CISM無料問題集「ISACA Certified Information Security Manager」

質問 1

An incident management team is alerted ta a suspected security event. Before classifying the suspected event as a security incident, it is MOST important for the security manager to:

（A）follow the incident response plan.

（B）conduct an incident forensic analysis.

（C）notify the business process owner.

（D）follow the business continuity plan (BCP).

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Of the following, who is accountable for data loss in the event of an information security incident at a third- party provider?

（A）The business data owner

（B）The service provider that hosts the data

（C）The information security manager

（D）The incident response team

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

An organization plans to utilize Software as a Service (SaaS) and is in the process of selecting a vendor. What should the information security manager do FIRST to support this initiative?

（A）Define information security requirements and processes.

（B）Benchmark each vendor's services with industry best practices.

（C）Analyze the risks and propose mitigating controls.

（D）Review independent security assessment reports for each vendor.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A security incident has been reported within an organization. When should an information security manager contact the information owner?

（A）After the potential incident has been logged

（B）After the incident has been contained

（C）After the incident has been confirmed

（D）After the incident has been mitigated

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which of the following defines the triggers within a business continuity plan (BCP)? @

（A）Needs of the organization

（B）Disaster recovery plan (DRP)

（C）Information security policy

（D）Gap analysis

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

The MOST appropriate time to conduct a disaster recovery test would be after:

（A）the business continuity plan (BCP) has been updated.

（B）major business processes have been redesigned.

（C）noncompliance incidents have been filed.

（D）the security risk profile has been reviewed

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following is the BEST course of action if the business activity residual risk is lower than the acceptable risk level?

（A）Monitor the effectiveness of controls

（B）Review the inherent risk level

（C）Review the risk probability and impact

（D）Update the risk assessment framework

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An organization learns that a third party has outsourced critical functions to another external provider. Which of the following is the information security manager's MOST important course of action?

（A）Engage an independent audit of the third party's external provider.

（B）Conduct an external audit of the contracted third party.

（C）Recommend canceling the contract with the third party.

（D）Evaluate the third party's agreements with its external provider.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

The PRIMARY purpose for conducting cybersecurity risk assessments is to:

（A）Provide metrics to indicate cybersecurity program effectiveness

（B）Understand the organization's current security posture

（C）Verify compliance across multiple sectors

（D）Assist in security reporting to senior management

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Predetermined containment methods to be used in a cybersecurity incident response should be based PRIMARILY on the:

（A）type of confirmed incident.

（B）capability of incident handlers.

（C）number of impacted users.

（D）predicted incident duration.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the following is the MOST important reason for logging firewall activity?

（A）Metrics reporting

（B）Intrusion prevention

（C）Incident investigation

（D）Firewall tuning

正解：B 解答を投票する

質問 12

Which type of control is an incident response team?

（A）Directive

（B）Preventive

（C）Corrective

（D）Detective

正解：C 解答を投票する

質問 13

Which of the following has The GREATEST positive impact on The ability to execute a disaster recovery plan (DRP)?

（A）Conducting a walk-through of the plan

（B）Storing the plan at an offsite location

（C）Communicating the plan to all stakeholders

（D）Updating the plan periodically

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

The department head of application development has decided to accept the risks identified in a recent assessment. No recommendations will be implemented, even though the recommendations are required by regulatory oversight. What should the information security manager do NEXT?

（A）Review the risk monitoring plan.

（B）Formally document the decision.

（C）Advise the risk management team.

（D）Review the regulations.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

Which of the following would provide the MOST effective security outcome in an organizations contract management process?

（A）Extending security assessment to cover asset disposal on contract termination

（B）Ensuring security requirements are defined at the request-for-proposal (RFP) stage

（C）Performing vendor security benchmark analyses at the request-for-proposal (RFP) stage

（D）Extending security assessment to include random penetration testing

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

Senior management has expressed concern that the organization's intrusion prevention system (IPS) may repeatedly disrupt business operations Which of the following BEST indicates that the information security manager has tuned the system to address this concern?

（A）Decreasing false negatives

（B）Increasing false positives

（C）Decreasing false positives

（D）Increasing false negatives

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CISM 無料問題集「ISACA Certified Information Security Manager」

弊社を連絡する

関連リンク

トップ試験