What would a security manager primarily utilize when proposing the implementation of a security solution?

Which of the following is the PRIMARY objective of defining a severity hierarchy for security incidents?

A.

To facilitate the classification of an organization's IT assets

B.

To streamline the risk analysis process

C.

To prioritize available incident response resources

D.

To facilitate root cause analysis of incidents

Buy Now

Answer:

A new regulatory requirement affecting an organization's information security program is released. Which of the following should be the information security manager's FIRST course of action?

B.

Determine the disruption to the business.

C.

Perform a gap analysis.

D.

Notify the legal department.

Buy Now

Answer:

Which of the following analyses will BEST identify the external influences to an organization's information security?

A.

Vulnerability analysis

C.

Business impact analysis (BIA)

Buy Now

Answer:

Which of the following is MOST important for an information security manager to consider when identifying information security resource requirements?

A.

Information security strategy

B.

Current resourcing levels

C.

Availability of potential resources

D.

Information security incidents

Buy Now

Answer:

Which of the following is the BEST justification for making a revision to a password policy?

B.

Industry best practice

Buy Now

Answer:

The PRIMARY goal of information security governance is to:

A.

reduce risk to an acceptable level.

B.

establish a security strategy.

C.

align with business objectives.

D.

align with business processes.

Buy Now

Answer:

Which of the following should an information security manager do NEXT after creating a roadmap to execute the strategy for an information security program?

A.

Develop a project plan to implement the strategy.

B.

Review alignment with business goals.

C.

Obtain consensus on the strategy from the executive board.

D.

Define organizational risk tolerance.

Buy Now

Answer:

Which of the following is the BEST method for determining whether a firewall has been configured to provide a comprehensive perimeter defense?

A.

A simulated denial of service (DoS) attack against the firewall

B.

A validation of the current firewall rule set

C.

A port scan of the firewall from an internal source

D.

A ping test from an external source

Buy Now

Answer:

Which of the following would BEST demonstrate the status of an organization's information security program to the board of directors?

A.

Information security program metrics

B.

Changes to information security risks

C.

The information security operations matrix

D.

Results of a recent external audit

Buy Now

Answer:

During the response to a serious security breach, who is the BEST organizational staff member to communicate with external entities?

A.

The incident response team leader

B.

The resource specified in the incident response plan

C.

A dedicated public relations spokesperson

D.

The resource designated by senior management

Buy Now

Answer:

Which of the following is MOST important to include in a report of an organization's information security risk?

Buy Now

Answer:

Which of the following would be the GREATEST threat posed by a distributed denial of service (DDoS) attack on a public-facing web server?

A.

Execution of unauthorized commands

B.

Prevention of authorized access

C.

Unauthorized access to resources

D.

Defacement of website content

Buy Now

Answer:

Which of the following is the BEST method to ensure compliance with password standards?

A.

A user-awareness program

B.

Using password-cracking software

C.

Automated enforcement of password syntax rules

D.

Implementing password-synchronization software

Buy Now

Answer:

Which of the following BEST enables the detection of advanced persistent threats (APTs)?

A.

Vulnerability scanning

B.

Periodic reviews of intrusion prevention system (IPS)

C.

Security information and event management system (SIEM)

Buy Now

Answer:

Which of the following is the MOST important output from a post-incident review?

A.

Revised business impact analysis (BIA)

B.

Compilation of incident-related costs

C.

Repository of digital forensic artifacts

D.

Documentation of lessons learned

Buy Now

Answer:

Which of the following is the GREATEST benefit of integrating information security governance into corporate governance?

A.

Additional qualified information security professionals can be hired.

B.

External cyber threats to the organization are identified more quickly.

C.

Senior management commitment to information security is strengthened.

D.

Information security projects are managed more efficiently.

Buy Now

Answer:

An online trading company discovers that a network attack has penetrated the firewall. What should be the information security manager's FIRST response?

A.

Examine firewall logs to identify the attacker.

B.

Notify the regulatory agency of the incident.

C.

Implement mitigating controls.

D.

Evaluate the impact to the business.

Buy Now

Answer:

When a critical system incident is reported, the FIRST step of the incident handler should be to:

B.

notify the appropriate parties.

C.

determine the scope of the incident.

D.

validate the incident.

Buy Now

Answer:

Which of the following should be an information security manager's MAIN concern if the same digital signing certificate is able to be used by two or more users?

A.

Certificate alteration

B.

Potential to decrypt digital hash values

D.

Inability to validate identity of sender

Buy Now

Answer:

Which of the following is the MOST effective way to prevent information security incidents?

A.

Implementing a security awareness training program for employees

B.

Deploying a consistent incident response approach

C.

Implementing a security information and event management (SIEM) tool

D.

Deploying intrusion detection tools in the network environment

Buy Now

Answer:

Which of the following is MOST effective in reducing the financial I

A.

An incident response plan

B.

Backup and recovery strategy

C.

A business continuity plan (BCP)

D.

