CISM Certified Information Security Manager

What is the BEST way to ensure that an intruder who successfully penetrates a network will be
detected before significant damage is inflicted?

Options are :

  • Establish minimum security baselines
  • Perform periodic penetration testing
  • Install a honeypot on the network
  • Implement vendor default settings

Answer : Install a honeypot on the network

Which of the following presents the GREATEST exposure to internal attack on a network?

Options are :

  • User passwords are not automatically expired
  • User passwords are encoded but not encrypted
  • All users reside on a single internal subnet
  • All network traffic goes through a single switch

Answer : User passwords are encoded but not encrypted

CISM Information Security Program Management Practice Exam Set 1

What is the BEST way to ensure users comply with organizational security requirements for
password complexity? 

Options are :

  • Implement strict penalties for user noncompliance
  • Enable system-enforced password configuration
  • Require each user to acknowledge the password requirements
  • Include password construction requirements in the security standards

Answer : Enable system-enforced password configuration

Information security policies should:

Options are :

  • address corporate network vulnerabilities.
  • be straightforward and easy to understand.
  • be customized to specific groups and roles.
  • address the process for communicating a violation.

Answer : be straightforward and easy to understand.

Prior to having a third party perform an attack and penetration test against an organization, the
MOST important action is to ensure that: 

Options are :

  • the technical staff has been briefed on what to expect.
  • the third party provides a demonstration on a test system.
  • goals and objectives are clearly defined.
  • special backups of production servers are taken.

Answer : goals and objectives are clearly defined.

CISM Information Risk Management Certification Practice

What is the BEST method to confirm that all firewall rules and router configuration settings are
adequate?

Options are :

  • Daily review of server logs for evidence of hacker activity
  • Periodically perform penetration tests
  • Review intrusion detection system (IDS) logs for evidence of attacks
  • Periodic review of network configuration

Answer : Periodically perform penetration tests

Which of the following will BEST protect against malicious activity by a former employee?

Options are :

  • Effective termination procedures
  • Periodic awareness training
  • Close monitoring of users
  • Preemployment screening

Answer : Effective termination procedures

When a departmental system continues to be out of compliance with an information security
policy's password strength requirements, the BEST action to undertake is to: 

Options are :

  • submit the issue to the steering committee.
  • request a risk acceptance from senior management.
  • isolate the system from the rest of the network.
  • conduct an impact analysis to quantify the risks

Answer : conduct an impact analysis to quantify the risks

CISM Information Risk Management Certification Practice

What is the BEST method to verify that all security patches applied to servers were properly
documented?

Options are :

  • Trace OS patch logs to OS vendor's update documentation
  • Trace OS patch logs to change control requests
  • Trace change control requests to operating system (OS) patch logs
  • Review change control documentation for key servers

Answer : Trace OS patch logs to change control requests

Good information security standards should:

Options are :

  • address high-level objectives of the organization
  • describe the process for communicating violations.
  • define precise and unambiguous allowable limits.
  • be updated frequently as new software is released.

Answer : define precise and unambiguous allowable limits.

Of the following, the BEST method for ensuring that temporary employees do not receive
excessive access rights is:

Options are :

  • mandatory access controls.
  • discretionary access controls.
  • lattice-based access controls.
  • role-based access controls.

Answer : role-based access controls.

CISM Information Risk Management Certification

To help ensure that contract personnel do not obtain unauthorized access to sensitive information,
an information security manager should PRIMARILY:

Options are :

  • set their accounts to expire in six months or less.
  • avoid granting system administration roles.
  • ensure their access is approved by the data owner.
  • ensure they successfully pass background checks.

Answer : avoid granting system administration roles.

Which of the following areas is MOST susceptible to the introduction of security weaknesses? 

Options are :

  • Incident response management
  • Database management
  • Configuration management
  • Tape backup management

Answer : Configuration management

Which of the following is the MOST important area of focus when examining potential security
compromise of a new wireless network?

Options are :

  • Number of administrators
  • Encryption strength
  • Bandwidth
  • Signal strength

Answer : Number of administrators

CISM Information Security Program Management Practice

Which of the following provides the linkage to ensure that procedures are correctly aligned with
information security policy requirements?

Options are :

  • Security metrics
  • IT governance
  • Standards
  • Standards

Answer : Standards

Good information security procedures should: 

Options are :

  • describe security baselines for each platform.
  • define the allowable limits of behavior.
  • underline the importance of security governance.
  • be updated frequently as new software is released.

Answer : be updated frequently as new software is released.

Which of the following is MOST important to the successful promotion of good security
management practices?

