©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
ISACA CISM 2-15 Questions with 100%
Correct Well Explained Answers
Questions Answers and Explanations
Decisions regarding information security are best supported by - Answer✔️✔️-
effective metrics
effective metrics are essential to provide information needed to make decisions.
Metrics are quantifiable entity that allows the measurement of the achievement of a
process goal.
A project manager is developing a developer portal and request that the security
manager assign a public IP address so that it can be accessed by in house staff and
by external consultants outside the organization's local area network (LAN). What
should the security manager do first? - Answer✔️✔️-understand the business
requirements of the portal
you cannot make an uninformed decision. Learn and understand the business
requirement first! Vulernability accessment and Intrustion detection systems (IDS)
are subsequent tasks
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Which of the following should be understood before defining risk management
strategies? - Answer✔️✔️-organizational objectives and risk appetite Analyze the
org's objectives and risk appetite, then define a risk mgt framework based on the
analysis; Some org's may accept known risks;
Primary concern of an info security manager documenting a formal data retention
policy is - Answer✔️✔️-Business Requirements!
Best practices are useful, but not primary; Legislative or regulatory are only
primary if they are part of the business requirments
the maturity of an info security program is primarily the result of - Answer✔️✔️-An
effective info security strategy;
Strategy provides clear direction on how the organization will attain security
outcomes and directed by senior mgt;
Other note:
Assess and analyzing risk is required to develop a strategy; provide info needed to
develop it, but will not define the scope and charter of the security program;
Security architecture is a part of a larger security plan
2
ISACA CISM 2-15 Questions with 100%
Correct Well Explained Answers
Questions Answers and Explanations
Decisions regarding information security are best supported by - Answer✔️✔️-
effective metrics
effective metrics are essential to provide information needed to make decisions.
Metrics are quantifiable entity that allows the measurement of the achievement of a
process goal.
A project manager is developing a developer portal and request that the security
manager assign a public IP address so that it can be accessed by in house staff and
by external consultants outside the organization's local area network (LAN). What
should the security manager do first? - Answer✔️✔️-understand the business
requirements of the portal
you cannot make an uninformed decision. Learn and understand the business
requirement first! Vulernability accessment and Intrustion detection systems (IDS)
are subsequent tasks
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Which of the following should be understood before defining risk management
strategies? - Answer✔️✔️-organizational objectives and risk appetite Analyze the
org's objectives and risk appetite, then define a risk mgt framework based on the
analysis; Some org's may accept known risks;
Primary concern of an info security manager documenting a formal data retention
policy is - Answer✔️✔️-Business Requirements!
Best practices are useful, but not primary; Legislative or regulatory are only
primary if they are part of the business requirments
the maturity of an info security program is primarily the result of - Answer✔️✔️-An
effective info security strategy;
Strategy provides clear direction on how the organization will attain security
outcomes and directed by senior mgt;
Other note:
Assess and analyzing risk is required to develop a strategy; provide info needed to
develop it, but will not define the scope and charter of the security program;
Security architecture is a part of a larger security plan
2
