

D. Increased business value

Answer 9

A. Risk analysis

Answer 10

B. Business impact analysis (BIA)

Answer 11

C. Return on investment (ROI) analysis

Answer 12

D. Cost-benefit analysis

Answer 13

A. References from other organizations

Answer 14

B. Past experience of the engagement team

Answer 15

C. Sample deliverable

Answer 16

D. Methodology to be used in the assessment

Answer 17

A. Ensure that intrusion prevention is placed in front of the firewall.

Answer 18

B. Ensure that all devices that are connected can easily see the IPS in the network.

Answer 19

C. Ensure that all encrypted traffic is decrypted prior to being processed by the IPS.

Answer 20

D. Ensure that traffic to all devices is mirrored to the IPS.

Answer 21

A. Procedures for hardening database servers

Answer 22

B. Standards for password length and complexity

Answer 23

C. Policies addressing information security governance

Answer 24

D. Standards for document retention and destruction

Answer 25

A. Estimated productivity losses

Answer 26

B. Possible scenarios with threats and impacts

Answer 27

C. Value of information assets

Answer 28

D. Vulnerability assessment

Answer 29

A. release management.

Answer 30

B. incident management.

Answer 31

C. change management.

Answer 32

D. configuration management.

Answer 33

A. Technical

Answer 34

B. Regulatory

Answer 35

C. Privacy

Answer 36

D. Business

Answer 37

A. notifications.

Answer 38

B. warranties.

Answer 39

C. liabilities.

Answer 40

D. geographic coverage.

Answer 41

A. External auditors

Answer 42

B. A peer group within a similar business

Answer 43

C. Process owners

Answer 44

D. A specialized management consultant

Answer 45

A. developing and presenting a business case.

Answer 46

B. defining the risk that will be addressed.

Answer 47

C. presenting a financial analysis of benefits.

Answer 48

D. aligning the initiative with organizational objectives.

Answer 49

A. Choose a subset of influential people to promote the benefits of the security program.

Answer 50

B. Hold structured training in small groups on an annual basis.

Answer 51

C. Require each employee to complete a self-paced training module once per year.

Answer 52

D. Deliver training to all employees across the organization via streaming video.

Answer 53

A. providing access to systems.

Answer 54

B. approving access to systems.

Answer 55

C. establishing authorization and authentication.

Answer 56

D. handling identity management.

Answer 57

A. Direct reports to the chief information officer

Answer 58

B. IT management and key business process owners

Answer 59

C. Cross-section of end users and IT professionals

Answer 60

D. Internal audit and corporate legal departments

Answer 61

A. Number of open incidents

Answer 62

B. Reduction of the number of security incidents

Answer 63

C. Reduction of the average response time to an incident

Answer 64

D. Number of incidents handled per month

Answer 65

A. link security risk to organization business objectives.

Answer 66

B. explain the technical risk to the organization.

Answer 67

C. include industry best practices as they relate to information security.

Answer 68

D. detail successful attacks against a competitor.

Answer 69

A. Implementing wireless intrusion prevention systems

Answer 70

B. Not broadcasting the service set IDentifier (SSID)

Answer 71

C. Implementing wired equivalent privacy (WEP) authentication

Answer 72

D. Enforcing a virtual private network (VPN) over wireless

Answer 73

A. The internal audit department

Answer 74

B. System developers/analysts

Answer 75

C. Key business process owners

Answer 76

D. Corporate legal counsel

Answer 77

A. Type and nature of risk

Answer 78

B. Organizational culture

Answer 79

C. Overall business objectives

Answer 80

D. Lines of business

Answer 81

A. Standards and policies have only an indirect relationship.

Answer 82

B. Standards provide a detailed description of the meaning of a policy.

Answer 83

C. Standards provide direction on achieving compliance with policy intent.

Answer 84

D. Standards can exist without a relationship to any particular policy.

Answer 85

A. Exposure

Answer 86

C. Vulnerability

Answer 87

D. Likelihood

Answer 88

A. Updated call trees

Answer 89

B. Escalation criteria

Answer 90

C. Press release templates

Answer 91

D. Critical backup files inventory

Answer 92

A. includes appropriate justification.

Answer 93

B. explains the current risk profile.

Answer 94

C. details regulatory requirements.

Answer 95

D. identifies incidents and losses.

Answer 96

A. The KRI is accurate and reliable.

Answer 97

B. The KRI provides quantitative metrics.

Answer 98

C. The KRI indicates required action.

Answer 99

D. The KRI is predictive of a risk event.

Answer 100

A. Firewall blocking rules

Answer 101

B. Up-to-date signature files

Answer 102

C. Security awareness training

Answer 103

D. Intrusion detection monitoring

Answer 104

A. ability to resume normal operations.

Answer 105

B. maximum tolerable outage (MTO).

Answer 106

C. service delivery objective (SDO).

Answer 107

D. acceptable interruption window (AIW).

Answer 108

A. User passwords are not automatically expired

Answer 109

B. All network traffic goes through a single switch

Answer 110

C. User passwords are encoded but not encrypted

Answer 111

D. All users reside on a single internal subnet

Answer 112

A. A cost-benefit analysis has been completed.

Answer 113

B. Privacy requirements are met.

Answer 114

C. The service provider ensures a secure data transfer.

Answer 115

D. No significant security incident occurred at the service provider.

Answer 116

A. Regular review of risk treatment options

Answer 117

B. Classification of assets in order of criticality

Answer 118

C. Adoption of a maturity model

Answer 119

D. Integration of assurance functions

Answer 120

A. The security steering committee

Answer 121

B. The board of directors

Answer 122

C. IT managers

Answer 123

D. The information security manager

Answer 124

A. Survey business stakeholders

Answer 125

B. Track audits over time

Answer 126

C. Evaluate incident losses

Answer 127

D. Analyze business cases

Answer 128

A. Tree diagrams

Answer 129

B. Venn diagrams

Answer 130

C. Heat charts

Answer 131

D. Bar charts

Answer 132

A. To mitigate technical risks

Answer 133

B. To have an independent certification of network security

Answer 134

C. To receive an independent view of security exposures

Answer 135

D. To identify a complete list of vulnerabilities

Answer 136

A. ensuring inherent control strength.

Answer 137

B. ensuring strategic alignment.

Answer 138

C. utilizing effective life cycle management.

Answer 139

D. utilizing effective change management.

Answer 140

A. User security procedures

Answer 141

B. Business process flow

Answer 142

C. IT security standards

Answer 143

D. Regulatory requirements

Answer 144

A. verify the decision with the business units.

Answer 145

B. check the system's risk analysis.

Answer 146

C. recommend update after postimplementation review.

Answer 147

D. request an audit review.

Answer 148

A. technology constraints.

Answer 149

B. regulatory requirements.

Answer 150

C. litigation potential.

Answer 151

D. business strategy.

Answer 152

A. identify business risk that affects the organization.

Answer 153

B. establish the need for creating the program.

Answer 154

C. assign responsibility for the program.

Answer 155

D. assess adequacy of existing controls.

Answer 156

A. a statement regarding what the company will do with the information it collects.

Answer 157

B. a disclaimer regarding the accuracy of information on its web site.

Answer 158

C. technical information regarding how information is protected.

Answer 159

D. a statement regarding where the information is being hosted.

Answer 160

A. Impact and threat

Answer 161

B. Likelihood and consequence

Answer 162

C. Threat and exposure

Answer 163

D. Sensitivity and exposure

Answer 164

A. Enhanced policy compliance

Answer 165

B. Improved procedure flows

Answer 166

C. Segregation of duties

Answer 167

D. Better accountability

Answer 168

A. Ensure that a clear organizational incident definition and severity hierarchy exists.

Answer 169

B. Initiate a companywide incident identification training and awareness program.

Answer 170

C. Escalate the issue to the security steering committee for appropriate action.

Answer 171

D. Involve human resources (HR) in implementing a reporting enforcement program.

Answer 172

A. The firewall allows source routing.

Answer 173

B. The firewall allows broadcast propagation.

Answer 174

C. The firewall allows unregistered ports.

Answer 175

D. The firewall allows nonstandard protocols.

Answer 176

A. To help ensure the parties to the agreement can perform

Answer 177

B. To help ensure confidential data are not included in the agreement

Answer 178

C. To help ensure appropriate controls are included

Answer 179

D. To help ensure the right to audit is a requirement

Answer 180

A. Containment

Answer 181

B. Detection

Answer 182

C. Reaction

Answer 183

D. Recovery

Answer 184

A. Review of internal control mechanisms

Answer 185

B. Effective involvement in business decision making

Answer 186

C. Total elimination of risk factors

Answer 187

D. Ensuring trust in data

Answer 188

A. Assess the type and severity of the attack.

Answer 189

B. Determine whether it is an actual incident.

Answer 190

C. Contain the damage to minimize the risk.

Answer 191

D. Minimize the disruption of computer resources.

Answer 192

A. Network switch

Answer 193

B. Web server

Answer 194

C. Database server

Answer 195

D. File/print server

Answer 196

A. Information classification

Answer 197

B. Segregation of duties

Answer 198

C. Least privilege

Answer 199

D. Systems monitoring

Answer 200

A. External vulnerability reporting sources

Answer 201

B. Periodic vulnerability assessments performed by consultants

Answer 202

C. Intrusion prevention software

Answer 203

D. Honeypots located in the DMZ

Answer 204

A. Realistic budget estimates

Answer 205

B. Security awareness

Answer 206

C. Support of senior management

Answer 207

D. Recalculation of the work factor

Answer 208

A. changes comply with security policy.

Answer 209

B. risk from proposed changes is managed.

Answer 210

C. rollback to a current status has been considered.

Answer 211

D. changes are initiated by business managers.

Answer 212

A. prevent the occurrence of incidents.

Answer 213

B. ensure business continuity.

Answer 214

C. train users on resolution of incidents.

Answer 215

D. promote business resiliency.

Answer 216

A. The security administrator who implemented the controls

