Free ISACA CISM Exam Dumps Questions & Answers

An organization is about to purchase a rival organization. The PRIMARY reason for performing information security due diligence prior to making the purchase is to:

• A.  determine the security exposures.
• B.  ensure compliance with international standards.
• C.  assess the ability to integrate the security department operations.
• D.  evaluate the security policy and standards.

Which of the following is the GREATEST concern resulting from the lack of severity criteria in incident classification?

• A.  Timely detection of attacks will be impossible.
• B.  The service desk will be staffed incorrectly.
• C.  Statistical reports will be incorrect.
• D.  Escalation procedures will be ineffective.

Which is the BEST method to evaluate the effectiveness of an alternate processing site when continuous uptime is required?

• A.  Simulation test
• B.  Tabletop test
• C.  Parallel test
• D.  Full interruption test

An information security manager has been notified about a compromised endpoint device Which of the following is the BEST course of action to prevent further damage?

• A.  Power off the endpoint device.
• B.  Wipe and reset the endpoint device.
• C.  Isolate the endpoint device.
• D.  Run a virus scan on the endpoint device.

Which of the following should be the FIRST consideration when developing a strategy for protecting an organization's data?

• A.  Access monitoring
• B.  Access rights
• C.  Classification
• D.  Encryption