Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. ISACA
  5. CISM

Certified Information Security Manager
CISM Exam

Which of the following is characteristic of centralized information security management?

  1. More expensive to administer
  2. Better adherence to policies
  3. More aligned with business unit needs
  4. Faster turnaround of requests

Answer(s): B

Explanation:

Centralization of information security management results in greater uniformity and better adherence to security policies. It is generally less expensive to administer due to the economics of scale. However, turnaround can be slower due to the lack of alignment with business units.



Successful implementation of information security governance will FIRST require:

  1. security awareness training.
  2. updated security policies.
  3. a computer incident management team.
  4. a security architecture.

Answer(s): B

Explanation:

Updated security policies are required to align management objectives with security procedures; management objectives translate into policy; policy translates into procedures. Security procedures will necessitate specialized teams such as the computer incident response and management group as well as specialized tools such as the security mechanisms that comprise the security architecture. Security awareness will promote the policies, procedures and appropriate use of the security mechanisms.



Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group?

  1. Information security manager
  2. Chief operating officer (COO)
  3. Internal auditor
  4. Legal counsel

Answer(s): B

Explanation:

The chief operating officer (COO) is highly-placed within an organization and has the most knowledge of business operations and objectives. The chief internal auditor and chief legal counsel are appropriate members of such a steering group. However, sponsoring the creation of the steering committee should be initiated by someone versed in the strategy and direction of the business. Since a security manager is looking to this group for direction, they are not in the best position to oversee formation of this group.



The MOST important component of a privacy policy is:

  1. notifications.
  2. warranties.
  3. liabilities.
  4. geographic coverage.

Answer(s): A

Explanation:

Privacy policies must contain notifications and opt-out provisions: they are a high-level management statement of direction. They do not necessarily address warranties, liabilities or geographic coverage, which are more specific.




Dan
Ans to 355 is wrong, pls have a certified to work on the answers again pls
- Anonymous
Upvote


dnllin
366 Ans Hypervisor-level software patching is wrong, should be B - Customers are responsible for managing their data (including encryption options) Why there are so many wrong answers?
- UNITED STATES
Upvote


dnllin
Q342: Which AWS service or feature for technical assistance is available to a user who has the AWS Basic Support plan? - Ans AWS senior support engineers is wrong. Should be D. Basic Support offers support for account and billing questions and service quota increases. The other plans offer a number of technical support cases with pay-by-the-month pricing and no long-term contracts.
- UNITED STATES
Upvote


Dnllin
Which AWS services or features enable users to connect on-premises networks to a VPC? (Choose two.) Answer(s): A,D. D (VPC peering) is wrong. C is correct - AWS Direct Connect. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office,
- UNITED STATES
Upvote


Lin Tzu
QUESTION: 154 - answer (D) - Transit gateway is wrong, should be C & E. Below are the components of the site to site VPN: Customer Gateway: A customer gateway is a physical device or software application on your side of the Site-to-Site VPN connection. Virtual Private Gateway: A virtual private gateway is the VPN concentrator on the AWS side of the Site-to-Site VPN connection. You create a virtual private gateway and attach it to the VPC from which you want to create the Site-to-Site VPN connection.
- Anonymous
Upvote


saritha
I have passed the exam thankyou
- UNITED STATES
Upvote


Tzu Lin
What are the benefits of consolidated billing for AWS Cloud services? (Choose two.) Answer(s): C,E C) One bill for multiple accounts E) Custom cost and usage budget creation E seems incorrect, should be A = Volume discounts (Combined usage – You can combine the usage across all accounts in the organization to share the volume pricing discounts)
- UNITED STATES
Upvote


Niraj
Questions are valid. I just passed.
- India
Upvote


Sarah
Fantastic effort on the practice exam!
- UNITED STATES
Upvote


Marcus
Impressive work on this exam dumps. Love the free version.
- CANADA
Upvote

Read more ...