ISACA CISMリアル試験問題解答は無料 [Q165-Q184]

Share

ISACA CISMリアル試験問題解答は無料

試験問題集でCISM練習無料最新のISACA練習テスト

質問 165
Which of the following would BEST assist an information security manager in measuring the existing level of development of security processes against their desired state?

  • A. Capability maturity model (CMM)
  • B. Security audit reports
  • C. Systems and business security architecture
  • D. Balanced scorecard

正解: A

解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
Explanation:
The capability maturity model (CMM) grades each defined area of security processes on a scale of 0 to 5 based on their maturity, and is commonly used by entities to measure their existing state and then determine the desired one. Security audit reports offer a limited view of the current state of security.
Balanced scorecard is a document that enables management to measure the implementation of their strategy and assists in its translation into action. Systems and business security architecture explain the security architecture of an entity in terms of business strategy, objectives, relationships, risks, constraints and enablers, and provides a business-driven and business-focused view of security architecture.

 

質問 166
Which of the following processes would BEST aid an information security manager in resolving systemic security issues?

  • A. Root cause analysis
  • B. Security reviews
  • C. Reinforced security controls
  • D. Business impact anal/sis (BIA)

正解: A

 

質問 167
Attacks using multiple methods to spread should be classified:

  • A. at the highest potential level of business impact
  • B. using multiple classifications for each impact
  • C. depending on the method used to spread
  • D. each time the exposure is experienced

正解: A

解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT

 

質問 168
A new port needs to be opened in a perimeter firewall. Which of the following should be the FIRST step before initiating any changes?

  • A. Obtain approval from senior management.
  • B. Conduct a penetration test.
  • C. Back up the firewall configuration and policy files.
  • D. Prepare an impact assessment report.

正解: D

解説:
Explanation/Reference:
Explanation:
An impact assessment report needs to be prepared first by providing the justification for the change, analysis of the changes to be made, the impact if the change does not work as expected, priority of the change and urgency of the change request. Choices B. C and D could be important steps, but the impact assessment report should be performed before the other steps.

 

質問 169
What information is MOST helpful in demonstrating to senior management how information security governance aligns with business objectives?

  • A. Drafts of proposed policy changes
  • B. Metrics of key information security deliverables
  • C. A list of monitored threats, risks, and exposures
  • D. Updates on information security projects in development

正解: B

 

質問 170
What is the BEST way to reduce the impact of a successful ransomware attack?

  • A. Purchase or renew cyber insurance policies.
  • B. Mionitor the network and provide alerts on intrusions.
  • C. Perform frequent backups and store them offline.
  • D. Include provisions to pay ransoms in the information security budget.

正解: D

 

質問 171
Primary direction on the impact of compliance with new regulatory requirements that may lead to major application system changes should be obtained from the:

  • A. corporate internal auditor.
  • B. corporate legal counsel.
  • C. System developers/analysts.
  • D. key business process owners.

正解: D

解説:
Explanation
Business process owners are in the best position to understand how new regulatory requirements may affect their systems. Legal counsel and infrastructure management, as well as internal auditors, would not be in as good a position to fully understand all ramifications.

 

質問 172
When considering whether to adopt bring your own device (BYOD). it is MOST important for the information security manager to ensure that:

  • A. business leaders have an understanding of security risks.
  • B. users have read and signed acceptable use agreements.
  • C. the applications are tested prior to implementation.
  • D. security controls are applied to each device when joining the network.

正解: A

 

質問 173
Which of the following circumstances would MOST likely require a review and update to an organization's information security incident response plan?

  • A. A new business strategy has been developed.
  • B. The organizational structure has changed.
  • C. A high-risk vulnerability has been detected.
  • D. A new business application has been implemented.

正解: B

 

質問 174
When considering the value of assets, which of the following would give the information security manager the MOST objective basis for measurement of value delivery in information security governance?

  • A. Test results of controls
  • B. Number of controls
  • C. Effectiveness of controls
  • D. Cost of achieving control objectives

正解: D

解説:
Section: INFORMATION SECURITY PROGRAM DEVELOPMENT
Explanation:
Comparison of cost of achievement of control objectives and corresponding value of assets sought to be protected would provide a sound basis for the information security manager to measure value delivery. Number of controls has no correlation with the value of assets unless the effectiveness of the controls and their cost are also evaluated. Effectiveness of controls has no correlation with the value of assets unless their costs are also evaluated. Test results of controls have no correlation with the value of assets unless the effectiveness of the controls and their cost are also evaluated.

