Isaca CISM Quiz 266 Topic 1 Questions 1326-1330

Question: 1

An IT department is having difficulty controlling the installation and use of unauthorized software that is in breach of organizational policy. Which of the following is the MOST effective solution?

ARestrict local desktop administration rights.

BInstall a software monitoring tool on the network.

CTrain users on the acceptable use policies.

DConduct random workstation audits.

Show Answer

Question: 2

Information security can BEST be enforced by making security:

Aa business process owner activity.

Ban integral component of corporate policies.

Ca part of each employee's Job objectives.

Da flexible system of procedures and guidelines.

Show Answer

Question: 3

Following a highly sensitive data breach at a large company, all servers and workstations were patched. The information security manager s NEXT step should be to:

Ainform senior management of changes in risk metrics.

Bperform an assessment to measure the current state

Cdeliver security awareness training.

Densure baseline back-ups are performed.

Show Answer

Question: 4

An information security manager finds that corporate information has been stored on a public cloud storage site for business collaboration purposes. Which of the following should be the manager's FIRST action?

AUpdate service level agreements (SLAs).

BAssign a data classification label.

CImplement a data encryption strategy.

DDetermine the risk to the data.

Show Answer

Question: 5

What is the BEST way to determine the level of risk associated with information assets processed by an IT application?

AEvaluate the potential value of information for an attacker.

BReview the cost of acquiring the information assets for the business.

CCalculate the business value of the information assets.

DResearch compliance requirements associated with the information.

Show Answer

Isaca CISM Quiz:266 Topic:1 Questions:1326-1330