Isaca CISM Quiz 125 Topic 6 Questions 621-625

Question: 1

To prevent computers on the corporate network from being used as part of a distributed denial of service (DDoS) attack, the information security manager should use:

Arate limiting.

Bincoming traffic filtering.

Coutgoing traffic filtering.

DIT security policy dissemination.

Show Answer

Question: 2

The BEST way to identify the criticality of systems to the business is through:

Aa vulnerability assessment.

Ba threat assessment.

Can impact assessment.

Dan asset classification.

Show Answer

Question: 3

Following a recent acquisition, an information security manager has been requested to address the outstanding risk reported early in the acquisition process. Which of the following is the manager s BEST course of action?

APerform a vulnerability assessment of the acquired company s infrastructure.

BAdd the outstanding risk to the acquiring organization's risk registry

CRe-assess the outstanding risk of the acquired company.

DRe-evaluate the risk treatment plan for the outstanding risk.

Show Answer

Question: 4

Which of the following would present the GREATEST challenge to integrating information security governance into corporate governance?

Akey security processes are outsourced.

BInformation security best practices ant not well understood.

CThe information security function is decentralized.

DThe security organizational structure is loosely defined

Show Answer

Question: 5

Which of the following should be the MOST important criteria when defining data retention policies?

ARegulatory requirements

BIndustry best practices

CAudit findings

DCapacity requirements

Show Answer

Isaca CISM Quiz:125 Topic:6 Questions:621-625