• Home
  • Blogs
  • [Sep-2022] Latest ISACA CISM exam dumps and online Test Engine [Q200-Q219]

[Sep-2022] Latest ISACA CISM exam dumps and online Test Engine [Q200-Q219]

Share

[Sep-2022] Latest ISACA CISM exam dumps and online Test Engine

ISACA CISM: Selling Isaca Certification Products and Solutions


Exam details

ISACA CISM is used to be a manual exam, but over the years it has evolved into a Computer-Based Testing method, which ensures even more accuracy and reliability for its candidates. It is consisting of 150 questions that you need to clear within 240 minutes. This exam is available in various languages, such as Chinese, English, Japanese, Korean, and Spanish. It is held at the PSI testing centers around the world.

The exam voucher is valid for one year after it is released. For the ISACA members, the price of the CISM test is $575, but the non-members should pay $760. To pass this certification exam, an individual should score at least 450 points or higher.

 

NEW QUESTION 200
Which of the following BIST validates that security controls are implemented in a new business process?

  • A. Review the process for conformance with information security best practices
  • B. Benchmark the process against industry practices
  • C. Assess the process according to information security policy
  • D. Verify the use of a recognized control framework

Answer: C

 

NEW QUESTION 201
Which of the following is the MOST appropriate method for deploying operating system (OS) patches to production application servers?

  • A. Set up servers to automatically download patches
  • B. Automatically push all patches to the servers
  • C. Initially load the patches on a test machine
  • D. Batch patches into frequent server updates

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Some patches can conflict with application code. For this reason, it is very important to first test all patches in a test environment to ensure that there are no conflicts with existing application systems. For this reason, choices C and D are incorrect as they advocate automatic updating. As for frequent server updates, this is an incomplete (vague) answer from the choices given.

 

NEW QUESTION 202
When developing an information security program, what is the MOST useful source of information for determining available resources?

  • A. Proficiency test
  • B. Skills inventory
  • C. Organization chart
  • D. Job descriptions

Answer: B

Explanation:
Explanation/Reference:
Explanation:
A skills inventory would help identify- the available resources, any gaps and the training requirements for developing resources. Proficiency testing is useful but only with regard to specific technical skills. Job descriptions would not be as useful since they may be out of date or not sufficiently detailed. An organization chart would not provide the details necessary to determine the resources required for this activity.

 

NEW QUESTION 203
An information security manager has discovered a potential security breach in a server that supports a critical business process. Which of the following should be the information security manager's FIRST course of action?

  • A. Notify the business process owner.
  • B. Shut down the server in an organized manner.
  • C. Inform senior management of the incident.
  • D. Validate that there has been an incident

Answer: D

 

NEW QUESTION 204
Which of the following is the MOST important reason for performing a cost-benefit analysis when implementing a security control?

  • A. To present a realistic information security budget
  • B. To ensure that the mitigation effort does not exceed the asset value
  • C. To ensure that benefits are aligned with business strategies
  • D. To justify information security program activities

Answer: B

 

NEW QUESTION 205
Which of the following is MOST helpful for protecting an enterprise from advanced persistent threats (APTs)?

  • A. Threat intelligence
  • B. Updated security policies
  • C. Defined security standards
  • D. Regular antivirus updates

Answer: D

 

NEW QUESTION 206
In performing a risk assessment on the impact of losing a server, the value of the server should be calculated using the:

  • A. cost to obtain a replacement.
  • B. original cost to acquire.
  • C. annualized loss expectancy (ALE).
  • D. cost of the software stored.

Answer: A

Explanation:
Explanation
The value of the server should be based on its cost of replacement. The original cost may be significantly different from the current cost and, therefore, not as relevant. The value of the software is not at issue because it can be restored from backup media. The ALE for all risks related to the server does not represent the server's value.

 

NEW QUESTION 207
The contribution of recovery point objective (RPO) to disaster recovery is to:

  • A. minimize outage period.
  • B. reduce mean time between failures (MTBF).
  • C. define backup strategy.
  • D. eliminate single points of failure.

Answer: A

 

NEW QUESTION 208
Risk assessment should be built into which of the following systems development phases to ensure that risks are addressed in a development project?

  • A. User testing
  • B. Programming
  • C. Feasibility
  • D. Specification

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Risk should be addressed as early as possible in the development cycle. The feasibility study should include risk assessment so that the cost of controls can be estimated before the project proceeds. Risk should also be considered in the specification phase where the controls are designed, but this would still be based on the assessment carried out in the feasibility study. Assessment would not be relevant in choice A or C.

 

NEW QUESTION 209
The main mail server of a financial institution has been compromised at the superuser level; the only way to ensure the system is secure would be to:

  • A. rebuild the system from the original installation medium.
  • B. implement multifactor authentication.
  • C. disconnect the mail server from the network.
  • D. change the root password of the system.

