無料セールまもなく終了!100%有効CISM試験問題集に1340問題と解答が待ってます
検証済みCISM問題集と解答であなたを合格確定させるIsaca Certification試験解答!
ISACA CISM 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
質問 779
What should an information security team do FIRST when notified by the help desk that an employee's computer has been infected with malware?
- A. Isolate the computer from the network.
- B. Use anti-malware software to clean the infected computer.
- C. Take a forensic copy of the hard drive.
- D. Restore the files from a secure backup.
正解: A
解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
質問 780
Retention of business records should PRIMARILY be based on:
- A. business ease and value analysis.
- B. storage capacity and longevity.
- C. business strategy and direction.
- D. regulatory and legal requirements.
正解: D
解説:
Retention of business records is generally driven by legal and regulatory requirements. Business strategy and direction would not normally apply nor would they override legal and regulatory requirements. Storage capacity and longevity are important but secondary issues. Business case and value analysis would be secondary to complying with legal and regulatory requirements.
質問 781
Which of the following is the BEST way to prevent recurrence of a security incident?
- A. Review and update security policy on a regular basis
- B. An appropriate investigation into the root cause with corrective measures applied
- C. An expanded and more effective monitoring and detection process for incidents
- D. Management support and approval of the incident response plan
正解: B
質問 782
A risk analysis for a new system is being performed.
For which of the following is business knowledge MORE important than IT knowledge?
- A. Balanced scorecard
- B. Impact analysis
- C. Vulnerability analysis
- D. Cost-benefit analysis
正解: A
解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
質問 783
The BEST time to perform a penetration test is after:
- A. an attempted penetration has occurred.
- B. various infrastructure changes are made.
- C. an audit has reported weaknesses in security controls.
- D. a high turnover in systems staff.
正解: B
解説:
Explanation/Reference:
Explanation:
Changes in the systems infrastructure are most likely to inadvertently introduce new exposures.
Conducting a test after an attempted penetration is not as productive since an organization should not wait until it is attacked to test its defenses. Any exposure identified by an audit should be corrected before it would be appropriate to test. A turnover in administrative staff does not warrant a penetration test, although it may- warrant a review of password change practices and configuration management.
質問 784
Which of the following vulnerabilities presents the GREATEST risk of external hackers gaining access to the corporate network?
- A. Missing patches on a workstation
- B. Excessive administrative rights to an internal database
- C. Inadequate logging
- D. Internal hosts running unnecessary services
正解: B
質問 785
The PRIMARY purpose of installing an intrusion detection system (IDS) is to identify:
- A. patterns of suspicious access.
- B. potential attacks on the internal network.
- C. weaknesses in network security.
- D. how an attack was launched on the network.
正解: B
解説:
The most important function of an intrusion detection system (IDS) is to identify potential attacks on the network. Identifying how the attack was launched is secondary. It is not designed specifically to identify weaknesses in network security or to identify patterns of suspicious logon attempts.
質問 786
An information security manager that is utilizing a public cloud is performing a root cause investigation of an incident that took place in that environment. Which of the following should be the security manager's MAIN concern?
- A. Shared infrastructure with other subscribers
- B. Transaction records split into multiple cloud locations
- C. Lack of security log filtering
- D. Limited access to information
正解: D
解説:
Section: INCIDENT MANAGEMENT AND RESPONSE
質問 787
Which of the following is the MOST important management signoff for migrating an order processing system from a test environment to a production environment?
- A. User
- B. Security
- C. Database
- D. Operations
正解: A
解説:
As owners of the system, user management approval would be the most important. Although the signoffs of security, operations and database management may be appropriate, they are secondary to ensuring the new system meets the requirements of the business.
質問 788
There is reason to believe that a recently modified web application has allowed unauthorized access.
Which is the BEST way to identify an application backdoor?
- A. Black box pen test
- B. Source code review
- C. Security audit
- D. Vulnerability scan
正解: B
解説:
Explanation/Reference:
Explanation:
Source code review is the best way to find and remove an application backdoor. Application backdoors can be almost impossible to identify' using a black box pen test or a security audit. A vulnerability scan will only find "known" vulnerability patterns and will therefore not find a programmer's application backdoor.
質問 789
Phishing is BEST mitigated by which of the following?
- A. User awareness
- B. Encryption
- C. Security monitoring software
- D. Two-factor authentication
正解: A
解説:
Explanation/Reference:
Explanation:
Phishing can best be detected by the user. It can be mitigated by appropriate user awareness. Security monitoring software would provide some protection, but would not be as effective as user awareness.
Encryption and two-factor authentication would not mitigate this threat.
質問 790
Successful implementation of information security governance will FIRST require:
- A. security awareness training.
- B. a security architecture.
- C. a computer incident management team.
- D. updated security policies.
正解: D
解説:
Explanation/Reference:
Explanation:
Updated security policies are required to align management objectives with security procedures; management objectives translate into policy, policy translates into procedures. Security procedures will necessitate specialized teams such as the computer incident response and management group as well as specialized tools such as the security mechanisms that comprise the security architecture. Security awareness will promote the policies, procedures and appropriate use of the security mechanisms.
質問 791
After a security incident has been contained, which of the following should be done FIRST?
- A. Restore the affected system from backup.
- B. Conduct forensic analysis.
- C. Perform a complete wipe of the affected system.
- D. Notify local authorities.
正解: C
質問 792
A risk profile supports effective security decisions PRIMARILY because it:
- A. describes security threats.
- B. enables comparison with industry best practices.
- C. identifies priorities for risk reduction.
- D. defines how to best mitigate future risks.