Answer 217

B. The organization's chief information security officer (CISO)

Answer 218

C. The organization's senior management

Answer 219

D. The information systems (IS) auditor who recommended the controls

Answer 220

A. The extent to which controls are procedural

Answer 221

B. The extent to which controls are subject to the same threat

Answer 222

C. The total cost of ownership for existing controls

Answer 223

D. The extent to which controls fail in a closed condition

Answer 224

A. Obtaining evidence as soon as possible

Answer 225

B. Preserving the integrity of the evidence

Answer 226

C. Disconnecting all IT equipment involved

Answer 227

D. Reconstructing the sequence of events

Answer 228

A. change the root password of the system.

Answer 229

B. implement multifactor authentication.

Answer 230

C. rebuild the system from the original installation medium.

Answer 231

D. disconnect the mail server from the network.

Answer 232

A. Create an image of the hard drive.

Answer 233

B. Encrypt the data on the hard drive.

Answer 234

C. Examine the original hard drive.

Answer 235

D. Create a logical copy of the hard drive.

Answer 236

A. Security compliant servers trend report

Answer 237

B. Percentage of security compliant servers

Answer 238

C. Number of security patches applied

Answer 239

D. Security patches applied trend report

Answer 240

A. Complete policies and standards

Answer 241

B. An appropriate governance framework

Answer 242

C. Current state and objectives

Answer 243

D. Management intent and direction

Answer 244

A. Performing a low-level format

Answer 245

B. Rewriting with zeros

Answer 246

C. Burning them

Answer 247

D. Degaussing them

Answer 248

A. Justification of the security budget must be continually made.

Answer 249

B. New vulnerabilities are discovered every day.

Answer 250

C. The risk environment is constantly changing.

Answer 251

D. Management needs to be continually informed about emerging risks.

Answer 252

A. it simulates the real-life situation of an external security attack.

Answer 253

B. human intervention is not required for this type of test.

Answer 254

C. less time is spent on reconnaissance and information gathering.

Answer 255

D. critical infrastructure information is not revealed to the tester.

Answer 256

A. The proportion of identified risk that has been remediated

Answer 257

B. The ratio of business insurance coverage to its cost

Answer 258

C. The percentage of the IT budget allocated to security

Answer 259

D. The percentage of assets that has been classified

Answer 260

A. Cross site request forgery

Answer 261

B. Structured Query Language (SQL) injection

Answer 262

C. Metasploit

Answer 263

D. Cross site scripting

Answer 264

A. It is easier to promote security awareness.

Answer 265

B. It is easier to manage and control.

Answer 266

C. It is more responsive to business unit needs.

Answer 267

D. It provides a faster turnaround for security requests.

Answer 268

A. Verify the date that signature files were last pushed out

Answer 269

B. Use a recently identified benign virus to test if it is quarantined

Answer 270

C. Research the most recent signature file and compare to the console

Answer 271

D. Check a sample of servers that the signature files are current

Answer 272

A. Enforce the existing security standard

Answer 273

B. Change the standard to permit the deployment

Answer 274

C. Perform a risk analysis to quantify the risk

Answer 275

D. Perform research to propose use of a better technology

Answer 276

A. treated as a distinct process.

Answer 277

B. conducted by the IT department.

Answer 278

C. integrated within business processes.

Answer 279

D. communicated to all employees.

Answer 280

A. Security metrics

Answer 281

B. Network topology

Answer 282

C. Security architecture

Answer 283

D. Process improvement models

Answer 284

A. Role-based access control systems

Answer 285

B. Automated access provisioning

Answer 286

C. Security awareness training

Answer 287

D. Intrusion prevention systems (IPSs)

Answer 288

A. recovery point objective (RPO).

Answer 289

B. recovery time objective (RTO).

Answer 290

C. service delivery objective (SDO).

Answer 291

D. maximum tolerable outage (MTO).

Answer 292

A. Unplugging the systems

Answer 293

B. Chain of custody

Answer 294

C. Separation of duties

Answer 295

D. Clock synchronization

Answer 296

A. application hardening.

Answer 297

B. spam filters.

Answer 298

C. an intrusion detection system (IDS).

Answer 299

D. end user awareness.

Answer 300

A. Briefing team members on the nature of new threats to IS security

Answer 301

B. Periodic testing and updates to incorporate lessons learned

Answer 302

C. Ensuring that all members have a good understanding of IS technology

Answer 303

D. A nonhierarchical structure to ensure that team members can share ideas

Answer 304

A. Research best practices

Answer 305

B. Meet with stakeholders

Answer 306

C. Establish change control procedures

Answer 307

D. Identify critical systems

Answer 308

A. Shorten the password validity period.

Answer 309

B. Encourage the use of special characters.

Answer 310

C. Strengthen segregation of duties (SoD).

Answer 311

D. Introduce compensatory controls.

Answer 312

A. consider possible impact of a security breach.

