ISACA-Certified Information Security Manager Set 16

1.

Organization A offers e-commerce services and uses secure transport protocol to protect Internet communication. To confirm communication with Organization A, which of the following would be the BEST for a client to verify?

The certificate of the e-commerce server The browser's indication of SSL use The IP address of the e-commerce server The URL of the e-commerce server

2.

Meeting which of the following security objectives BEST ensures that information is protected against unauthorized modification?

Authenticity Availability Confidentiality Integrity

3.

An information security steering group should:

provide general oversight and guidance. develop information security policies. establish information security baselines. oversee the daily operations of the security program.

4.

Which of the following should be the PRIMARY basis for an information security strategy?

The organizations vision and mission. Information security policies. Results of a comprehensive gap analysis. Audit and regulatory requirements.

5.

Which of the following is MOST important to include in monthly information security reports to the broad?

Trend analysis of security metrics Threat intelligence Root cause analysis of security incidents Risk assessment results

6.

Which of the following could be detected by a network intrusion detection system (IDS)?

Undocumented open ports Unauthorized file change Internally generated attacks Emailed virus attachments

7.

The recovery point objective (RPO) is required in which of the following?

Information security plan Incident response plan Business continuity plan Disaster recovery plan

8.

Which of the following would BEST detect malicious damage arising from an internal threat?

Access control list Encryption Fraud awareness training Job rotation

9.

Which of the following is MOST important for an information security manager to communicate to senior management regarding the security program?

Potential risks and exposures Impact analysis results Security architecture changes User roles and responsibilities

10.

Which of the following is the BEST defense against a brute force attack?

Discretionary access control Intruder detection lockout Time-of-day restrictions Mandatory access control

ISACA-Certified Information Security Manager Set 16

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

ISACA-Certified Information Security Manager Set 16

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner