CISM Certified Information Security Manager Quiz

Quiz Questions And Answers

Which of the following is the BEST method or technique to ensure the effective implementation of an information security program?

Obtain the support of the board of directors.

Improve the content of the information security awareness program.

Improve the employees' knowledge of security policies.

Implement logical access controls to the information systems.

Which of the following would be MOST effective in successfully implementing restrictive password policies?

Regular password audits

Single sign-on system

Security awareness program

Penalties for noncompliance

Which of the following are likely to be updated MOST frequently?

Procedures for hardening database servers

Standards for password length and complexity

Policies addressing information security governance

Standards for document retention and destruction

Acceptable levels of information security risk should be determined by:

legal counsel.

security management.

external auditors.

die steering committee.

Logging is an example of which type of defense against systems compromise?

Containment

Detection

Reaction

Recovery

Which of the following would be MOST helpful to achieve alignment between information security and organization objectives?

Key control monitoring

A robust security awareness program

A security program that enables business activities

An effective security architecture

The MOST effective approach to address issues that arise between IT management, business units and security management when implementing a new security strategy is for the informat

escalate issues to an external third party for resolution

ensure that senior management provides authority for security to address the issues.

insist that managers or units not in agreement with the security solution accept the risk.

refer the issues to senior management along with any security recommendations.

The FIRST step in developing an information security management program is to:

identify business risks that affect the organization.

clarify organizational purpose for creating the program.

assign responsibility for the program.

assess adequacy of controls to mitigate business risks.

What is the MOST important factor in the successful implementation of an enterprise wide information security program?

Realistic budget estimates

Security awareness

Support of senior management

Recalculation of the work factor

While implementing information security governance an organization should FIRST:

adopt security standards.

determine security baselines.

define the security strategy.

establish security policies.

ANSWERS

Currently, we have no comments. Be first to comment on this quiz.

GCIH Certified Incident Handler Quiz

GCIH Certified Incident Handler Quiz Test

How well do you know singer, Anna Sebring

How well do you know Anna Sebring

Daniela Alexis Bio, Birthday, Info, Height Family

Daniela Alexis How well do you know about Bio, Birthday, Info, Height Answer these questions and find out.

Linear Search and Binary Search Jump Search Quiz Question

Linear search is a search that finds an element in the list by searching the element sequentially until the element is found in the list. On the other hand, a binary search is a search that finds t...

CISM Certified Information Security Manager Quiz