Answer 313

B. classify personal information in electronic form.

Answer 314

C. be performed by the information security manager.

Answer 315

D. classify systems according to the data processed.

Answer 316

A. Signed contracts

Answer 317

B. Severe penalties

Answer 318

C. Assigned accountability

Answer 319

D. Clear policies

Answer 320

A. Management discretion

Answer 321

B. Regulatory requirements

Answer 322

C. Inherent risk

Answer 323

D. Internal audit findings

Answer 324

A. Industry best practices

Answer 325

B. Business goals and objectives

Answer 326

C. Information technology (IT) plans

Answer 327

D. International information security frameworks

Answer 328

A. Allows the organization to eliminate risk

Answer 329

B. Is a necessary part of management's due diligence

Answer 330

C. Satisfies audit and regulatory requirements

Answer 331

D. Assists in increasing the return on investment (ROI)

Answer 332

A. Asset classification

Answer 333

B. Risk assessment

Answer 334

C. Security architecture

Answer 335

D. Configuration management

Answer 336

A. original cost.

Answer 337

B. net cash flow.

Answer 338

C. net present value.

Answer 339

D. replacement cost.

Answer 340

A. On the web server

Answer 341

B. On the intrusion detection system (IDS) server

Answer 342

C. On the screened subnet

Answer 343

D. On the domain boundary

Answer 344

A. baseline.

Answer 345

B. strategy.

Answer 346

C. procedure.

Answer 347

D. policy.

Answer 348

A. The number of incidents and the subsequent mitigation activities

Answer 349

B. The number, type and layering of deterrent control technologies

Answer 350

C. The extent of risk management requirements in policies and standards

Answer 351

D. The ratio of cost to insurance coverage for business interruption protection

Answer 352

A. A project database

Answer 353

B. A project portfolio database

Answer 354

C. Policy documents

Answer 355

D. A program management office

Answer 356

A. Ensuring that risk is identified and mitigated

Answer 357

B. Ensuring that information security strategy is aligned with organizational goals

Answer 358

C. Maximizing the return on information security investments

Answer 359

D. Ensuring the efficient utilization of information security resources

Answer 360

A. The regulations are ambiguous and difficult to interpret.

Answer 361

B. Management has a low level of risk tolerance.

Answer 362

C. The cost of compliance exceeds the cost of possible sanctions.

Answer 363

D. The regulations are inconsistent with the organizational strategy.

Answer 364

A. To justify program development costs

Answer 365

B. To integrate development activities

Answer 366

C. To gain management support for an information security program

Answer 367

D. To comply with international standards

Answer 368

A. There are sufficient safeguards in place to prevent this risk from happening.

Answer 369

B. The needed countermeasures are too complicated to deploy.

Answer 370

C. The cost of countermeasures outweighs the value of the asset and potential loss.

Answer 371

D. the likelihood of the risk occurring is unknown.

Answer 372

A. Number of controls implemented

Answer 373

B. Percent of control objectives accomplished

Answer 374

C. Percent of compliance with the security policy

Answer 375

D. Reduction in the number of reported security incidents

Answer 376

A. vulnerability assessments.

Answer 377

B. value analysis.

Answer 378

C. business climate.

Answer 379

D. audit recommendations.

Answer 380

A. a data leak prevention program.

Answer 381

B. user awareness training.

Answer 382

C. an information classification process.

Answer 383

D. a network intrusion detection system (IDS).

Answer 384

A. A tested business continuity/disaster recovery plan (BCP/DRP)

Answer 385

B. An increase in timely reporting of incidents by employees

Answer 386

C. Extent of risk management education

Answer 387

D. Regular review of risks by senior management

Answer 388

A. Information owner

Answer 389

B. Security manager

Answer 390

C. Chief information officer (CIO)

Answer 391

D. System administrator

Answer 392

A. Copies of critical contracts and service level agreements (SLAs)

Answer 393

B. Copies of the business continuity plan

Answer 394

C. Key software escrow agreements for the purchased systems

Answer 395

D. List of emergency numbers of service providers

Answer 396

A. To ensure that changes are authorized

Answer 397

B. To ensure that changes are applied

Answer 398

C. To ensure that changes are documented

Answer 399

D. To ensure that changes are tested

Answer 400

A. content filtering.

Answer 401

B. data classification.

Answer 402

C. information security awareness.

Answer 403

D. encryption for all attachments.

Answer 404

A. They all use weak encryption.

Answer 405

B. They are decrypted by the firewall.

Answer 406

C. They may be quarantined by mail filters.

Answer 407

D. They may be corrupted by the receiving mail server.

Answer 408

A. hardening of web servers.

Answer 409

B. consolidating multiple sites into a single portal.

Answer 410

C. coding standards and reviewing code.

Answer 411

D. using https in place of http.

Answer 412

A. Functional requirements are not adequately considered.

Answer 413

B. User training programs may be inadequate.

Answer 414