正解: C
解説:
Section: INFORMATION RISK MANAGEMENT
質問 793
Which of the following is the MOST effective way to achieve the integration of information security governance into corporate governance?
- A. Ensure information security efforts support business goals
- B. Align information security budget requests to organizational goals.
- C. Provide periodic IT balanced scorecards to senior management.
- D. Ensure information security aligns with IT strategy.
正解: A
質問 794
What is the GREATEST advantage of documented guidelines and operating procedures from a security perspective?
- A. Ensure compliance to security standards and regulatory requirements
- B. Provide detailed instructions on how to carry out different types of tasks
- C. Ensure reusability to meet compliance to quality requirements
- D. Ensure consistency of activities to provide a more stable environment
正解: D
解説:
Developing procedures and guidelines to ensure that business processes address information security risk is critical to the management of an information security program. Developing procedures and guidelines establishes a baseline for security program performance and consistency of security activities.
質問 795
After obtaining commitment from senior management, which of the following should be completed NEXT when establishing an information security program?
- A. Perform a gap analysis
- B. Conduct a risk assessment
- C. Define security metrics
- D. Procure security tools
正解: B
解説:
Explanation
When establishing an information security program, conducting a risk assessment is key to identifying the needs of the organization and developing a security strategy. Defining security metrics, performing a gap analysis and procuring security tools are all subsequent considerations.
質問 796
Senior management commitment and support for information security can BEST be enhanced through:
- A. regular security awareness training for employees.
- B. periodic review of alignment with business management goals.
- C. a formal security policy sponsored by the chief executive officer (CEO).
- D. senior management signoff on the information security strategy.
正解: B
解説:
Ensuring that security activities continue to be aligned and support business goals is critical to obtaining their support. Although having the chief executive officer (CEO) signoff on the security policy and senior management signoff on the security strategy makes for good visibility and demonstrates good tone at the top, it is a one-time discrete event that may be quickly forgotten by senior management. Security awareness training for employees will not have as much effect on senior management commitment.
質問 797
Which of the following is MOST important in the development of metrics for the effectiveness of information security?
- A. Using clearly defined objectives
- B. Using standard reporting tools
- C. Using quantitative measurement
- D. Using qualitative risk assessment results
正解: A
質問 798
Which of the following provides the BEST indication of strategic alignment between an organization's information security program and business objectives?
- A. Key risk indicators (KRIs)
- B. Security audit reports
- C. A business impact analysis (BIA)
- D. A balanced scorecard
正解: D
質問 799
An organization s HR department would like to outsource its employee management system to a cloud-hosted solution due to features and cost savings offered. Management has identified this solution as a business need and wants to move forward. What should be the PRIMARY role of information security in this effort?
- A. Determine how to securely implement the solution.
- B. Ensure the service provider has the appropriate certifications.
- C. Explain security issues associated with the solution to management.
- D. Ensure a security audit is performed of the service provider.
正解: C
質問 800
Which of the following would BEST assist an information security manager in measuring the existing level of development of security processes against their desired state?
- A. Balanced scorecard
- B. Capability maturity model (CMM)
- C. Security audit reports
- D. Systems and business security architecture
正解: B
解説:
Section: INFORMATION SECURITY PROGRAM MANAGEMENT
Explanation:
The capability maturity model (CMM) grades each defined area of security processes on a scale of 0 to 5 based on their maturity, and is commonly used by entities to measure their existing state and then determine the desired one. Security audit reports offer a limited view of the current state of security. Balanced scorecard is a document that enables management to measure the implementation of their strategy and assists in its translation into action. Systems and business security architecture explain the security architecture of an entity in terms of business strategy, objectives, relationships, risks, constraints and enablers, and provides a business-driven and business-focused view of security architecture.
質問 801
Which of the following actions should be taken when an information security manager discovers that a hacker is foot printing the network perimeter?
- A. Update IDS software to the latest available version
- B. Enable server trace logging on the DMZ segment
- C. Reboot the border router connected to the firewall
- D. Check IDS logs and monitor for any active attacks
正解: D
解説:
Explanation/Reference:
Explanation:
Information security should check the intrusion detection system (IDS) logs and continue to monitor the situation. It would be inappropriate to take any action beyond that. In fact, updating the IDS could create a temporary exposure until the new version can be properly tuned. Rebooting the router and enabling server trace routing would not be warranted.
質問 802
A successful information security management program should use which of the following to determine the amount of resources devoted to mitigating exposures?
- A. Risk analysis results
- B. Audit report findings
- C. Penetration test results
- D. Amount of IT budget available
正解: A
解説:
Explanation/Reference:
Explanation:
Risk analysis results are the most useful and complete source of information for determining the amount of resources to devote to mitigating exposures. Audit report findings may not address all risks and do not address annual loss frequency. Penetration test results provide only a limited view of exposures, while the IT budget is not tied to the exposures faced by the organization.
質問 803
The FIRST step in developing an information security management program is to:
- A. assign responsibility for the program.
- B. identify business risks that affect the organization.
- C. clarify organizational purpose for creating the program.
- D. assess adequacy of controls to mitigate business risks.
正解: C
解説:
Explanation
In developing an information security management program, the first step is to clarify the organization's purpose for creating the program. This is a business decision based more on judgment than on any specific quantitative measures. After clarifying the purpose, the other choices are assigned and acted upon.
質問 804
......
CISM試験問題集で100%合格率CISM試験:https://www.goshiken.com/ISACA/CISM-mondaishu.html
試験問題集リアルIsaca Certification問題集1340問題と解答が待ってますを試そう:https://drive.google.com/open?id=1GiqhAtAf8UDmWysPCV_qG2EY-Wxl8e5m