
[2025年最新] 高合格率な最新無料CISM試験問題集アンサーを使おう
CISM知能問題集PDF!ISACA CISM試験問セット
CISM認定試験は150問の多肢選択問題から成り、情報セキュリティガバナンス、リスクマネジメント、情報セキュリティプログラムの開発と管理、事件管理と対応の4つの主要な分野をカバーしています。受験者は4時間以内に試験を完了し、800点満点中450点以上を取得する必要があります。この試験は複数の言語で提供され、世界中のテストセンターで受験することができます。CISM認定を取得することは、情報セキュリティへの取り組みを示し、個人に求職市場での競争力を与えます。
質問 # 520
The BEST way to identify the risk associated with a social engineering attack is to
- A. review single sign-on authentication logs
- B. monitor the intrusion detection system (IDS)
- C. perform a business risk assessment of the email filtering system
- D. test user knowledge of information security practices.
正解:D
質問 # 521
The PRIMARY benefit of introducing a single point of administration in network monitoring is that it:
- A. promotes efficiency in control of the environment.
- B. prevents inconsistencies in information in the distributed environment.
- C. reduces unauthorized access to systems.
- D. allows administrative staff to make management decisions.
正解:A
解説:
A single point of administration in network monitoring is a centralized system that allows network administrators to manage and monitor the entire network from one location. A single point of administration can provide several benefits, such as:
Promoting efficiency in control of the environment: A single point of administration can simplify and streamline the network management tasks, such as configuration, troubleshooting, performance optimization, security updates, backup and recovery, etc. It can also reduce the time and cost of network maintenance and administration, as well as improve the consistency and quality of network services.
Reducing unauthorized access to systems: A single point of administration can enhance the network security by implementing centralized authentication, authorization and auditing mechanisms. It can also enforce consistent security policies and standards across the network, and detect and respond to any unauthorized or malicious activities.
Preventing inconsistencies in information in the distributed environment: A single point of administration can ensure the data integrity and availability by synchronizing and replicating the data across the network nodes.
It can also provide a unified view of the network status and performance, and facilitate the analysis and reporting of network data.
Allowing administrative staff to make management decisions: A single point of administration can support the decision-making process by providing relevant and timely information and feedback to the network administrators. It can also enable the administrators to implement changes and improvements to the network based on the business needs and objectives.
Therefore, the primary benefit of introducing a single point of administration in network monitoring is that it promotes efficiency in control of the environment, as it simplifies and streamlines the network management tasks and improves the network performance and quality. References = CISM Review Manual, 16th Edition eBook | Digital | English1, Chapter 4: Information Security Program Development and Management, Section
4.3: Information Security Program Resources, Subsection 4.3.1: Information Security Infrastructure and Architecture, Page 205.
質問 # 522
Which of the following is MOST closely associated with a business continuity program?
- A. Updating the hot site equipment configuration every quarter
- B. Confirming that detailed technical recovery plans exist
- C. Periodically testing network redundancy
- D. Developing recovery time objectives (RTOs) for critical functions
正解:D
解説:
Section: INCIDENT MANAGEMENT AND RESPONSE
Explanation:
Technical recovery plans, network redundancy and equipment needs are all associated with infrastructure disaster recovery. Only recovery time objectives (RTOs) directly relate to business continuity.
質問 # 523
Which of the following is MOST important to consider when choosing a shared alternate location for computing facilities?
- A. Resource availability
- B. The organization's mission
- C. Incident response team training
- D. The organization's risk tolerance
正解:D
解説:
The organization's risk tolerance is the most important factor to consider when choosing a shared alternate location for computing facilities, because it determines the acceptable level of risk exposure and the required recovery time objectives (RTOs) and recovery point objectives (RPOs) for the organization's critical business processes and information assets. Resource availability, the organization's mission, and incident response team training are also important considerations, but they are secondary to the risk tolerance.
Reference = CISM Review Manual, 16th Edition, page 290
質問 # 524
Which of the following is the PRIMARY reason social media has become a popular target for attack?
- A. The prevalence of strong perimeter.
- B. The element of trust created by social media.
- C. The reduced effectiveness of access controls.
- D. The accessibility of social media from multiple locations.
正解:D
解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
質問 # 525
Authorization can BEST be accomplished by establishing:
- A. who users can do when they are granted system access.
- B. the ownership of the data
- C. how users identify themselves to information systems.
- D. whether users are who they say they are
正解:A
質問 # 526
Which of the following BEST enables an organization to identify and contain security incidents?
- A. Continuous monitoring
- B. Risk assessments
- C. Threat modeling
- D. Tabletop exercises
正解:A
解説:
Explanation
= Continuous monitoring is the process of collecting, analyzing, and reporting on the security status of an organization's information systems and networks. Continuous monitoring enables an organization to identify and contain security incidents by providing timely and accurate information on the security events, alerts, incidents, and threats that may affect the organization. Continuous monitoring also helps to measure the effectiveness and compliance of the security controls, policies, and procedures that are implemented to protect the organization's information assets. Continuous monitoring can be performed using various tools and methods, such as security information and event management (SIEM) tools, intrusion detection and prevention systems (IDS/IPS), vulnerability scanners, log analyzers, and audit trails.
