CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISM—Certified Information Security Manager - Part 216
1. Which of the following is the MOST important component of information security governance?
A) Approved Information security strategy
B) Documented information security policies
C) Comprehensive information security awareness program
D) Appropriate information security metrics
2. A penetration test was conducted by an accredited third party. Which of the following should be the information security manager's FIRST course of action?
A) Ensure vulnerabilities found are resolved within acceptable timeframes.
B) Request funding needed to resolve the top vulnerabilities.
C) Report findings to senior management.
D) Ensure a risk assessment is performed to evaluate the findings.
3. Which of the following is the MOST important consideration when establishing an information security governance framework?
A) Security steering committee meetings are held at least monthly.
B) Members of the security steering committee are trained in information security.
C) Business unit management acceptance is obtained.
D) Executive management support is obtained.
4. Which of the following is the MOST effective approach for delivering security incident response training?
A) Perform role-playing exercises to simulate real-world incident response scenarios.
B) Engage external consultants to present real-world examples within the industry.
C) Include incident response training within new staff orientation.
D) Provide on-the-job training and mentoring for the incident response team.
5. Which of the following is MOST important to the successful development of an information security strategy?
A) A well-implemented governance framework
B) Current state and desired objectives
C) An implemented development life cycle process
D) Approved policies and standards
A) Approved Information security strategy
B) Documented information security policies
C) Comprehensive information security awareness program
D) Appropriate information security metrics
2. A penetration test was conducted by an accredited third party. Which of the following should be the information security manager's FIRST course of action?
A) Ensure vulnerabilities found are resolved within acceptable timeframes.
B) Request funding needed to resolve the top vulnerabilities.
C) Report findings to senior management.
D) Ensure a risk assessment is performed to evaluate the findings.
3. Which of the following is the MOST important consideration when establishing an information security governance framework?
A) Security steering committee meetings are held at least monthly.
B) Members of the security steering committee are trained in information security.
C) Business unit management acceptance is obtained.
D) Executive management support is obtained.
4. Which of the following is the MOST effective approach for delivering security incident response training?
A) Perform role-playing exercises to simulate real-world incident response scenarios.
B) Engage external consultants to present real-world examples within the industry.
C) Include incident response training within new staff orientation.
D) Provide on-the-job training and mentoring for the incident response team.
5. Which of the following is MOST important to the successful development of an information security strategy?
A) A well-implemented governance framework
B) Current state and desired objectives
C) An implemented development life cycle process
D) Approved policies and standards
1. Right Answer: D
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: A
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment