CISM

Which of the following is the BEST indicator that an organization is appropriately managing risk?

First post and replies  | Last post by Brain, 1 year ago

Which of the following metrics is the BEST measure of the effectiveness of an information security program?

First post and replies  | Last post by Lloyd, 1 year ago

What should be the information security manager's FIRST response?

First post and replies  | Last post by Guillermo, 1 year ago

Which of the following would BEST enable an organization to effectively monitor the implementation of standardized configurations?

First post and replies  | Last post by Isaiah, 1 year ago

When establishing the trigger levels for an organization's key risk indicators (KRIs), the thresholds should be based PRIMARILY on the organization's:

First post and replies  | Last post by Philip, 1 year ago

Which of the following is the BEST way to obtain assurance that the provider can adequately protect the organization's information?

First post and replies  | Last post by Randolph, 1 year ago

Which of the following processes would BEST aid an information security manager in resolving systemic security issues?

First post and replies  | Last post by Manual, 1 year ago

Information security governance is PRIMARILY driven by which of the following?

First post and replies  | Last post by Morgan, 1 year ago

In the absence of technical controls, what would be the BEST way to reduce unauthorized text messaging on company-supplied mobile devices?

First post and replies  | Last post by Gonzalo, 1 year ago

Which of the following has the GREATEST impact on efforts to improve an organization's security posture?

First post and replies  | Last post by Octavio, 1 year ago

An organization's operations have been significantly impacted by a cyber attack resulting in data loss. Once the attack has been contained, what should the security team.

First post and replies  | Last post by Randolph, 1 year ago

Which of the following is the MOST important outcome of monitoring and reporting on information security processes?

First post and replies  | Last post by Vicente, 1 year ago

Which of the following would be of GREATEST concern to an information security manager when evaluating a cloud service provider (CSP)?

First post and replies  | Last post by Randolph, 1 year ago

Which of the following would be the MOST appropriate way to reduce the likelihood of a successful attack?

First post and replies  | Last post by Ernest, 1 year ago

Which of the following is the MOST important consideration m a bring your own device (BYOD) program to protect company data in the event of a loss?

First post and replies  | Last post by Ezequiel, 1 year ago

When developing security standards, which of the following would be MOST appropriate to include?

First post and replies  | Last post by Lloyd, 1 year ago

Authorization can BEST be accomplished by establishing:

First post and replies  | Last post by Man, 1 year ago

Which is the BEST way for an organization to monitor security risk?

First post and replies  | Last post by Manual, 1 year ago

Which of the following actions should be taken to preserve the evidence of the intrusion for forensic analysis and potential litigation?

First post and replies  | Last post by Coy, 1 year ago

Which of the following is MOST important to present to stakeholders to help obtain support for implementing a new information

First post and replies  | Last post by Chuck, 1 year ago

Which of the following is the BEST way to identify the potential impact of a successful attack on an organization's mission critical applications?

First post and replies  | Last post by Lewis, 1 year ago

Which of the following is the BEST way to ensure the effectiveness of a role-based access scheme?

First post and replies  | Last post by Philip, 1 year ago

Which of the following is MOST helpful for prioritizing the recovery of IT assets during a disaster?

First post and replies  | Last post by Nathaniel, 1 year ago

Which of the following is the GREATEST benefit of information asset classification to an organization?

First post and replies  | Last post by Orval, 1 year ago

What should be an information security manager's NEXT activity following the remediation of a security incident?

First post and replies  | Last post by Cletus, 1 year ago

Which of the following should be provided by the information security manager?

First post and replies  | Last post by Gonzalo, 1 year ago

Which of the following is the MOST appropriate board-level activity for information security governance?

First post and replies  | Last post by Mario, 1 year ago

Which of the following is MOST important to consider when defining control objectives?

First post and replies  | Last post by Marshall, 1 year ago

Which of the following processes would BEST help to ensure that information security risks will be evaluated when implementing a new payroll system?

First post and replies  | Last post by Ali, 1 year ago

The MOST important objective of monitoring key risk indicators (KRIs) related to information security is to:

First post and replies  | Last post by Carmelo, 1 year ago