A data loss prevention (DLP) solution

Buy Now

Answer:

An organization is considering the deployment of encryption software and systems organization-wide. The MOST important consideration should be whether:

A.

the business strategy includes exceptions to the encryption standard.

B.

the implementation supports the business strategy.

C.

data can be recovered if the encryption keys are misplaced.

D.

a classification policy has been developed to incorporate the need for encryption.

Buy Now

Answer:

Which of the following is the MOST effective method of determining security priorities?

D.

Vulnerability assessment

Buy Now

Answer:

When considering whether to adopt bring your own device (BYOD). it is MOST important for the information security manager to ensure that:

A.

security controls are applied to each device when joining the network.

B.

the applications are tested prior to implementation.

C.

users have read and signed acceptable use agreements.

D.

business leaders have an understanding of security risks.

Buy Now

Answer:

The MOST important objective of security awareness training for business staff is to:

B.

understand intrusion methods.

D.

reduce negative audit findings.

Buy Now

Answer:

Human resources (HR) is evaluating potential Software as a Service (SaaS) cloud services. Which of the following should the information security manager do FIRST to support this effort?

A.

Conduct a security audit on the cloud service providers.

B.

Perform a risk assessment of adopting cloud services.

C.

Perform a cost-benefit analysis of using cloud services.

D.

Review the cloud service providers’ controls reports.

Buy Now

Answer:

An information security manager has identified the organization is not in compliance with new legislation that will soon be in effect. Which of the following is MOST important to consider when determining additional controls to be implemented?

A.

The information security strategy

B.

The cost of noncompliance

C.

The organization's risk appetite

D.

The information security policy

Buy Now

Answer:

The MOST effective way to continuously monitor an organization's cybersecurity posture is to evaluate its:

A.

timeliness in responding to attacks.

B.

level of support from senior management.

C.

compliance with industry regulations.

D.

key performance indicators (KPIs).

Buy Now

Answer:

Executive leadership becomes involved in decisions about information security governance.

Executive leadership views information security governance primarily as a concern of the information security management team. What should be an information security manager's MOST important consideration when reviewing a proposed upgrade to a business unit's production database?

A.

Ensuring residual risk is within appetite

B.

Ensuring the application inventory is updated

C.

Ensuring a cost-benefit analysis is completed

D.

Ensuring senior management is aware of associated risk

Buy Now

Answer:

Following a risk assessment, new countermeasures have been approved by management. Which of the following should be performed NEXT?

A.

Schedule the target end date for implementation activities.

B.

Calculate the cost for each countermeasure.

C.

Develop an implementation strategy.

D.

Budget the total cost of implementation activities.

Buy Now

Answer:

Which of the following is a PRIMARY responsibility of the information security governance function?

A.

Defining security strategies to support organizational programs

B.

Administering information security awareness training

C.

Ensuring adequate support for solutions using emerging technologies

D.

Advising senior management on optimal levels of risk appetite and tolerance

Buy Now

Answer:

What would be an information security manager's BEST recommendation upon learning that an existing contract with a third party does not clearly identify requirements for safeguarding the organization's critical data?

A.

Transfer the risk to the provider.

B.

Cancel the outsourcing contract.

C.

Create an addendum to the existing contract.

D.

Initiate an external audit of the provider's data center.

Buy Now

Answer:

A new information security manager finds that the organization tends to use short-term solutions to address problems. Resource allocation and spending are not effectively tracked, and there is no assurance that compliance requirements are being met. What should be done FIRST to reverse this bottom-up approach to security?

A.

Establish an audit committee.

B.

Conduct a threat analysis.

C.

Implement an information security awareness training program.

D.

Create an information security steering committee.

Buy Now

Answer:

An organization is developing a disaster recovery strategy and needs to identify each application's criticality so that the recovery sequence can be established. Which of the following is the BEST course of action?

A.

Document the data flow and review the dependencies.

B.

Perform a business impact analysis (BIA) on each application.

C.

Restore the applications with the shortest recovery times first.

D.

Identify which applications contribute the most cash flow.

Buy Now

Answer:

An organization has implemented a new security control in response to a recently discovered vulnerability. Several employees have voiced concerns that the control disrupts their ability to work. Which of the following is the information security manager's BEST course of action?

A.

Educate users about the vulnerability.

B.

Report the control risk to senior management.

C.

Accept the vulnerability.

D.

Evaluate compensating control options.

Buy Now

Answer:

Which of the following BEST indicates the effectiveness of the vendor risk management process?

A.

Increase in the percentage of vendors certified to a globally recognized security

standard

B.

Increase in the percentage of vendors that have reported security breaches

C.

Increase in the percentage of vendors conducting mandatory security training

D.

Increase in the percentage of vendors with a completed due diligence review

Buy Now

Answer:

Which of the following should be done FIRST when selecting performance metrics to report. on the vendor risk management process?

A.

Identify the data owner.

B.

Review the confidentiality requirements.

C.

Identify the intended audience.

D.

Select the data source.

Buy Now

Answer:

Which of the following is the MOST reliable way to ensure network security incidents are identified as soon as possible?

A.

Conduct workshops and training sessions with end users.

B.

Collect and correlate IT infrastructure event logs.

C.

Install stateful inspection firewalls.

D.

Train help desk staff to identify and prioritize security incidents.

Buy Now

Answer:

Which of the following is the BEST way to strengthen the security of corporate data on a personal mobile device?

A.

Using containerized software

B.

Mandating use of pre-approved devices

C.

Implementing a strong password policy

D.

Implementing multi-factor authentication

Buy Now

Answer:

When determining an acceptable risk level, which of the following is the MOST important consideration?

Buy Now

Answer:

Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?

A.

The ability to classify types of devices

B.

The ability to remotely locate devices

C.

The ability to centrally manage devices

D.

The ability to restrict unapproved applications

Buy Now

Answer:

The business advantage of implementing authentication tokens is that they:

A.

improve access security.

B.

reduce administrative workload.

D.

provide nonrepudiation

Buy Now

Answer:

Which of the following would provide the HIGHEST level of confidence in the integrity of data when sent from one party to another?

A.

Require data to be transmitted over a secure connection.

B.

Harden the communication infrastructure.

C.

Enforce multi-factor authentication on both ands of the communication

D.

Require files to be digitally signed before they are transmitted.

Buy Now

Answer:

A small organization has a contract with a multinational cloud computing vendor. Which of the following would present the GREATEST concern to an information security manager if omitted from the contract?

A.

Right of the subscriber to conduct onsite audits of the vendor

B.

Escrow of software code with conditions for code release

C.

Commingling of subscribers’ data on the same physical server

D.

Authority of the subscriber to approve access to its data

Buy Now

Answer:

Which of the following is the MOST relevant information to include in an information security risk report to facilitate senior management's understanding of impact to the organization?

A.

Detailed assessment of the security risk profile

B.

Risks inherent in new security technologies

C.

Status of identified key security risks

D.

Findings from recent penetration testing

Buy Now

Answer:

An organization shares customer information across its globally dispersed branches. Which of the following should be the GREATEST concern to information security management?

A.

Decentralization of information security

B.

Cross-cultural differences between branches

C.

Conflicting data protection regulations

D.

Insecure wide area networks (WANS)

Buy Now

Answer:

Which of the following should be the MOST important consideration when reviewing an information security strategy?

A.

New business initiatives

B.

Changes to the security budget

C.

Recent security incidents

D.

Internal audit findings

Buy Now

Answer:

The BEST way to report to the board on the effectiveness of the information security program is to present:

A.

a dashboard illustrating key performance metrics

B.

a summary of the most recent audit findings.

C.

A report of cost savings from process improvements.

D.

peer-group industry benchmarks.

Buy Now

Answer:

When management changes the enterprise business strategy, which of the following processes should be used to evaluate the existing information security controls as well as to select new information security controls?

A.

Configuration management

D.

Access control management

Buy Now

Answer:

Which of the following provides the MOST essential input for the development of an information security strategy?

A.

Measurement of security performance against IT goals

B.

Availability of capable information security resources

C.

Results of a technology risk assessment

D.

Results of an information security gap analysis

Buy Now

Answer:

Which of the following is the MAIN benefit of performing an assessment of existing incident response processes?

A.

Benchmarking against industry peers

B.

Prioritization of action plans

C.

Validation of current capabilities

D.

Identification of threats and vulnerabilities

Buy Now

Answer:

An information security manager notes that security incidents are not being appropriately escalated by the help desk after tickets are logged.

Which of the following is the BEST automated control to resolve this issue?

A.

Integrating automated service level agreement (SLA) reporting into the help desk ticketing system

B.

Integrating incident response workflow into the help desk ticketing system

C.

Implementing automated vulnerability scanning in the help desk workflow

D.

Changing the default setting for all security incidents to the highest priority

Buy Now

Answer:

Over the last year, an information security manager has performed risk assessments on multiple third-party vendors. Which of the following criteria would be MOST helpful in determining the associated level of risk applied to each vendor?

A.

Corresponding breaches associated with each vendor

B.

Compensating controls in place to protect information security

C.

Compliance requirements associated with the regulation

D.

Criticality of the service to the organization

Buy Now

Answer:

Which of the following processes can be used to remediate identified technical vulnerabilities?

A.

Enforcing baseline configurations

B.

Updating the business impact analysis (BIA)

C.

Conducting a risk assessment

D.

Performing penetration testing

Buy Now

Answer:

Which of the following is the PRIMARY responsibility of an information security governance committee?

A.

Reviewing monthly information security metrics

B.

Reviewing the information security risk register

C.

Discussing upcoming information security projects

D.

Approving changes to the information security strategy

Buy Now

Answer:

Exam Name: Certified Information Security Manager

Last Update: Sep 16, 2022