Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Isaca CISM - Certified Information Security Manager

Page: 15 / 15
Total 954 questions

Which of the following is MOST important to ensure the alignment of an information security program with the organizational strategy?

A.

Benchmarking against industry peers

B.

Adoption of an industry recognized framework

C.

Approval from senior management

D.

Identification of business-specific risk factors

Which of the following provides the MOST useful information for identifying security control gaps on an application server?

A.

Risk assessments

B.

Threat models

C.

Penetration testing

D.

Internal audit reports

To prepare for a third-party forensics investigation following an incident involving malware, the incident response team should:

A.

isolate the infected systems.

B.

preserve the evidence.

C.

image the infected systems.

D.

clean the malware.

Which of the following is the PRIMARY advantage of an organization using Disaster Recovery as a Service (DRaaS) to help manage its disaster recovery program?

A.

It offers the organization flexible deployment options using cloud infrastructure.

B.

It allows the organization to prioritize its core operations.

C.

It is more secure than traditional data backup architecture.

D.

It allows the use of a professional response team at a lower cost.

Which of the following is the BEST way to contain an SQL injection attack that has been detected by a web application firewall?

A.

Force password changes on the SQL database.

B.

Reconfigure the web application firewall to block the attack.

C.

Update the detection patterns on the web application firewall.

D.

Block the IPs from where the attack originates.

Which of the following roles is BEST able to influence the security culture within an organization?

A.

Chief information security officer (CISO)

B.

Chief information officer (CIO)

C.

Chief executive officer (CEO)

D.

Chief operating officer (COO)