CISM Exam Test Questions With 100% Verified
Solutions
1. Which of the following BEST indicates the probability that a successful attack will
occur?
A. Value of the target and level of protection is high
B. Motivation and ability of the attacker is high
C. Value of the target is high and protection is low
D. Motivation of the attacker and value of the target is high - ANSWER- Value of the
target is high and protection is low
2. The results of an organizational risk analysis should FIRST be shared with:
A. external
auditors.
B.
stockholders.
C. senior
management.
D. peer organizations. - ANSWER-
senior management
3. The GREATEST reduction in overhead costs for
security administration would be
provided by:
A. mandatory access control.
B. role-based access control.
C. decentralized access control. D. discretionary access control. - ANSWER- role-based
access control
4. The BEST reason for an organization to have two discrete firewalls connected
directly to the Internet and to the same DMZ would be to:
A. provide defense in-depth.
B. separate test and production.
C. permit traffic load balancing.
D. prevent a denial-of-service attack. - ANSWER- permit traffic load balancing
,5. Accountability by business process owners can BEST be obtained through:
A. periodic reminder memorandums.
B. strict enforcement of policies.
C. policies signed by IT management.
D. education and awareness meetings. - ANSWER- education and awareness meetings
26. Which of the following is the BEST method for ensuring that security procedures
and guidelines are read and understood?
A. Periodic focus group meetings
B. Periodic reminder memos to management
C. Computer-based training (CBT) presentations
D. Employees signing an acknowledgement of receipt - ANSWER- Computer-based
training (CBT) presentations
8. Which of the following is the MOST effective solution for preventing internal users
from modifying sensitive and classified information?
A. Baseline security standards
B. System access logs
C. Role-based access controls
D. Intrusion detection system - ANSWER- Role-based access controls
9. Which of the following devices should be placed within a DMZ?
A. Network switch
B. Web server
C. Database server
D. File/print server - ANSWER- Web server
10. Access to a sensitive intranet application by mobile users can BEST be
accomplished through:
A. data encryption.
B. digital signatures.
C. strong passwords.
D. two-factor authentication. - ANSWER- two-factor authentication
11. An information security program should be sponsored by:
A. infrastructure management.
B. the corporate legal department.
, C. key business process owners.
D. quality assurance management. - ANSWER- key business process owners
12. The BEST way to ensure that security settings on each platform are in compliance
with information security policies and procedures is to:
A. perform penetration testing.
B. establish security baselines.
C. implement vendor default settings.
D. link policies to an independent standard. - ANSWER- establish security baselines
13. Which of the following will MOST likely reduce the likelihood of an unauthorized
individual gaining access to computing resources by pretending to be an authorized
individual needing to have their password reset?
A. Performing reviews of password resets.
B. Conducting security awareness programs.
C. Increasing the frequency of password changes.
D. Implementing automatic password syntax checking. - ANSWER- Conducting security
awareness programs
14. Which of the following is the BEST indicator that security awareness training has
been effective?
A. Have employees sign to confirm they have read the security policy.
B. More incidents are being reported.
C. A majority of employees have received training.
D. Feedback forms from training are favorable. - ANSWER- More incidents are being
reported
15. Which of the following metrics would be the MOST useful in measuring how
well
information security is monitoring violation logs? The number
of:
A. penetration attempts
investigated.
B. violation log reports
reviewed.
C. violation log entries
reviewed.
D. hours charged to the review process. - ANSWER- penetration attempts
investigated
Solutions
1. Which of the following BEST indicates the probability that a successful attack will
occur?
A. Value of the target and level of protection is high
B. Motivation and ability of the attacker is high
C. Value of the target is high and protection is low
D. Motivation of the attacker and value of the target is high - ANSWER- Value of the
target is high and protection is low
2. The results of an organizational risk analysis should FIRST be shared with:
A. external
auditors.
B.
stockholders.
C. senior
management.
D. peer organizations. - ANSWER-
senior management
3. The GREATEST reduction in overhead costs for
security administration would be
provided by:
A. mandatory access control.
B. role-based access control.
C. decentralized access control. D. discretionary access control. - ANSWER- role-based
access control
4. The BEST reason for an organization to have two discrete firewalls connected
directly to the Internet and to the same DMZ would be to:
A. provide defense in-depth.
B. separate test and production.
C. permit traffic load balancing.
D. prevent a denial-of-service attack. - ANSWER- permit traffic load balancing
,5. Accountability by business process owners can BEST be obtained through:
A. periodic reminder memorandums.
B. strict enforcement of policies.
C. policies signed by IT management.
D. education and awareness meetings. - ANSWER- education and awareness meetings
26. Which of the following is the BEST method for ensuring that security procedures
and guidelines are read and understood?
A. Periodic focus group meetings
B. Periodic reminder memos to management
C. Computer-based training (CBT) presentations
D. Employees signing an acknowledgement of receipt - ANSWER- Computer-based
training (CBT) presentations
8. Which of the following is the MOST effective solution for preventing internal users
from modifying sensitive and classified information?
A. Baseline security standards
B. System access logs
C. Role-based access controls
D. Intrusion detection system - ANSWER- Role-based access controls
9. Which of the following devices should be placed within a DMZ?
A. Network switch
B. Web server
C. Database server
D. File/print server - ANSWER- Web server
10. Access to a sensitive intranet application by mobile users can BEST be
accomplished through:
A. data encryption.
B. digital signatures.
C. strong passwords.
D. two-factor authentication. - ANSWER- two-factor authentication
11. An information security program should be sponsored by:
A. infrastructure management.
B. the corporate legal department.
, C. key business process owners.
D. quality assurance management. - ANSWER- key business process owners
12. The BEST way to ensure that security settings on each platform are in compliance
with information security policies and procedures is to:
A. perform penetration testing.
B. establish security baselines.
C. implement vendor default settings.
D. link policies to an independent standard. - ANSWER- establish security baselines
13. Which of the following will MOST likely reduce the likelihood of an unauthorized
individual gaining access to computing resources by pretending to be an authorized
individual needing to have their password reset?
A. Performing reviews of password resets.
B. Conducting security awareness programs.
C. Increasing the frequency of password changes.
D. Implementing automatic password syntax checking. - ANSWER- Conducting security
awareness programs
14. Which of the following is the BEST indicator that security awareness training has
been effective?
A. Have employees sign to confirm they have read the security policy.
B. More incidents are being reported.
C. A majority of employees have received training.
D. Feedback forms from training are favorable. - ANSWER- More incidents are being
reported
15. Which of the following metrics would be the MOST useful in measuring how
well
information security is monitoring violation logs? The number
of:
A. penetration attempts
investigated.
B. violation log reports
reviewed.
C. violation log entries
reviewed.
D. hours charged to the review process. - ANSWER- penetration attempts
investigated
