[Dec-2021] ISACA CISM Actual Questions and Braindumps
Pass CISM Exam with Updated CISM Exam Dumps PDF 2021
NEW QUESTION 377
An organization is planning to create a website that will collect site-visitor details from around the world and use them as marketing lists for operations in several countries. Which of the following should be of MOST concern to the information security manager?
- A. Legislation regarding marketing in foreign countries
- B. Privacy laws in each of the countries using the details for marketing
- C. Wording of the website's policy statement on how the details will be used
- D. Using cryptography for transborder data flow
Answer: B
NEW QUESTION 378
It is important to develop an information security baseline because it helps to define:
- A. the minimum acceptable security to be implemented.
- B. required physical and logical access controls.
- C. critical information resources needing protection.
- D. a security policy for the entire organization.
Answer: A
Explanation:
Explanation
Developing an information security baseline helps to define the minimum acceptable security that will be implemented to protect the information resources in accordance with the respective criticality levels. Before determining the security baseline, an information security manager must establish the security policy, identify criticality levels of organization's information resources and assess the risk environment in which those resources operate.
NEW QUESTION 379
Which of the following represents a PRIMARY area of interest when conducting a penetration test?
- A. Intrusion Detection System (IDS)
- B. Customer data
- C. Network mapping
- D. Data mining
Answer: C
Explanation:
Network mapping is the process of determining the topology of the network one wishes to penetrate. This is one of the first steps toward determining points of attack in a network. Data mining is associated with ad hoc reporting and. together with customer data, they are potential targets after the network is penetrated. The intrusion detection mechanism in place is not an area of focus because one of the objectives is to determine how effectively it protects the network or how easy it is to circumvent.
NEW QUESTION 380
Which of the following is the PRIMARY role of a data custodian?
- A. Processing information
- B. Classifying information
- C. Securing information
- D. Validating information
Answer: C
NEW QUESTION 381
Which of the following is the MOST effective way to detect security incidents?
- A. Analyze penetration test results.
- B. Analyze security anomalies.
- C. Analyze recent security risk assessments.
- D. Analyze vulnerability assessments.
Answer: A
NEW QUESTION 382
Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a publicly facing .....
- A. Unauthorized access to resources
- B. Defacement of website content
- C. Prevention of authorized access
- D. Execution of unauthorized commands
Answer: B
NEW QUESTION 383
Which of the following is the MOST important consideration when securing customer credit card data acquired by a point-of-sale (POS) cash register?
- A. Hardening
- B. Authentication
- C. Nonrepudiation
- D. Encryption
Answer: D
Explanation:
Explanation/Reference:
Explanation:
Cardholder data should be encrypted using strong encryption techniques. Hardening would be secondary in importance, while nonrepudiation would not be as relevant. Authentication of the point-of-sale (POS) terminal is a previous step to acquiring the card information.
NEW QUESTION 384
An organization is planning to open a new office in another country. Sensitive data will be routinely sent between two offices. What should be the information security manager's FIRST course of action?
- A. Identify applicable regulatory requirements to establish security policies.
- B. Apply the current corporate security policies to the new office.
- C. Encrypt the data for transfer to the head office based on security manager approval.
- D. Update privacy policies to include the other country's laws and regulations.
Answer: A
NEW QUESTION 385
Which of the following is the MOST important to ensure a successful recovery?
- A. Recovery location is secure and accessible
- B. Backup media is stored offsite
- C. More than one hot site is available
- D. Network alternate links are regularly tested
Answer: B
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Unless backup media are available, all other preparations become meaningless. Recovery site location and security are important, but would not prevent recovery in a disaster situation. Having a secondary hot site is also important, but not as important as having backup media available. Similarly, alternate data communication lines should be tested regularly and successfully but, again, this is not as critical.
NEW QUESTION 386
Which of the following is the STRONGEST indication that senior management commitment to information security is lacking within an organization?
- A. Inconsistent enforcement of information security policies
- B. A reduction in information security investment
- C. The information security manager reports to the chief risk officer
- D. A high level of information security risk acceptance
Answer: A
NEW QUESTION 387
Which of the following would provide the HIGHEST level of confidence in the integrity of data when sent from one party to another?
- A. Enforce multi-factor authentication (MFA) on both ends of the communication.
- B. Require files to be digitally signed before they are transmitted.
- C. Harden the communication infrastructure.
- D. Require data to be transmitted over a secure connection.
Answer: B
NEW QUESTION 388
Which of the following is the MOST important reason to involve external forensics experts in evidence collection when responding to a major security breach?
- A. To ensure evidence is handled by qualified resources
- B. To provide the response team with expert training on evidence handling
- C. To validate the incident response process
- D. To prevent evidence from being disclosed to any internal staff members
Answer: A
NEW QUESTION 389
Which of the following is the MOST effective approach for integrating security into application development?
- A. Developing security models in parallel
- B. Defining security requirements
- C. Performing vulnerability scans
- D. Including security in user acceptance testing sign-off
Answer: B
Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
NEW QUESTION 390
A post-incident review should be conducted by an incident management team to determine:
- A. lessons learned.
- B. relevant electronic evidence.
- C. hacker's identity.
- D. areas affected.
Answer: A
Explanation:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Post-incident reviews are beneficial in determining ways to improve the response process through lessons learned from the attack. Evaluating the relevance of evidence, who launched the attack or what areas were affected are not the primary purposes for such a meeting because these should have been already established during the response to the incident.
NEW QUESTION 391
Which of the following BEST enables an information security manager to assess the effectiveness of the information security program?
- A. Penetration testing results
- B. Maturity level
- C. Risk register
- D. Information security architecture
Answer: B
NEW QUESTION 392
Which of the following devices should be placed within a DMZ?
- A. Data warehouse server
- B. Departmental server
- C. Application server
- D. Proxy server
Answer: C
Explanation:
Explanation/Reference:
Explanation:
An application server should normally be placed within a demilitarized zone (DMZ) to shield the internal network. Data warehouse and departmental servers may contain confidential or valuable data and should always be placed on the internal network, never on a DMZ that is subject to compromise. A proxy server forms the inner boundary of the DMZ but is not placed within it.
NEW QUESTION 393
The MOST likely cause of a security information event monitoring (SIEM) solution failing to identify a serious incident is that the system:
- A. is hosted by a cloud service provider.
- B. has not been updated with the latest patches.
- C. is not collecting logs from relevant devices.
- D. has performance issues.
Answer: C
NEW QUESTION 394
Which of the following disaster recovery testing techniques is the MOST cost-effective way to determine the effectiveness of the plan?
- A. Full operational tests
- B. Paper tests
- C. Actual service disruption
- D. Preparedness tests
Answer: D
Explanation:
Explanation
Preparedness tests would involve simulation of the entire test in phases and help the team better understand and prepare for the actual test scenario. Options B, C and D are not cost-effective ways to establish plan effectiveness. Paper tests in a walk-through do not include simulation and so there is less learning and it is difficult to obtain evidence that the team has understood the test plan. Option D is not recommended in most cases. Option C would require an approval from management is not easy or practical to test in most scenarios and may itself trigger a disaster.
NEW QUESTION 395
Which of the following should be in place before a black box penetration test begins?
- A. A clearly stated definition of scope
- B. Proper communication and awareness training
- C. An incident response plan
- D. IT management approval
Answer: A
Explanation:
Explanation/Reference:
Explanation:
Having a clearly stated definition of scope is most important to ensure a proper understanding of risk as well as success criteria, IT management approval may not be required based on senior management decisions. Communication, awareness and an incident response plan are not a necessary requirement. In fact, a penetration test could help promote the creation and execution of the incident response plan.
NEW QUESTION 396
Which of the following is the MOST important element to ensure the successful recovery of a business during a disaster?
- A. Detailed technical recovery plans are maintained offsite
- B. Appropriate declaration criteria have been established
- C. Hot site equipment needs are recertified on a regular basis
- D. Network redundancy is maintained through separate providers
Answer: A
Explanation:
Explanation/Reference:
Explanation:
In a major disaster, staff can be injured or can be prevented from traveling to the hot site, so technical skills and business knowledge can be lost. It is therefore critical to maintain an updated copy of the detailed recovery plan at an offsite location. Continuity of the business requires adequate network redundancy, hot site infrastructure that is certified as compatible and clear criteria for declaring a disaster. Ideally, the business continuity program addresses all of these satisfactorily. However, in a disaster situation, where all these elements are present, but without the detailed technical plan, business recovery will be seriously impaired.
NEW QUESTION 397
An IT department is evaluating a new cloud backup service to support the human resources (HR) department. Which of the following is the information security manager's MOST important action prior to contract execution?
- A. Review the risk with HR executives.
- B. Evaluate the cloud vendor's information security program.
- C. Complete a compliance risk assessment.
- D. Ensure HR data is encrypted prior to sending it to the cloud vendor.
Answer: B
NEW QUESTION 398
The BEST reason for an organization to have two discrete firewalls connected directly to the Internet and to the same DMZ would be to:
- A. prevent a denial-of-service attack.
- B. provide in-depth defense.
- C. separate test and production.
- D. permit traffic load balancing.
Answer: D
Explanation:
Explanation
Having two entry points, each guarded by a separate firewall, is desirable to permit traffic load balancing. As they both connect to the Internet and to the same demilitarized zone (DMZ), such an arrangement is not practical for separating test from production or preventing a denial-of-service attack.
NEW QUESTION 399
The effectiveness of an information security governance framework will BEST be enhanced if:
- A. consultants review the information security governance framework
- B. risk management is built into operational and strategic activities.
- C. a culture of legal and regulatory compliance is promoted by management.
- D. IS auditors are empowered to evaluate governance activities,
Answer: C
NEW QUESTION 400
......
What Are the Important Exam Requirements You Need to Know?
Just like all other Isaca certification exams, CISM consists of 150 questions. These are structured in multiple-choice type, with a time limit of up to 4 hours or 240 minutes. The converted scale scores range from 200 to 800. In order to pass the test, you have to get at least 450 points. On the other hand, the exam fee differs for members and non-members. If you're a member, you only have to pay $575 while the non-members have to shell out $760.
Before taking the test, you will be given two delivery options. The first one is by in-person at a testing site. The second one is via a remote set-up in an online setting. Both options allow you to choose your preferred language options. As of this writing, there are 4 selections, including English, Japanese, Chinese Simplified, and Spanish.
Another thing to remember is the exam registration. You cannot take the CISM test if you will not register with Isaca and schedule it ahead. But don't worry because it doesn't mean that you have to sit for the exam as soon as possible after registration. You are given 12 months from the date of enrollment to take it. Henceforth, you have to take into account the eligibility period.
Latest CISM Pass Guaranteed Exam Dumps with Accurate & Updated Questions: https://www.dumpexams.com/CISM-real-answers.html
CISM Exam Brain Dumps - Study Notes and Theory: https://drive.google.com/open?id=1KRetSnh4z77Yf7BYwaszX2rOJ5k_SIsS