C. Budgets allocated to business units are not appropriate.

Answer 415

D. Information security plans are not aligned with business requirements.

Answer 416

A. Risk assessment

Answer 417

B. Risk treatment

Answer 418

C. Risk evaluation

Answer 419

D. Risk monitoring

Answer 420

A. ensure adequate corrective actions were implemented.

Answer 421

B. demonstrate management commitment to the information security process.

Answer 422

C. evaluate the incident response process for deficiencies.

Answer 423

D. evaluate the ability of the security team.

Answer 424

A. The market value minus the book value

Answer 425

B. The book value minus the market value

Answer 426

C. Adding the totals of the asset classification

Answer 427

D. A business impact assessment and analysis

Answer 428

A. Operations and marketing

Answer 429

B. IT, finance and legal

Answer 430

C. Audit, risk and regulations

Answer 431

D. Information security and risk

Answer 432

A. state expectations of IT management.

Answer 433

B. state only one general security mandate.

Answer 434

C. are aligned with organizational goals.

Answer 435

D. govern the creation of procedures and guidelines.

Answer 436

A. Evaluation of third parties requesting connectivity

Answer 437

B. Assessment of the adequacy of disaster recovery plans

Answer 438

C. Final approval of information security policies

Answer 439

D. Monitoring adherence to physical security controls

Answer 440

A. Visibility and duration

Answer 441

B. Likelihood and impact

Answer 442

C. Probability and frequency

Answer 443

D. Financial impact and duration

Answer 444

A. all organizational activities.

Answer 445

B. those elements identified by a risk assessment.

Answer 446

C. any area that exceeds acceptable risk levels.

Answer 447

D. only those areas that have potential impact.

Answer 448

A. Creation date

Answer 449

B. Author name

Answer 450

C. Initial draft approval date

Answer 451

D. Last review date

Answer 452

A. the method that minimizes risk to the greatest extent.

Answer 453

B. based on the organization's risk tolerance.

Answer 454

C. an efficient approach to achieve control objectives.

Answer 455

D. the method that maximizes risk mitigation.

Answer 456

A. Distributing industry statistics about security incidents

Answer 457

B. Monitoring the magnitude of incidents

Answer 458

C. Encouraging employees to behave in a more conscious manner

Answer 459

D. Continually reinforcing the security policy

Answer 460

A. reviewing new laws and regulations.

Answer 461

B. updating operational procedures.

Answer 462

C. validating staff qualifications.

Answer 463

D. conducting a risk assessment.

Answer 464

A. To create the information security policy

Answer 465

B. To maximize system uptime

Answer 466

C. To develop strong controls

Answer 467

D. To implement the strategy

Answer 468

A. Business impact analyses

Answer 469

B. Security gap analyses

Answer 470

C. System performance metrics

Answer 471

D. Incident response processes

Answer 472

A. Regular review of access control lists

Answer 473

B. Security guard escort of visitors

Answer 474

C. Visitor registry log at the door

Answer 475

D. A biometric coupled with a PIN

Answer 476

A. Enable access through a separate device that requires adequate authentication

Answer 477

B. Implement manual procedures that require password change after each use

Answer 478

C. Request the vendor to add multiple user IDs

Answer 479

D. Analyze the logs to detect unauthorized access

Answer 480

A. Residual risk

Answer 481

B. Separation of duties

Answer 482

C. Potential impact

Answer 483

D. Need to know

Answer 484

A. Services delivery objective

Answer 485

B. Recovery time objective (RTO)

Answer 486

C. Recovery window

Answer 487

D. Maximum tolerable outage (MTO)

Answer 488

B. Implementation

Answer 489

C. Application security testing

Answer 490

D. Feasibility

Answer 491

A. Stolen customer data

Answer 492

B. An electrical power outage

Answer 493

C. A defaced web site

Answer 494

D. Loss of the software development team

Answer 495

A. To reduce governance costs

Answer 496

B. To improve risk management

Answer 497

C. To harmonize security activities

Answer 498

D. To meet or maintain regulatory compliance

Answer 499

A. Ensure all servers are up-to-date on OS patches

Answer 500

B. Employ packet filtering to drop suspect packets

Answer 501

C. Implement network address translation to make internal addresses nonroutable

Answer 502

D. Implement load balancing for Internet facing devices

Answer 503

A. The maximum tolerable outage (MTO) exceeded the acceptable interruption window (AIW).

Answer 504

B. The recovery plans specified outdated operating system (OS) versions.

Answer 505

C. Some restored systems exceeded service delivery objectives (SDO).

Answer 506

D. Aggregate recovery activities exceeded the acceptable interruption window (AIW).

Answer 507

A. guidelines.

Answer 508

B. standards.

Answer 509

C. policies.

Answer 510

D. procedures.

Answer 511

A. Business continuity coordinator

Answer 512

B. Chief operations officer (COO)

Answer 513

C. Information security manager

Answer 514

D. Internal audit

Answer 515

A. Card key door locks

Answer 516

B. Photo identification

Answer 517

C. Awareness training

Answer 518

D. Biometric scanners

Answer 519

A. Transaction turnaround time

Answer 520

B. Mean time between failures (MTBF)

Answer 521

C. Service delivery objectives (SDOs)

Answer 522

D. The duration of the data restoration job

Answer 523

A. Signature-based detection

Answer 524

B. Deep packet inspection

Answer 525

C. Virus detection

Answer 526

D. Anomaly-based detection

Answer 527

A. create more overhead than signature-based IDSs.

Answer 528

B. cause false positives from minor changes to system variables.

Answer 529

C. generate false alarms from varying user or system actions.

Answer 530

D. cannot detect new types of attacks.

Answer 531

A. Static IP addressing

Answer 532

B. Network address translation

Answer 533

C. Background checks for temporary employees

Answer 534

D. Securing and analyzing system access logs

Answer 535

A. revise the information security program.

Answer 536

B. evaluate a balanced business scorecard.

Answer 537

C. conduct regular user awareness sessions.

Answer 538

D. perform penetration tests.

Answer 539

A. Database administrator (DBA)

Answer 540

B. Finance department management

Answer 541

C. Information security manager

Answer 542

D. IT department management

Answer 543

A. always the best option for an enterprise.

Answer 544

B. often in conflict with effective problem management.

Answer 545

C. the basis for enterprise risk management (ERM) activities.

Answer 546

D. a component of forensics training.

Answer 547

A. Criticality and sensitivity

Answer 548

B. Likelihood and impact

Answer 549

C. Valuation and replacement cost

Answer 550

D. Threat vector and exposure

Answer 551

A. Controls design and deployment

Answer 552

B. Security organization development

Answer 553

C. Logical and conceptual architecture design

Answer 554

D. Development of risk management objectives

Answer 555

A. Operation of a robust incident management process

Answer 556

B. Identification of areas of responsibility

Answer 557

C. Involvement of law enforcement

Answer 558

D. Expertise of resources

Answer 559

A. Give organization standards preference over local regulations

Answer 560

B. Follow local regulations only

Answer 561

C. Make the organization aware of those standards where local regulations cause conflicts

Answer 562

D. Negotiate a local version of the organization standards

Answer 563

A. Business continuity coordinator

Answer 564

B. Information security manager

Answer 565

C. Business process owners

Answer 566

D. IT management

Answer 567

A. organization's risk appetite.

Answer 568

B. external threat landscape.

Answer 569

C. effectiveness of mitigation options.

Answer 570

D. vulnerability assessment.

Answer 571

B. Proportionality

Answer 572

C. Integration

Answer 573

D. Accountability

Answer 574

A. Policies

Answer 575

B. Procedures

Answer 576

C. Technical guides

Answer 577

D. Baselines

Answer 578

A. Procedures

Answer 579

B. Guidelines

Answer 580

C. Baselines

Answer 581

D. Policies

Answer 582

A. Periodically survey management

Answer 583

B. Implement a governance framework

Answer 584

C. Ensure that controls meet objectives

Answer 585

D. Develop an enterprise architecture

Answer 586

A. Inform management.

Answer 587

B. Notify users.

Answer 588

C. Isolate the server.

Answer 589

D. Verify the information.

Answer 590

A. maximize the cost-effectiveness of controls.

Answer 591

B. demonstrate that information security understands the requirements.

Answer 592

C. provide operational consistency.

Answer 593

D. minimize the number of regulations required.

Answer 594

A. Firewalls

Answer 595

B. Bastion hosts

Answer 596

C. Decoy files

Answer 597

D. Screened subnets

Answer 598

A. generally accepted industry best practices.

Answer 599

B. business requirements.

Answer 600

C. legislative and regulatory requirements.

Answer 601

D. storage availability.

Answer 602

A. service level monitoring.

Answer 603

B. penetration testing.

Answer 604

C. periodically auditing.

Answer 605

D. security awareness training.

Answer 606

B. Firewall

Answer 607

C. Mail relay

Answer 608

D. Authentication server

Answer 609

A. Biometrics coupled with strong encryption

Answer 610

B. Challenge response authentication and a secure hash

Answer 611

C. Link encryption and hardware tokens

Answer 612

D. A public key infrastructure (PKI)

Answer 613

A. A tested plan and a team to provide oversight

Answer 614

B. An individual to serve as the liaison between the parties

Answer 615

C. Clear notification and reporting channels

Answer 616

D. A periodic audit of the provider's capabilities

Answer 617

A. To improve the integration of business and information security processes

Answer 618

B. To increase information security budgets and staffing levels

Answer 619

C. To develop tighter controls and stronger compliance efforts

Answer 620

D. To acquire better supplemental technical security controls

Answer 621

A. Access control policy

Answer 622

B. Data classification policy

Answer 623

C. Encryption standards

Answer 624

D. Acceptable use policy

Answer 625

A. Setting up a backup site

Answer 626

B. Maintaining redundant systems

Answer 627

C. Aligning with recovery time objectives (RTOs)

Answer 628

D. Data backup frequency

Answer 629

A. Run a forensics tool on the machine to gather evidence

Answer 630

B. Reboot the machine to break remote connections

Answer 631

