Isaca CISM Quiz 284 Topic 5 Questions 1416-1420

Question: 1

A new key business application has gone to production. What is the Most important reason to classify and determine the sensitivity of the data used by this application?

ATo determine retention requirements

BTo update the business impact analysis (BIA)

CTo ensure countermeasures are proportional to risk

DTo minimize the cost of controls.

Show Answer

Question: 2

Noncompliance issues were identified through audit. Which of the following is the BEST approach for the information security manager to ensure that issues are resolved in a timely manner?

ADevelop a solution independently

BCollaborate with the business process owner to implement mitigation controls.

CEscalate the noncompliance issues to senior management

DPerform a risk assessment.

Show Answer

Question: 3

Which of the following activities should be performed by someone other than the system administrator to ensure a secure audit trail?

AMaintaining logs of privileged users

BManaging user provisioning and access control

CReviewing system utilization logs

DReviewing data backups and restoration

Show Answer

Question: 4

An organization has decided to migrate a customer facing on-premise application to a cloud provider. Which of the following would be MOST helpful when assessing the proposed data backup requirements prior to the migration?

AVendor controls report analysis

BControl assessment

CRisk assessment

DBusiness impact analysis (BIA)

Show Answer

Question: 5

Which of the following is an information security manager's BEST course of action upon learning of new cybersecurity regulatory requirements that apply to the organization?

AEscalate the issue to senior management.

BImplement the new requirements immediately.

CTreat the new requirements as an operational issue.

DPerform a gap analysis of the new requirements.

Show Answer

Isaca CISM Quiz:284 Topic:5 Questions:1416-1420