Scribd Logo
Upload

Welcome to Scribd!

  • Isaca CISM: Practice Exam

    Uploaded by

    Maya M
    59 views37 pages

    Original Title

    92305106-cism.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    59 views37 pages

    Isaca CISM: Practice Exam

    Uploaded by

    Maya M

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 37

    Scribd Like

    Upload a Document
    in Share

    Search Documents
    0

    Explore Embed Doc


    Copy Link
    Readcast
    Collections

    Comments

    Download

    Nikhil Kargaonkar

    Isaca CISM

    Isaca CISM: Practice Exam


    QUESTION NO: 1

    Senior management commitment and support for information security can BEST be obtained
    through presentations that:

    A. use illustrative examples of successful attacks.


    B. explain the technical risks to the organization.
    Isacasecurity
    C. evaluate the organization against best CISM: Practice Exam
    practices.
    C.
    D. liabilities
    tie security risks to key business objectives.
    D. geographic coverage
    Answer: D
    Answer: A
    Explanation:
    Explanation:
    Senior management seeks to understand the business justification for investing in security. This
    Privacy
    can bestpolicies
    management
    must contain
    be accomplished
    statement
    Senior management will of
    by notifications
    notdirection.
    o
    Isaca m
    tying securityand
    They do
    be as interested
    opt-out
    to key
    CISM:
    not
    in
    provisions;
    business
    Practice
    necessarily
    technical
    they are a high-level
    objectives.
    Exam
    risksaddress warranties,
    or examples liabilities
    of successful or
    attacks if

    CISM Certified Information SecuritycManager


    geographic
    they are notcoverage, which areon more specific.

    .
    tied to the impact business environment and objectives. Industry best practices are
    important to senior management but, again, senior management will give them the right level of

    Practice Test s
    r
    QUESTION
    importance NO:
    when6 they are presented in terms of key business objectives.
    QUESTION NO: 4

    e
    What will have the HIGHEST impact on standard information security governance models?

    w m
    It is MOST important that information security architecture be aligned with which of the following?
    QUESTION
    A. NO:
    Number of 2
    employees

    s o
    B.
    A. Distance between
    Industry best Updated: Nov 14, 2009
    physical locations
    practices

    n .c
    Which of the following is characteristic of centralized information security management?
    C. Complexity of
    B. Information plansstructure Version 1.0
    organizational
    technology
    D. Organizational budget

    A rs
    C. More
    A. Information security
    expensive best practices
    to administer

    l
    D. Better
    B. Business objectives
    adherence to and goals
    policies
    Answer: C

    a e
    C. More aligned with business unit needs
    Answer: D

    u w m
    D. Faster turnaround of requests
    Explanation:
    Information
    structure.
    InformationSome of the
    security t
    Explanation:security governance models are highly dependent on the overall organizational
    Answer: B

    c ns co
    elements that
    architecture impact
    should organizational
    always be properly structure are business
    aligned with multiple missions
    goals andand

    A A s.
    functions
    objectives.across
    Explanation: the organization,
    Alignment with IT plansleadership and
    or industry lines
    and of communication.
    security best practicesNumber of employees
    is secondary by
    and distance between
    comparison.
    Centralization physical
    of information locations
    security have less impact
    management resultson
    in information securityand
    greater uniformity governance
    better

    l r
    models since
    adherence to well-defined process,
    security policies. It is technology andexpensive
    generally less people components intermingle
    to administer due to thetoeconomies
    provide theof

    a e
    properHowever,
    scale. governance.
    turnaround can be slower due to the lack of alignment with business units.

    u
    Organizational
    QUESTION NO:budget
    5 is not a major impact once good governance models are in place, hence

    t w
    governance will help in effective management of the organization's budget.
    Security technologies should be selected PRIMARILY on the basis of their:
    QUESTION NO: 3
    c ns
    A A
    A. ability to mitigate business risks
    The MOST important
    QUESTION NO: 7 component of a privacy policy is:
    B. evaluations in trade publications
    C.
    A. use
    The
    D.
    of new and
    notifications
    PRIMARY goal emerging
    in developing
    l
    technologies
    an information security strategy is to:

    a
    benefits in comparison to their costs
    B. warranties

    u
    A. establish security metrics and performance monitoring.

    t
    Answer:
    B. educateA business process owners regarding their duties.

    c
    "Certification
    C. ensure that legal Depends
    and regulatory on Only Oneare
    requirements Thing"
    met. - www.actualanswers.com 2
    Explanation:

    A
    D. support the business objectives of the organization.
    The most fundamental evaluation criteria for the appropriate selection of any security technology is
    its abilityDto reduce or eliminate business risks. Investments in security technologies should be
    Answer:
    based on their overall value in relation to their cost; the value can be demonstrated in terms of risk
    Explanation:
    mitigation. This should take precedence over whether they use new or exotic technologies or how
    The
    they business objectives
    are evaluated of the
    in trade organization supersede all other factors.
    publications.
    Establishing metrics and measuring performance, meeting legal and regulatory requirements, and
    "Certification
    educating business Depends
    process owners onallOnly
    are One Thing"
    subordinate - www.actualanswers.com
    to this overall goal. 3

    QUESTION NO: 8

    What is the PRIMARY role of the information security manager in the process of information
    classification within an organization?
    "Certification Depends on Only One Thing" - www.actualanswers.com 4
    Leave a Comment

    Submit
    Characters: 400

    QUESTION NO: 88 for CISM


    Download or Print
    1,721 Reads
    Uploaded by
    ojegil

    TIP Press Ctrl-F to quickly search anywhere in the document.

