Isaca CISM Quiz 83 Topic 2 Questions 411-415

Question: 1

Senior management is concerned that the incident response team took unapproved actions during incident response that put business objectives at risk. Which of the following is the BEST way (or the information security manager to respond to this situation?

AUpdate roles and responsibilities of the incident response team.

BValidate that the information security strategy maps to corporate objectives

CTrain the incident response team on escalation procedures.

DImplement a monitoring solution for incident response activities.

Show Answer

Question: 2

What should be an information security manager's MOST important consideration when reviewing a proposed upgrade to a business unit's production database?

AEnsuring the application inventory is updated

BEnsuring senior management is aware of associated nsk

CEnsuring residual risk is within appetite

DEnsuring a cost-benefit analysis is completed

Show Answer

Question: 3

A security policy exception is leading to an unexpected increase in the number of alerts about suspicious Internet traffic on an organization's network Which of the following is the BEST course of action?

APresent a risk analysis with recommendations to senior management.

BUpdate the risk register so that senior management is kept informed

CRemove the rules that trigger the increased number of alerts

DEvaluate and update the enterprise network security architecture

Show Answer

Question: 4

Which of the following would provide the MOST essential input for the development of an information security strategy?

AMeasurement of security performance against IT goals

BResults of an information security gap analysis

CAvailability of capable information security resources

DResults of a technology risk assessment

Show Answer

Question: 5

Senior management has just accepted the risk of noncompliance with a new regulation What should the information security manager do NEXT''

AReport the decision to the compliance officer.

BUpdate details within the risk register

CReassess the organization's risk tolerance

DAssess the impact of the regulation

Show Answer

Isaca CISM Quiz:83 Topic:2 Questions:411-415