ISACA CERTIFIED INFORMATION
SECURITY MANAGER (CISM) PREP
WITH COMPLETE SOLUTIONS
Which of the following is the primary step in control implementation for a new business
application? - ANSWER-D. Risk assessment
When implementing an information security program, in which phase of the
implementation should metrics be established to assess the effectiveness of the
program over time?" - ANSWER-Either
B. Initiation
C. Design
Data owners are concerned and responsible for who has access to their resources and
therefore need to be concerned with the strategy of how to mitigate risk of data resource
usage. Which of the following actions facilitates that responsibility? - ANSWER-B.
Entitlement changes
Which of the following is the best method to determine the effectiveness of the incident
response process? - ANSWER-C. Post-incident review
When properly implemented, a risk management program should be designed to reduce
an organization's risk to: - ANSWER-C. A level at which the organization is willing to
accept
What controls the process of introducing changes to systems to ensure that unintended
changes are not introduced? - ANSWER-C. Change management
All actions dealing with incidents must be worked with cyclical consideration. What is
the primary post-incident review takeaway? - ANSWER-Either
A. Pursuit of legal action
B. Identify personnel failures
D. Derive ways to improve the response process
If a forensics copy of a hard drive is required for legal matters, which of the following
options provide the best solid defense for preservation of evidence? - ANSWER-C. A
bit-by-bit copy of all data
, What is the preferred step an ISM should take to ensure the disaster recovery plan is
adequate and remains current? - ANSWER-A. Quarterly reviews of recovery plan
information
Which of the following would prove to be the best protection and recovery procedures if
an intruder has gained root access to a system? - ANSWER-Either
A. Use system recovery to restore the last known good image
C. Rebuild the system and its OS and applications using the original vendor media
D. Have all users change passwords
As the increased use of regulation and compliance in the Information Security arena
expands, information security managers must work to put tasks into perspective. To do
this, ISMs should involve affected organizations and view "regulations" as a? -
ANSWER-Either
A. Risk
B. Legal interpretation
Which of the following is the most significant challenge when developing an incident
management plan? - ANSWER-D. Lack of management and leadership buy-in
Resource allocation is crucial during incident triage as it assists in prioritization and
categorization. Why would this be critical for most organizations when conducting
triage? - ANSWER-A. Most organizations have limited incident handling resources
As part of the Risk Management process, assessments must be performed on the
information systems and resources of an organization. If there are vulnerabilities
disclosed during an assessment, those vulnerabilities should be: - ANSWER-d.
Evaluated and prioritized based on credible threat and impact if exploited and and
mitigation cost
A security strategy is important for an organization, and along with the creation of
supporting policies. What should the overall planning effort cover? - ANSWER-Either
A. The logical security architecture for the organization
B. The intent and direction and expectations of management
D. Assist in FISMA audits
What is the most important security objective in creating good procedures to meet the
requirements of a relevant policy? - ANSWER-A. Being comprehensive and
unambiguous
SECURITY MANAGER (CISM) PREP
WITH COMPLETE SOLUTIONS
Which of the following is the primary step in control implementation for a new business
application? - ANSWER-D. Risk assessment
When implementing an information security program, in which phase of the
implementation should metrics be established to assess the effectiveness of the
program over time?" - ANSWER-Either
B. Initiation
C. Design
Data owners are concerned and responsible for who has access to their resources and
therefore need to be concerned with the strategy of how to mitigate risk of data resource
usage. Which of the following actions facilitates that responsibility? - ANSWER-B.
Entitlement changes
Which of the following is the best method to determine the effectiveness of the incident
response process? - ANSWER-C. Post-incident review
When properly implemented, a risk management program should be designed to reduce
an organization's risk to: - ANSWER-C. A level at which the organization is willing to
accept
What controls the process of introducing changes to systems to ensure that unintended
changes are not introduced? - ANSWER-C. Change management
All actions dealing with incidents must be worked with cyclical consideration. What is
the primary post-incident review takeaway? - ANSWER-Either
A. Pursuit of legal action
B. Identify personnel failures
D. Derive ways to improve the response process
If a forensics copy of a hard drive is required for legal matters, which of the following
options provide the best solid defense for preservation of evidence? - ANSWER-C. A
bit-by-bit copy of all data
, What is the preferred step an ISM should take to ensure the disaster recovery plan is
adequate and remains current? - ANSWER-A. Quarterly reviews of recovery plan
information
Which of the following would prove to be the best protection and recovery procedures if
an intruder has gained root access to a system? - ANSWER-Either
A. Use system recovery to restore the last known good image
C. Rebuild the system and its OS and applications using the original vendor media
D. Have all users change passwords
As the increased use of regulation and compliance in the Information Security arena
expands, information security managers must work to put tasks into perspective. To do
this, ISMs should involve affected organizations and view "regulations" as a? -
ANSWER-Either
A. Risk
B. Legal interpretation
Which of the following is the most significant challenge when developing an incident
management plan? - ANSWER-D. Lack of management and leadership buy-in
Resource allocation is crucial during incident triage as it assists in prioritization and
categorization. Why would this be critical for most organizations when conducting
triage? - ANSWER-A. Most organizations have limited incident handling resources
As part of the Risk Management process, assessments must be performed on the
information systems and resources of an organization. If there are vulnerabilities
disclosed during an assessment, those vulnerabilities should be: - ANSWER-d.
Evaluated and prioritized based on credible threat and impact if exploited and and
mitigation cost
A security strategy is important for an organization, and along with the creation of
supporting policies. What should the overall planning effort cover? - ANSWER-Either
A. The logical security architecture for the organization
B. The intent and direction and expectations of management
D. Assist in FISMA audits
What is the most important security objective in creating good procedures to meet the
requirements of a relevant policy? - ANSWER-A. Being comprehensive and
unambiguous
