Certified Information Security Manager (CISM) Quiz Questions and Answers

Answer :

The steering committee approves security projects

Explanation :

The existence of a steering committee that approves all security projects would be an indication of the existence of a good governance program. To ensure that all stakeholders impacted by security considerations are involved, many organizations use a stee

Like Dislike Comment

Comment Cancel

Answer :

The provider services all major companies in the area

Explanation :

In case of a disaster affecting a localized geographical area, the vendor’s facility and capabilities could be insufficient for all of its clients, which will all be competing for the same resource. Preference will likely be given to the larger corporatio

Like Dislike Comment

Comment Cancel

Answer :

initiate an exception process for sending the report without encryption

Explanation :

The information security manager should first assess the risk in sending the report to the regulatory authority without encryption. The information security manager can consider alternate communication channels that will address the risk and provide for t

Like Dislike Comment

Comment Cancel

Answer :

Application support team

Explanation :

Structured query language (SQL) injection is an application-based attack. Because the security operations center has detected an attempt of SQL injection and could not determine if it was successful, the information security manager should approach the ap

Like Dislike Comment

Comment Cancel

Answer :

A deviation in employee turnover

Explanation :

Significant changes in employee turnover indicate that something significant is impacting the workforce, which deserves the attention of the information security manager. If a large number of senior developers are leaving the research and development grou

Like Dislike Comment

Comment Cancel