Answer: A

Explanation:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
Rebuilding the system from the original installation medium is the only way to ensure all security vulnerabilities and potential stealth malicious programs have been destroyed. Changing the root password of the system does not ensure the integrity of the mail server. Implementing multifactor authentication is an aftermeasure and does not clear existing security threats. Disconnecting the mail server from the network is an initial step, but does not guarantee security.

 

NEW QUESTION 210
What is the GREATEST risk when there is an excessive number of firewall rules?

  • A. One rule may override another rule in the chain and create a loophole
  • B. The firewall may not support the increasing number of rules due to limitations
  • C. The firewall may show abnormal behavior and may crash or automatically shut down
  • D. Performance degradation of the whole network

Answer: A

Explanation:
Explanation/Reference:
Explanation:
If there are many firewall rules, there is a chance that a particular rule may allow an external connection although other associated rules are overridden. Due to the increasing number of rules, it becomes complex to test them and. over time, a loophole may occur.

 

NEW QUESTION 211
Which of the following would a security manager establish to determine the target for restoration of normal processing?

  • A. Recovery point objectives (RPOs)
  • B. Maximum tolerable outage (MTO)
  • C. Services delivery objectives (SDOs)
  • D. Recover time objective (RTO)

Answer: D

Explanation:
Section: INFORMATION RISK MANAGEMENT
Explanation:
Recovery time objective (RTO) is the length of time from the moment of an interruption until the time the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level. Maximum tolerable outage (MTO) is the maximum time for which an organization can operate in a reduced mode. Recovery point objectives (RPOs) relate to the age of the data required for recovery.
Services delivery objectives (SDOs) are the levels of service required in reduced mode.

 

NEW QUESTION 212
Which of the following metrics is the BEST indicator of an abuse of the change management process that could compromise information security?

  • A. Percentage of changes that include post-approval supplemental add-ons
  • B. Large percentage decrease in monthly change requests
  • C. Small number of change requests
  • D. High ratio of lines of code changed to total lines of code

Answer: D

 

NEW QUESTION 213
Which of the following attacks is BEST mitigated by utilizing strong passwords?

  • A. Root kit
  • B. Remote buffer overflow
  • C. Man-in-the-middle attack
  • D. Brute force attack

Answer: D

Explanation:
Explanation
A brute force attack is normally successful against weak passwords, whereas strong passwords would not prevent any of the other attacks. Man-in-the-middle attacks intercept network traffic, which could contain passwords, but is not naturally password-protected. Remote buffer overflows rarely require a password to exploit a remote host. Root kits hook into the operating system's kernel and, therefore, operate underneath any authentication mechanism.

 

NEW QUESTION 214
In risk assessment, after the identification of threats to organizational assets, the information security manager would:

  • A. determine threats to be reported to upper management.
  • B. request funding for the security program.
  • C. evaluate the controls currently in place.
  • D. implement controls to achieve target risk levels.

Answer: C

 

NEW QUESTION 215
A validated patch to address a new vulnerability that may affect a mission-critical server has been released.
What should be done immediately?

  • A. Take the server off-line and install the patch.
  • B. Conduct an impact analysis.
  • C. Check the server's security and install the patch.
  • D. Add mitigating controls.

Answer: B

Explanation:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT

 

NEW QUESTION 216
Which of the following provides the MOST useful information for identifying security control gaps on an application server?

  • A. Risk assessments
  • B. Threat models
  • C. Internal audit reports
  • D. Penetration testing

Answer: C

 

NEW QUESTION 217
When a newly installed system for synchronizing passwords across multiple systems and platforms abnormally terminates without warning, which of the following should automatically occur FIRST?

  • A. All systems should block new logins until the problem is corrected
  • B. Access control should fall back to no synchronized mode
  • C. System logs should record all user activity for later analysis
  • D. The firewall should block all inbound traffic during the outage

Answer: B

Explanation:
Explanation
The best mechanism is for the system to fallback to the original process of logging on individually to each system. Blocking traffic and new logins would be overly restrictive to the conduct of business, while recording all user activity would add little value.

 

NEW QUESTION 218
All risk management activities are PRIMARILY designed to reduce impacts to:

  • A. the minimum level possible.
  • B. a minimum level consistent with regulatory requirements.
  • C. a level defined by the security manager.
  • D. an acceptable level based on organizational risk tolerance.

Answer: D

Explanation:
Explanation
The aim of risk management is to reduce impacts to an acceptable level. "Acceptable" or "reasonable" are relative terms that can vary based on environment and circumstances. A minimum level that is consistent with regulatory requirements may not be consistent with business objectives, and regulators typically do not assign risk levels. The minimum level possible may not be aligned with business requirements.

 

NEW QUESTION 219
......

New 2022 CISM Test Tutorial (Updated 395 Questions): https://www.pass4leader.com/ISACA/CISM-exam.html

Reliable CISM Exam Tips Test Pdf Exam Material: https://drive.google.com/open?id=1_wtB8E4ZN_khPVly2PtfJo14pkpOfTIM

Related Blogs

more
Go To CISM Questions