C. Make a copy of the whole system's memory

Answer 632

D. Document current connections and open Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports

Answer 633

A. Management acceptance and support

Answer 634

B. Information security policies and standards

Answer 635

C. A management committee to provide oversight for the program

Answer 636

D. The context and purpose of the program

Answer 637

A. minimize the magnitude of impact.

Answer 638

B. align the security program with IT goals.

Answer 639

C. identify critical information assets.

Answer 640

D. reduce the number of policy exceptions.

Answer 641

A. Determine whether the control is preventive, detective or corrective.

Answer 642

B. Review the control's capability of providing notification of failure.

Answer 643

C. Confirm the control's ability to meet intended objectives.

Answer 644

D. Assess and quantify the control's reliability.

Answer 645

A. Invalid logon attempts

Answer 646

B. Write access violations

Answer 647

C. Concurrent logons

Answer 648

D. Firewall logs

Answer 649

A. To ensure the confidentiality of sensitive material

Answer 650

B. To provide a high assurance of identity

Answer 651

C. To allow deployment of the active directory

Answer 652

D. To implement secure sockets layer (SSL) encryption

Answer 653

A. A summary of the security logs that illustrates the sequence of events

Answer 654

B. An analysis of the impact of similar attacks at other organizations

Answer 655

C. A business case for implementing stronger logical access controls

Answer 656

D. The impact of the incident and corrective actions taken

Answer 657

A. Implement a security committee.

Answer 658

B. Perform a gap analysis.

Answer 659

C. Implement compensating controls.

Answer 660

D. Demand immediate compliance.

Answer 661

A. periodically testing the incident response plans.

Answer 662

B. regularly testing the intrusion detection system (IDS).

Answer 663

C. establishing mandatory training of all personnel.

Answer 664

D. periodically reviewing incident response procedures.

Answer 665

A. legal department.

Answer 666

B. compliance officer.

Answer 667

C. information security manager.

Answer 668

D. business owner.

Answer 669

A. Evaluating a business impact analysis (BIA)

Answer 670

B. Developing a balanced business scorecard

Answer 671

C. Demonstrating the relationship between controls

Answer 672

D. Measuring current state vs. desired future state

Answer 673

A. Increased uncertainty

Answer 674

B. Single points of failure

Answer 675

C. Cascading risk

Answer 676

D. Aggregated risk

Answer 677

A. impact analysis.

Answer 678

B. security review.

Answer 679

C. vulnerability assessment.

Answer 680

D. threat analysis.

Answer 681

A. Performing reviews of password resets

Answer 682

B. Conducting security awareness programs

Answer 683

C. Increasing the frequency of password changes

Answer 684

D. Implementing automatic password syntax checking

Answer 685

A. improving integration of business and information security processes.

Answer 686

B. increasing information security budgets and staffing levels.

Answer 687

C. developing tighter controls and stronger compliance efforts.

Answer 688

D. acquiring better supplemental technical security controls.

Answer 689

A. communication of information security requirements to all users in the organization.

Answer 690

B. formulation of policies and procedures for information security.

Answer 691

C. alignment with organizational goals and objectives.

Answer 692

D. monitoring compliance with information security policies and procedures.

Answer 693

A. Only business data files from offsite storage are used

Answer 694

B. IT staff fully recovers the processing infrastructure

Answer 695

C. Critical business processes are duplicated

Answer 696

D. All systems are restored within recovery time objectives (RTOs)

Answer 697

A. The extent to which the control provides defense in depth

Answer 698

B. Whether the control fails open or closed

Answer 699

C. How often the control has failed

Answer 700

D. The extent to which control objectives are achieved

Answer 701

A. limiting organizational exposure.

Answer 702

B. a risk assessment and analysis.

Answer 703

C. strong service level agreements (SLAs).

Answer 704

D. independent audits of third parties.

Answer 705

A. To achieve acceptable compliance with the security policy

Answer 706

B. To build a common understanding of information security

Answer 707

C. To change culture to be more conducive to good security

Answer 708

D. To establish communication between management and staff

Answer 709

A. It lowers costs of assessing risk.

Answer 710

B. It provides evidence of attestation.

Answer 711

C. It is a necessary part of third-party audits.

Answer 712

D. It provides trends in the evolving risk profile.

Answer 713

A. Audits of the business process changes

Answer 714

B. Maintenance of the latest configurations

Answer 715

C. Regular testing of the disaster recovery plan (DRP)

Answer 716

D. Maintenance of the personnel contact list

Answer 717

A. Encrypted hard drives

Answer 718

B. Generic audit software

Answer 719

C. Proven forensic processes

Answer 720

D. Log correlation software

Answer 721

A. meet with stakeholders to decide how to comply.

Answer 722

B. analyze key risks in the compliance process.

