Isaca CISM Quiz 37 Topic 5 Questions 181-185

Question: 1

An information security risk analysis BEST assists an organization in ensuring that:

Aan appropriate level of funding is applied to security processes.

Bthe organization implements appropriate security technologies.

Cthe infrastructure has the appropriate level of access control.

Dcost-effective decisions are made with regard to which assets need protection.

Show Answer

Question: 2

Threat and vulnerability assessments are important PRIMARILY because they are:

Athe basis for setting control objectives

Bused to establish security investments.

Cneeded to estimate risk.

Delements of the organization's security posture

Show Answer

Question: 3

The ULTIMATE responsibility for ensuring the objectives of an information security framework are being met belongs to:

Athe steering committee.

Bthe board of directors.

Cthe internal audit manager.

Dthe information security officer.

Show Answer

Question: 4

Executive leadership has decided to engage a consulting firm to develop and implement a comprehensive security framework for the organization to allow senior management to remain focused on business priorities. Which of the following poses the GREATEST challenge to the successful implementation of the new security governance framework?

AExecutive leadership becomes involved in decisions about information security governance.

BInformation security management does not fully accept the responsibility for information security governance.

CExecutive leadership views information security governance

Show Answer

Question: 5

Which of the following BEST enables the deployment of consistent security throughout international branches within a multinational organization?

AEstablishment of security governance

BRemediation of audit findings

CMaturity of security processes

DDecentralization of security governance

Show Answer

Isaca CISM Quiz:37 Topic:5 Questions:181-185