 

質問 175
When recommending a preventive control against cross-site scripting in web applications, an information security manager is MOST likely to suggest:

  • A. hardening of the web server s operating system.
  • B. using nffps in place of http.
  • C. consolidating multiple sites into a single portal.
  • D. coding standards and code review.

正解: D

 

質問 176
A new regulation for safeguarding information processed by a specific type of transaction has come to the attention of an information security officer. The officer should FIRST:

  • A. assess whether existing controls meet the regulation.
  • B. analyze key risks in the compliance process.
  • C. update the existing security/privacy policy.
  • D. meet with stakeholders to decide how to comply.

正解: A

解説:
Explanation
If the organization is in compliance through existing controls, the need to perform other work related to the regulation is not a priority. The other choices are appropriate and important; however, they are actions that are subsequent and will depend on whether there is an existing control gap.

 

質問 177
Which of the following should be the GREATEST concern when considering launching a counterattack in response to a network attack?

  • A. Denial of service attacks on the external source
  • B. Incident impact escalation
  • C. Digital evidence contamination
  • D. Legal ramifications

正解: D

 

質問 178
When developing security standards, which of the following would be MOST appropriate to include?

  • A. Acceptable use of IT assets
  • B. operating system requirements
  • C. Accountability for licenses
  • D. Inventory management

正解: A

 

質問 179
Which of the following is the MAIN objective in contracting with an external company to perform penetration testing?

  • A. To receive an independent view of security exposures
  • B. To mitigate technical risks
  • C. To have an independent certification of network security
  • D. To identify a complete list of vulnerabilities

正解: A

解説:
Explanation
Even though the organization may have the capability to perform penetration testing with internal resources, third-party penetration testing should be performed to gain an independent view of the security exposure.
Mitigating technical risks is not a direct result of a penetration test. A penetration test would not provide certification of network security nor provide a complete list of vulnerabilities.

 

質問 180
When properly tested, which of the following would MOST effectively support an information security manager in handling a security breach?

  • A. Disaster recovery plan
  • B. Incident response plan
  • C. Vulnerability management plan
  • D. Business continuity plan

正解: B

解説:
Explanation
An incident response plan documents the step-by-step process to follow, as well as the related roles and responsibilities pertaining to all parties involved in responding to an information security breach. A business continuity plan or disaster recovery plan would be triggered during the execution of the incident response plan in the case of a breach impacting the business continuity. A vulnerability management plan is a procedure to address technical vulnerabilities and mitigate the risk through configuration changes (patch management).

 

質問 181
Security awareness training is MOST likely to lead to which of the following?

  • A. Increase in reported incidents
  • B. Decrease in intrusion incidents
  • C. Decrease in security policy changes
  • D. Increase in access rule violations

正解: A

解説:
Reported incidents will provide an indicator as to the awareness level of staff. An increase in reported incidents could indicate that staff is paying more attention to security. Intrusion incidents and access rule violations may or may not have anything to do with awareness levels. A decrease in changes to security policies may or may not correlate to security awareness training.

 

質問 182
The objective of risk management is to reduce risk to the minimum level that is:

  • A. achievable from technical and financial perspectives.
  • B. compliant with security policies
  • C. practical given industry and regulatory environments.
  • D. acceptable given the preference of the organization.

正解: B

 

質問 183
The BEST way to identify the risk associated with a social engineering attack is to

  • A. review single sign-on authentication logs
  • B. monitor the intrusion detection system (IDS)
  • C. perform a business risk assessment of the email filtering system
  • D. test user knowledge of information security practices.

正解: D

 

質問 184
......


ISACA CISM 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • 情報セキュリティインシデント管理
トピック 2
  • 情報ネットワークのセキュリティ管理への期待
トピック 3
  • 情報セキュリティプログラム
トピック 4
  • 開発と管理
トピック 5
  • 情報セキュリティガバナンス

 

確認済みCISM試験問題集と解答で時間限定無料提供!CISMには正解付き:https://jp.fast2test.com/CISM-premium-file.html

CISM試験問題、リアルCISM練習問題集:https://drive.google.com/open?id=13N9cWFyEZuSI0-ncuF416bMxSqXQ6WlX


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어