References = CISM Manual1, Chapter 6: Incident Response Planning (IRP), Section 6.2: Continuous Monitoring2
1: https://store.isaca.org/s/store#/store/browse/cat/a2D4w00000Ac6NNEAZ/tiles 2: 3
質問 # 527
Which of the following is the MOST important consideration for a global organization that is designing an information security awareness program?
- A. Program costs
- B. Local languages
- C. National regulations
- D. Cultural backgrounds
正解:C
質問 # 528
An information security team is planning a security assessment of an existing vendor. Which of the following approaches is MOST helpful for properly scoping the assessment?
- A. Review controls listed in the vendor contract
- B. Focus the review on the infrastructure with the highest risk
- C. Determine whether the vendor follows the selected security framework rules
- D. Review the vendor's security policy
正解:A
解説:
Reviewing controls listed in the vendor contract is the most helpful approach for properly scoping the security assessment of an existing vendor because it helps to determine the security requirements and expectations that the vendor has agreed to meet. A vendor contract is a legal document that defines the terms and conditions of the business relationship between the organization and the vendor, including the scope, deliverables, responsibilities, and obligations of both parties. A vendor contract should also specify the security controls that the vendor must implement and maintain to protect the organization's data and systems, such as encryption, authentication, access control, backup, monitoring, auditing, etc. Reviewing controls listed in the vendor contract helps to ensure that the security assessment covers all the relevant aspects of the vendor's security posture, as well as to identify any gaps or discrepancies between the contract and the actual practices. Therefore, reviewing controls listed in the vendor contract is the correct answer.
Reference:
https://medstack.co/blog/vendor-security-assessments-understanding-the-basics/
https://www.ncsc.gov.uk/files/NCSC-Vendor-Security-Assessment.pdf
https://securityscorecard.com/blog/how-to-conduct-vendor-security-assessment
質問 # 529
Which of the following is the MOST essential element of an information security program?
- A. Prioritizing program deliverables based on available resources
- B. Benchmarking the program with global standards for relevance
- C. Involving functional managers in program development
- D. Applying project management practices used by the business
正解:C
解説:
Involving functional managers in program development is the most essential element of an information security program, because they are responsible for ensuring that the information security policies, standards, and procedures are implemented and enforced within their respective business units. They also provide input and feedback on the information security requirements, risks, and controls that affect their operations and objectives.
References =
CISM Review Manual, 16th Edition, ISACA, 2020, p. 37: "Functional managers are responsible for ensuring that the information security policies, standards, and procedures are implemented and enforced within their respective business units." CISM Review Manual, 16th Edition, ISACA, 2020, p. 38: "Functional managers should be involved in the development of the information security program to provide input and feedback on the information security requirements, risks, and controls that affect their operations and objectives."
質問 # 530
Which of the following is the FIRST step in developing a business continuity plan (BCP)?
- A. Identify the applications with the shortest recovery time objectives (RTOs).
- B. Determine available resources.
- C. Determine the business recovery strategy.
- D. Identify critical business processes.
正解:D
質問 # 531
An organization's disaster recovery plan (DRP) is documented and kept at a disaster recovery site. Which of the following is the BEST way to ensure the plan can be carried out in an emergency?
- A. Maintain an outsourced contact center in another country
- B. Require disaster recovery documentation be stored with all key decision makers
- C. Store disaster recovery documentation in a public cloud
- D. Provide annual disaster recovery training to appropriate staff
正解:D
質問 # 532
Which of the following is MOST important lo track for determining the effectiveness of an information security program?
- A. Key performance indicators (KPls)
- B. Key risk indicators (KRIs)
- C. Return on investment (ROl)
- D. Service level agreements (SLAs)
正解:A
質問 # 533
To determine how a security breach occurred on the corporate network, a security manager looks at the logs of various devices. Which of the following BEST facilitates the correlation and review of these logs?
- A. Time server
- B. Domain name server (DNS)
- C. Proxy server
- D. Database server
正解:A
解説:
Explanation/Reference:
Explanation:
To accurately reconstruct the course of events, a time reference is needed and that is provided by the time server. The other choices would not assist in the correlation and review of these logs.
質問 # 534
An organization is leveraging tablets to replace desktop computers shared by shift-based staff These tablets contain critical business data and are inherently at increased risk of theft Which of the following will BEST help to mitigate this risk''
- A. Create an acceptable use policy.
- B. Implement remote wipe capability.
