Scribd Like Upload a Document

in Share

Search Documents

Explore

Embed Doc Copy Link Readcast Collections Comments Download Nikhil Kargaonkar

Isaca CISM

Isaca CISM: Practice Exam QUESTION NO: 1 Senior management commitment and support for information security can BEST be obtained through presentations that: A. use illustrative examples of successful attacks. B. explain the technical risks to the organization. Isaca CISM: practices. C. evaluate the organization against best security Practice Exam C. liabilities risks to key business objectives. D. tie security D. geographic coverage Answer: D Answer: A Explanation: Explanation: Senior management seeks to understand the business justification for investing in security. This

Privacy policies must contain notifications and key business objectives. are a high-level can best be accomplished by tying security to opt-out provisions; they management statement of direction. Isaca do in technical risksaddress warranties, liabilities or They CISM: Practice Exam Senior management will not be as interested not necessarily or examples of successful attacks if geographic coverage, which areon business environment and objectives. Industry best practices are they are not tied to the impact more specific. important to senior management but, again, senior management will give them the right level of QUESTION NO: 6 they are presented in terms of key business objectives. importance when QUESTION NO: 4 What will have the HIGHEST impact on standard information security governance models?

Updated: Nov 14, 2009 B. Distance best practices A. Industry between physical locations Which of the following is characteristic of centralized information security management? C. Informationof organizational structure Version 1.0 B. Complexity technology plans D. Information security best practices C. Organizational to administer A. More expensivebudget
D. Business objectives policies B. Better adherence to and goals Answer: C C. More aligned with business unit needs Answer: D D. Faster turnaround of requests Explanation:

It is MOST important that information security architecture be aligned with which of the following? QUESTION of employees A. Number NO: 2

Information security governance models are highly dependent on the overall organizational Explanation: Answer: B structure. Some of the elements that impact organizational structure are business missions and Information security architecture should always be properly aligned with multiple goals and functions across the organization, leadership and lines of communication. Number of employees objectives. Alignment with IT plans or industry and security best practices is secondary by Explanation:

proper governance. scale. However, turnaround can be slower due to the lack of alignment with business units. Organizational budget is not a major impact once good governance models are in place, hence QUESTION NO: 5 governance will help in effective management of the organization's budget. Security technologies should be selected PRIMARILY on the basis of their: QUESTION NO: 3

and distance of information security management results in greater uniformity and better comparison. Centralizationbetween physical locations have less impact on information security governance models since security policies. It is generally less expensive to administer due to the provide the adherence to well-defined process, technology and people components intermingle toeconomies of

m o CISM Certified Information Security Manager .c Practice Test s r e w om s c n . s lA r a e tu sw om c n c . A A s l r a e u w t

A. ability to mitigate business risks The MOST important component of a privacy policy is: QUESTION NO: 7 B. evaluations in trade publications

C. use of new and emerging technologies A. notificationsgoal in developing an information security strategy is to: The PRIMARY D. warranties comparison to their costs B. benefits in A. establish security metrics and performance monitoring. Answer: A business process owners regarding their duties. B. educate "Certification Depends on Only One Thing" 2 C. ensure that legal and regulatory requirements are met. - www.actualanswers.com Explanation: D. support the business objectives of the organization. The most fundamental evaluation criteria for the appropriate selection of any security technology is its abilityD reduce or eliminate business risks. Investments in security technologies should be Answer: to based on their overall value in relation to their cost; the value can be demonstrated in terms of risk Explanation: mitigation. This should take precedence over whether they use new or exotic technologies or how The business objectives of the organization supersede all other factors. they are evaluated in trade publications. Establishing metrics and measuring performance, meeting legal and regulatory requirements, and "Certification Depends on Only One Thing" - www.actualanswers.com educating business process owners are all subordinate to this overall goal.

s c n A A l a u t c A

QUESTION NO: 8 What is the PRIMARY role of the information security manager in the process of information classification within an organization? "Certification Depends on Only One Thing" - www.actualanswers.com 4

Leave a Comment

Submit Characters: 400

QUESTION NO: 88 for CISM

Download or Print 1,721 Reads Uploaded by ojegil

TIP Press Ctrl-F to quickly search anywhere in the document.

Sections
QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106

QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION QUESTION

NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO: NO:

107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300

119 p.

CISM

Upload a Document Search Documents Follow Us! scribd.com/scribd twitter.com/scribd facebook.com/scribd About Press Blog Partners Scribd 101 Web Stuff Support FAQ Developers / API Jobs Terms Copyright Privacy Copyright 2012 Scribd Inc. Language: English