Options are :

  • Security metrics
  • Periodic training
  • Management support
  • Security baselines

Answer : Management support

CISM Certified Information Security Manager

Security audit reviews should PRIMARILY:

Options are :

  • ensure that controls are cost-effective.
  • focus on preventive controls.
  • ensure that controls operate as required.
  • ensure controls are technologically current.

Answer : ensure that controls operate as required.

Nonrepudiation can BEST be assured by using: 

Options are :

  • out-of-hand channels.
  • delivery path tracing.
  • digital signatures.
  • reverse lookup translation.

Answer : digital signatures.

What is the MOST effective access control method to prevent users from sharing files with
unauthorized users?

Options are :

  • Role-based
  • Discretionary
  • Mandatory
  • Walled garden

Answer : Mandatory

CISM Information Risk Management Certification

Successful social engineering attacks can BEST be prevented through:

Options are :

  • periodic awareness training.
  • preemployment screening
  • efficient termination procedures.
  • close monitoring of users' access patterns.

Answer : periodic awareness training.

Which of the following is an inherent weakness of signature-based intrusion detection systems?

Options are :

  • Long duration probing will be missed
  • A higher number of false positives
  • New attack methods will be missed
  • Attack profiles can be easily spoofed

Answer : New attack methods will be missed

Which of the following is the MOST appropriate method for deploying operating system (OS)
patches to production application servers?

Options are :

  • Batch patches into frequent server updates
  • Set up servers to automatically download patches
  • Initially load the patches on a test machine
  • Automatically push all patches to the servers

Answer : Initially load the patches on a test machine

CISM Information Risk Management Certification

The PRIMARY reason for using metrics to evaluate information security is to: 

Options are :

  • identify security weaknesses.
  • raise awareness on security issues.
  • justify budgetary expenditures.
  • enable steady improvement.

Answer : enable steady improvement.

The BEST way to determine if an anomaly-based intrusion detection system (IDS) is properly
installed is to:

Options are :

  • benchmark the IDS against a peer site.
  • audit the configuration of the IDS.
  • simulate an attack and review IDS performance.
  • use a honeypot to check for unusual activity.

Answer : simulate an attack and review IDS performance.

What is the BEST way to ensure that contract programmers comply with organizational security
policies?

Options are :

  • Perform periodic security reviews of the contractors
  • Explicitly refer to contractors in the security standards
  • Create penalties for noncompliance in the contracting agreement
  • Have the contractors acknowledge in writing the security policies

Answer : Perform periodic security reviews of the contractors

CISM Information Risk Management Certification Practice

Which of the following is the BEST way to ensure that a corporate network is adequately secured
against external attack?

Options are :

  • Perform periodic penetration testing.
  • Establish minimum security baselines.
  • Utilize an intrusion detection system.
  • Implement vendor recommended settings.

Answer : Perform periodic penetration testing.

Data owners are normally responsible for which of the following?

Options are :

  • Applying emergency changes to application data
  • Determining the level of application security required
  • Migrating application code changes to production
  • Administering security over database records

Answer : Determining the level of application security required

What is the MAIN drawback of e-mailing password-protected zip files across the Internet? They:

Options are :

  • are decrypted by the firewall.
  • all use weak encryption.
  • may be corrupted by the receiving mail server.
  • may be quarantined by mail filters.

Answer : may be quarantined by mail filters.

Which of the following is MOST important for measuring the effectiveness of a security awareness
program? 

Options are :

  • Increased number of security violation reports
  • Increased interest in focus groups on security issues
  • A quantitative evaluation to ensure user comprehension
  • Reduced number of security violation reports

Answer : A quantitative evaluation to ensure user comprehension

A security awareness program should:

Options are :

  • address specific groups and roles.
  • address details on specific exploits.
  • promote security department procedures.
  • present top management's perspective.

Answer : address specific groups and roles.

Which of the following activities is MOST likely to increase the difficulty of totally eradicating
malicious code that is not immediately detected?

Options are :

  • Changing access rules
  • Backing up files
  • Applying patches
  • Upgrading hardware

Answer : Backing up files

CISM Information Security Governance Practice Test Set 3

Which of the following will BEST ensure that management takes ownership of the decision making
process for information security?

Options are :

  • Security awareness campaigns
  • Security- steering committees
  • Security policies and procedures
  • Annual self-assessment by management

Answer : Security- steering committees

Which of the following is the MOST important action to take when engaging third-party consultants
to conduct an attack and penetration test?

Options are :

  • Establish clear rules of engagement
  • Request a list of the software to be used
  • Provide clear directions to IT staff
  • Monitor intrusion detection system (IDS) and firewall logs closely

Answer : Establish clear rules of engagement

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now