- C. Deploy mobile device management (MDM)
- D. Conduct a mobile device risk assessment
正解:D
解説:
A key risk indicator (KRI) is a metric that provides an early warning of potential exposure to a risk. A KRI should be relevant, measurable, timely, and actionable. The most important factor in an organization's selection of a KRI is the criticality of information, which means that the KRI should reflect the value and sensitivity of the information assets that are exposed to the risk. For example, a KRI for data breach risk could be the number of unauthorized access attempts to a database that contains confidential customer data. The criticality of information helps to prioritize the risks and focus on the most significant ones. References:
https://www.isaca.org/credentialing/cism https://www.wiley.com/en-us
/CISM+Certified+Information+Security+Manager+Study+Guide-p-9781119801948
質問 # 535
Which of the following is MOST helpful in determining the criticality of an organization's business functions?
- A. Security assessment report (SAR)
- B. Disaster recovery plan (DRP)
- C. Business impact analysis (BIA)
- D. Business continuity plan (BCP)
正解:C
解説:
Business impact analysis (BIA) is the most helpful in determining the criticality of an organization's business functions because it is a process of identifying and evaluating the potential effects of disruptions or interruptions to those functions. BIA helps to prioritize the recovery of the most critical functions and to estimate the resources and time needed for the recovery. Therefore, business impact analysis (BIA) is the correct answer.
References:
* https://www.linkedin.com/pulse/business-continuity-critical-functions-tino-marquez
* https://www.techtarget.com/searchitchannel/feature/Business-impact-analysis-for-business-continuity- Understanding-impact-criticality
質問 # 536
Which of the following BEST facilitates the effective execution of an incident response plan?
- A. The plan is based on risk assessment results.
- B. The plan is based on industry best practice.
- C. The incident response plan aligns with the IT disaster recovery plan.
- D. The response team is trained on the plan.
正解:A
質問 # 537
Which of the following would BEST enable the help desk to recognize an information security incident?
- A. Require the help desk to participate in past-incident reviews.
- B. Include members of the help desk on the security incident response team.
- C. Provide the help desk with criteria for security incidents.
- D. Train the help desk to review the call logs.
正解:C
質問 # 538
During the due diligence phase of an acquisition, the MOST important course of action for an information security manager is to:
- A. review information security policies
- B. review the state of security awareness.
- C. perform a gap analysis.
- D. perform a risk assessment
正解:C
質問 # 539
A department has reported that a security control is no longer effective. Which of the following is the information security manager's BEST course of action?
- A. Report the failure to management
- B. Replace the control
- C. Assess the control state
- D. Check for defense in depth
正解:C
解説:
The best first step is to assess the control state to determine why it is ineffective and whether adjustments, replacements, or compensating controls are needed.
"Regularly assess the effectiveness of security controls to ensure they are providing the intended level of protection."
- CISM Review Manual 15th Edition, Chapter 3: Information Security Program Development and Management, Section: Control Monitoring and Assessment* ISACA practice questions stress that assessing the control state comes before taking further action.
質問 # 540
A penetration test against an organization's external web application shows several vulnerabilities. Which of the following presents the GREATEST concern?
- A. Vulnerabilities were not found by internal tests.
- B. Exploit code for one of the vulnerabilities is publicly available.
- C. Vulnerabilities were caused by insufficient user acceptance testing (UAT).
- D. Atules of engagement form was not signed prior to the penetration test.
正解:B
質問 # 541
Which of the following is the GREATEST benefit of effective information security governance?
- A. The information security budget is aligned to the organization.
- B. Treatment priorities are based on risk exposure.
- C. Information security standards are communicated to primary stakeholders.
- D. Executive management's strategy is aligned to the information security strategy.
正解:D
質問 # 542
Which of the following is the MAIN benefit of performing an assessment of existing incident response processes?
- A. Validation of current capabilities
- B. Identification of threats and vulnerabilities
- C. Benchmarking against industry peers
- D. Prioritization of action plans
正解:B
質問 # 543
To justify its ongoing security budget, which of the following would be of MOST use to the information security' department?
- A. Peer group comparison
- B. Annualized loss expectancy (ALE)
- C. Cost-benefit analysis
- D. Security breach frequency
正解:C
解説:
Explanation
Cost-benefit analysis is the legitimate way to justify budget. The frequency of security breaches may assist the argument for budget but is not the key tool; it does not address the impact. Annualized loss expectancy (ALE) does not address the potential benefit of security investment. Peer group comparison would provide a good estimate for the necessary security budget but it would not take into account the specific needs of the organization.
質問 # 544
Which of the following should be the MOST important consideration when establishing information security policies for an organization?
- A. Job descriptions include requirements to read security policies.
- B. The policies are aligned to industry best practices.
- C. Senior management supports the policies.
- D. The policies are updated annually.
正解:C
質問 # 545
......
ISACA CISM問題集PDFを使ってベストオプションを目指そう:https://jp.fast2test.com/CISM-premium-file.html
2025年最新のCISMサンプル問題は頼もしいCISMテストエンジン:https://drive.google.com/open?id=1NfCtUc_M9aNkt5KK9FBynYzQCdrmLrtq