    Sections
    QUESTION NO: 1
    QUESTION NO: 2
    QUESTION NO: 3
    QUESTION NO: 4
    QUESTION NO: 5
    QUESTION NO: 6
    QUESTION NO: 7
    QUESTION NO: 8
    QUESTION NO: 9
    QUESTION NO: 10
    QUESTION NO: 11
    QUESTION NO: 12
    QUESTION NO: 13
    QUESTION NO: 14
    QUESTION NO: 15
    QUESTION NO: 16
    QUESTION NO: 17
    QUESTION NO: 18
    QUESTION NO: 19
    QUESTION NO: 20
    QUESTION NO: 21
    QUESTION NO: 22
    QUESTION NO: 23
    QUESTION NO: 24
    QUESTION NO: 25
    QUESTION NO: 26
    QUESTION NO: 27
    QUESTION NO: 28
    QUESTION NO: 29
    QUESTION NO: 30
    QUESTION NO: 31
    QUESTION NO: 32
    QUESTION NO: 33
    QUESTION NO: 34
    QUESTION NO: 35
    QUESTION NO: 36
    QUESTION NO: 37
    QUESTION NO: 38
    QUESTION NO: 39
    QUESTION NO: 40
    QUESTION NO: 41
    QUESTION NO: 42
    QUESTION NO: 43
    QUESTION NO: 44
    QUESTION NO: 45
    QUESTION NO: 46
    QUESTION NO: 47
    QUESTION NO: 48
    QUESTION NO: 49
    QUESTION NO: 50
    QUESTION NO: 51
    QUESTION NO: 52
    QUESTION NO: 53
    QUESTION NO: 54
    QUESTION NO: 55
    QUESTION NO: 56
    QUESTION NO: 57
    QUESTION NO: 58
    QUESTION NO: 59
    QUESTION NO: 60
    QUESTION NO: 61
    QUESTION NO: 62
    QUESTION NO: 63
    QUESTION NO: 64
    QUESTION NO: 65
    QUESTION NO: 66
    QUESTION NO: 67
    QUESTION NO: 68
    QUESTION NO: 69
    QUESTION NO: 70
    QUESTION NO: 71
    QUESTION NO: 72
    QUESTION NO: 73
    QUESTION NO: 74
    QUESTION NO: 75
    QUESTION NO: 76
    QUESTION NO: 77
    QUESTION NO: 78
    QUESTION NO: 79
    QUESTION NO: 80
    QUESTION NO: 81
    QUESTION NO: 82
    QUESTION NO: 83
    QUESTION NO: 84
    QUESTION NO: 85
    QUESTION NO: 86
    QUESTION NO: 87
    QUESTION NO: 88
    QUESTION NO: 89
    QUESTION NO: 90
    QUESTION NO: 91
    QUESTION NO: 92
    QUESTION NO: 93
    QUESTION NO: 94
    QUESTION NO: 95
    QUESTION NO: 96
    QUESTION NO: 97
    QUESTION NO: 98
    QUESTION NO: 99
    QUESTION NO: 100
    QUESTION NO: 101
    QUESTION NO: 102
    QUESTION NO: 103
    QUESTION NO: 104
    QUESTION NO: 105
    QUESTION NO: 106
    QUESTION NO: 107
    QUESTION NO: 108
    QUESTION NO: 109
    QUESTION NO: 110
    QUESTION NO: 111
    QUESTION NO: 112
    QUESTION NO: 113
    QUESTION NO: 114
    QUESTION NO: 115
    QUESTION NO: 116
    QUESTION NO: 117
    QUESTION NO: 118
    QUESTION NO: 119
    QUESTION NO: 120
    QUESTION NO: 121
    QUESTION NO: 122
    QUESTION NO: 123
    QUESTION NO: 124
    QUESTION NO: 125
    QUESTION NO: 126
    QUESTION NO: 127
    QUESTION NO: 128
    QUESTION NO: 129
    QUESTION NO: 130
    QUESTION NO: 131
    QUESTION NO: 132
    QUESTION NO: 133
    QUESTION NO: 134
    QUESTION NO: 135
    QUESTION NO: 136
    QUESTION NO: 137
    QUESTION NO: 138
    QUESTION NO: 139
    QUESTION NO: 140
    QUESTION NO: 141
    QUESTION NO: 142
    QUESTION NO: 143
    QUESTION NO: 144
    QUESTION NO: 145
    QUESTION NO: 146
    QUESTION NO: 147
    QUESTION NO: 148
    QUESTION NO: 149
    QUESTION NO: 150
    QUESTION NO: 151
    QUESTION NO: 152
    QUESTION NO: 153
    QUESTION NO: 154
    QUESTION NO: 155
    QUESTION NO: 156
    QUESTION NO: 157
    QUESTION NO: 158
    QUESTION NO: 159
    QUESTION NO: 160
    QUESTION NO: 161
    QUESTION NO: 162