Answer 723

C. assess whether existing controls meet the regulation.

Answer 724

D. update the existing security/privacy policy.

Answer 725

A. Reviewing and modifying procedures

Answer 726

B. Modifying policies to address changing technologies

Answer 727

C. Writing additional policies to address new regulations

Answer 728

D. Drafting standards to address regional differences

Answer 729

A. A full interruption test

Answer 730

B. A simulation test

Answer 731

C. A parallel test

Answer 732

D. A structured walk-through

Answer 733

A. support organizational objectives.

Answer 734

B. determine likely areas of noncompliance.

Answer 735

C. assess the possible impacts of compromise.

Answer 736

D. understand the threats to the business.

Answer 737

A. Acceptance of the business manager's decision on the risk to the corporation

Answer 738

B. Acceptance of the information security manager's decision on the risk to the corporation

Answer 739

C. Review of the assessment with executive management for final input

Answer 740

D. A new risk assessment and BIA are needed to resolve the disagreement

Answer 741

A. The tape was removed into the custody of law enforcement investigators.

Answer 742

B. The tape was kept in the tape library pending further analysis.

Answer 743

C. The tape was sealed in a signed envelope and locked in a safe under dual control.

Answer 744

D. The tape was handed over to authorized independent investigators.

Answer 745

A. Defining the objectives

Answer 746

B. Calculating the cost

Answer 747

C. Defining the need

Answer 748

D. Analyzing the cost-effectiveness

Answer 749

A. assess the likelihood of incidents from the reported cause.

Answer 750

B. discontinue the use of the vulnerable technology.

Answer 751

C. report to senior management that the organization is not affected.

Answer 752

D. remind staff that no similar security breaches have taken place.

Answer 753

A. storage capacity and shelf life.

Answer 754

B. regulatory and legal requirements.

Answer 755

C. business strategy and direction.

Answer 756

D. application systems and media.

Answer 757

A. clear policies detailing incident severity levels.

Answer 758

B. broadly dispersed intrusion detection capabilities.

Answer 759

C. training employees to recognize security incidents.

Answer 760

D. effective communication and reporting processes.

Answer 761

A. Systems operation guidelines are not enforced

Answer 762

B. Change management procedures are poor

Answer 763

C. Systems development is outsourced

Answer 764

D. Systems capacity management is not performed

Answer 765

A. calculating the risk.

Answer 766

B. enforcing the security standard.

Answer 767

C. redesigning the system change.

Answer 768

D. implementing mitigating controls.

Answer 769

A. Excluding qualitative risks for accuracy in calculated figures

Answer 770

B. Establishing processes to ensure cost reductions

Answer 771

C. Measuring monetary values in a consistent manner

Answer 772

D. Treating security investment as a profit center

Answer 773

A. Adopting an established framework

Answer 774

B. Using modular design for easier maintenance

Answer 775

C. Using prevailing industry standards

Answer 776

D. Gathering stakeholder requirements

Answer 777

A. To combine homogenous elements to reduce overall risk

Answer 778

B. To influence the organization's risk acceptance methodologies

Answer 779

C. To group individual acceptable risk events for simplified risk reporting

Answer 780

D. To identify significant overall risk from a single threat vector

Answer 781

A. mitigate the impact by purchasing insurance.

Answer 782

B. implement a circuit-level firewall to protect the network.

Answer 783

C. increase the resiliency of security measures in place.

Answer 784

D. implement a real-time intrusion detection system.

Answer 785

A. Copy sample files as evidence.

Answer 786

B. Remove access privileges to the folder containing the data.

Answer 787

C. Report this situation to the data owner.

Answer 788

D. Train the HR team on properly controlling file permissions.

Answer 789

A. Contractor payroll

Answer 790

B. Change management

Answer 791

C. E-commerce web site

Answer 792

D. Fixed asset system

Answer 793

A. determine inclusion of the information resource in the information security program.

Answer 794

B. define the appropriate level of access controls.

Answer 795

C. justify the costs of each information resource.

Answer 796

D. determine the overall budget of the information security program.

	Created by Eduardo Castella7911 about 8 years ago

Next up

CISM 2014 Questions - 1

Description

Resource summary

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 26

Question 27

Question 28

Question 29

Question 30

Question 31

Question 32

Question 33

Question 34

Question 35

Question 36

Question 37

Question 38

Question 39

Question 40

Question 41

Question 42

Question 43

Question 44

Question 45

Question 46

Question 47

Question 48

Question 49

Question 50

Question 51

Question 52

Question 53

Question 54

Question 55

Question 56

Question 57

Question 58

Question 59

Question 60

Question 61

Question 62

Question 63

Question 64

Question 65

Question 66

Question 67

Question 68

Question 69

Question 70

Question 71

Question 72

Question 73

Question 74

Question 75

Question 76