The MOST important success factor to design an effective IT security awareness program is to:
Correct Answer: A
Awareness training can only be effective if it is customized to the expectations and needs of attendees. Needs will be quite different depending on the target audience and will vary between business managers, end users and IT staff; program content and the level of detail communicated will therefore be different. Other criteria are also important; however, the customization of content is the most important factor.
Question 517
Which of the following Is MOST useful to an information security manager when conducting a post-incident review of an attack?
Correct Answer: C
Explanation = The method of operation used by the attacker is the most useful information for an information security manager when conducting a post-incident review of an attack. This information can help identify the root cause of the incident, the vulnerabilities exploited, the impact and severity of the attack, and the effectiveness of the existing security controls. The method of operation can also provide insights into the attacker's motives, skills, and resources, which can help improve the organization's threat intelligence and risk assessment. The cost of the attack to the organization, the location of the attacker, and the details from IDS logs are all relevant information for a post-incident review, but they are not as useful as the method of operation for improving the incident handling process and preventing future attacks. References = CISM Review Manual 2022, page 316; CISM Item Development Guide 2022, page 9; ISACA CISM: PRIMARY goal of a post-incident review should be to?
Question 518
Which of the following is MOST effective in preventing security weaknesses in operating systems?
Correct Answer: A
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT Explanation: Patch management corrects discovered weaknesses by applying a correction (a patch) to the original program code. Change management controls the process of introducing changes to systems. Security baselines provide minimum recommended settings. Configuration management controls the updates to the production environment.
Question 519
Which of the following should an information security manager establish to ensure security-related activities are adequately monitored?
Correct Answer: C
Question 520
Which of the following is the MOST appropriate method of ensuring password strength in a large organization?
Correct Answer: D
Explanation/Reference: Explanation: Reviewing general security settings on each platform will be the most efficient method for determining password strength while not compromising the integrity of the passwords. Attempting to reset several passwords to weaker values may not highlight certain weaknesses. Installing code to capture passwords for periodic audit, and sampling a subset of users and requesting their passwords for review, would compromise the integrity of the passwords.