    QUESTION NO: 163
    QUESTION NO: 164
    QUESTION NO: 165
    QUESTION NO: 166
    QUESTION NO: 167
    QUESTION NO: 168
    QUESTION NO: 169
    QUESTION NO: 170
    QUESTION NO: 171
    QUESTION NO: 172
    QUESTION NO: 173
    QUESTION NO: 174
    QUESTION NO: 175
    QUESTION NO: 176
    QUESTION NO: 177
    QUESTION NO: 178
    QUESTION NO: 179
    QUESTION NO: 180
    QUESTION NO: 181
    QUESTION NO: 182
    QUESTION NO: 183
    QUESTION NO: 184
    QUESTION NO: 185
    QUESTION NO: 186
    QUESTION NO: 187
    QUESTION NO: 188
    QUESTION NO: 189
    QUESTION NO: 190
    QUESTION NO: 191
    QUESTION NO: 192
    QUESTION NO: 193
    QUESTION NO: 194
    QUESTION NO: 195
    QUESTION NO: 196
    QUESTION NO: 197
    QUESTION NO: 198
    QUESTION NO: 199
    QUESTION NO: 200
    QUESTION NO: 201
    QUESTION NO: 202
    QUESTION NO: 203
    QUESTION NO: 204
    QUESTION NO: 205
    QUESTION NO: 206
    QUESTION NO: 207
    QUESTION NO: 208
    QUESTION NO: 209
    QUESTION NO: 210
    QUESTION NO: 211
    QUESTION NO: 212
    QUESTION NO: 213
    QUESTION NO: 214
    QUESTION NO: 215
    QUESTION NO: 216
    QUESTION NO: 217
    QUESTION NO: 218
    QUESTION NO: 219
    QUESTION NO: 220
    QUESTION NO: 221
    QUESTION NO: 222
    QUESTION NO: 223
    QUESTION NO: 224
    QUESTION NO: 225
    QUESTION NO: 226
    QUESTION NO: 227
    QUESTION NO: 228
    QUESTION NO: 229
    QUESTION NO: 230
    QUESTION NO: 231
    QUESTION NO: 232
    QUESTION NO: 233
    QUESTION NO: 234
    QUESTION NO: 235
    QUESTION NO: 236
    QUESTION NO: 237
    QUESTION NO: 238
    QUESTION NO: 239
    QUESTION NO: 240
    QUESTION NO: 241
    QUESTION NO: 242
    QUESTION NO: 243
    QUESTION NO: 244
    QUESTION NO: 245
    QUESTION NO: 246
    QUESTION NO: 247
    QUESTION NO: 248
    QUESTION NO: 249
    QUESTION NO: 250
    QUESTION NO: 251
    QUESTION NO: 252
    QUESTION NO: 253
    QUESTION NO: 254
    QUESTION NO: 255
    QUESTION NO: 256
    QUESTION NO: 257
    QUESTION NO: 258
    QUESTION NO: 259
    QUESTION NO: 260
    QUESTION NO: 261
    QUESTION NO: 262
    QUESTION NO: 263
    QUESTION NO: 264
    QUESTION NO: 265
    QUESTION NO: 266
    QUESTION NO: 267
    QUESTION NO: 268
    QUESTION NO: 269
    QUESTION NO: 270
    QUESTION NO: 271
    QUESTION NO: 272
    QUESTION NO: 273
    QUESTION NO: 274
    QUESTION NO: 275
    QUESTION NO: 276
    QUESTION NO: 277
    QUESTION NO: 278
    QUESTION NO: 279
    QUESTION NO: 280
    QUESTION NO: 281
    QUESTION NO: 282
    QUESTION NO: 283
    QUESTION NO: 284
    QUESTION NO: 285
    QUESTION NO: 286
    QUESTION NO: 287
    QUESTION NO: 288
    QUESTION NO: 289
    QUESTION NO: 290
    QUESTION NO: 291
    QUESTION NO: 292
    QUESTION NO: 293
    QUESTION NO: 294
    QUESTION NO: 295
    QUESTION NO: 296
    QUESTION NO: 297
    QUESTION NO: 298
    QUESTION NO: 299
    QUESTION NO: 300

    119 p.
    CISM

    Upload a Document
    Search Documents

    Follow Us!
    scribd.com/scribd
    twitter.com/scribd
    facebook.com/scribd

    About
    Press
    Blog
    Partners
    Scribd 101
    Web Stuff
    Support
    FAQ
    Developers / API
    Jobs
    Terms
    Copyright
    Privacy

    Copyright © 2012 Scribd Inc.


    Language:
    English

    You might also like