Isaca CISM Certified Information Security Manager Version: Demo [ Total Questions: 10] Web: www.dumpscafe.com Email: [email protected] IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at [email protected] Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at [email protected] and our technical experts will provide support within 24 hours. Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. Pass Exam Isaca - CISM Exam Topic Breakdown Exam Topic Number of Questions Topic 2 : Exam Pool B 2 Topic 4 : Exam Pool D 2 Topic 3 : Exam pool C 2 Topic 5 : Exam Pool E 2 Topic 1 : Exam Pool A 2 TOTAL 10 Verified Solution - 100% Result 1 of 6 Pass Exam Isaca - CISM Topic 2, Exam Pool B Question #:1 - (Exam Topic 2) When preparing a business case for the implementation of a security information and event management (SIEM) system, which of the following should be a PRIMARY driver in the feasibility study? A. Cost of software B. Cost-benefit analysis C. Implementation timeframe D. Industry benchmarks Answer: B Question #:2 - (Exam Topic 2) What is the MAIN reason for an organization to develop an incident response plan? Identify training requirements for the incident response team. Priorities treatment based on incident critically. What is the MAIN reason for an organization to develop an incident response plan? A. Identity training requirements for the incident response team. B. Prioritize treatment based on incident criticality. C. Trigger immediate recovery procedures. D. Provide a process for notifying stakeholders of trie incident. Answer: C Verified Solution - 100% Result 2 of 6 Pass Exam Isaca - CISM Topic 4, Exam Pool D Question #:3 - (Exam Topic 4) Which of the following is the MOST important characteristic of an effective security policy? A. The policy has been validated by business owners. B. The policy includes actionable procedures. C. The policy provides broad organizational direction. D. The policy is aligned to industry best practice. Answer: C Question #:4 - (Exam Topic 4) Which of the following has the PRIMARY responsibility of ensuring an organizations information security strategy supports business goals? A. Chief information security officer (CISO) B. Information security steering committee C. Audit committee D. Chief executive officer (CEO) Answer: B Verified Solution - 100% Result 3 of 6 Pass Exam Isaca - CISM Topic 3, Exam pool C Question #:5 - (Exam Topic 3) Which of the following is the MOST important consideration when developing an incident management program? A. IT architecture B. Impact assessment C. Risk assessment D. Escalation procedures Answer: D Question #:6 - (Exam Topic 3) After assessing risk, the decision to treat the risk should be based PRIMARILY on: A. whether the level of risk exceeds risk appetite. B. the criticality of the risk. C. whether the level of risk exceeds inherent risk. D. availability of financial resources. Answer: A Verified Solution - 100% Result 4 of 6 Pass Exam Isaca - CISM Topic 5, Exam Pool E Question #:7 - (Exam Topic 5) Which of the following models provides a client organization with the MOST administrative control over a cloud-hosted environment? A. Software as a Service (SaaS) B. Infrastructure as a Service (laaS) C. Platform as a Service (PaaS) D. Storage as a Service (SaaS) Answer: B Question #:8 - (Exam Topic 5) The MOST effective way to communicate the level of impact of information security risks on organizational objectives is to present A. detailed threat analysis results. B. business impact analysis (BIA) results. C. risk treatment options. D. a risk heat map. Answer: D Verified Solution - 100% Result 5 of 6 Pass Exam Isaca - CISM Topic 1, Exam Pool A Question #:9 - (Exam Topic 1) The PRIMARY benefit of integrating information security activities into change management processes is to: A. provide greater accountability for security-related changes In the business B. protect the organization from unauthorized changes. C. protect the business from collusion and compliance threats. D. ensure required controls are Included in changes. Answer: B Question #:10 - (Exam Topic 1) Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan? A. Mature security policy B. Information security roles and responsibilities C. Organizational information security awareness D. Organizational culture Answer: D Verified Solution - 100% Result 6 of 6 About dumpscafe.com dumpscafe.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: [email protected] Feedback: [email protected] Support: [email protected] Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.