CISM Information Risk Management Practice Exam

Sample Questions

Q) database management systems data security responsibility in the organization will include:

a) providing comprehensive protection of information assets.

b) determine the levels of classification of data

c) the implementation of safeguards in the products they install.

d) security guarantees in accordance with the strategy.

e) None

Q) security risk assessment should be repeated periodically, such as:

a) Threats business is constantly changing

b) gaps in earlier assessments can be solved.

c) re-evaluation of various techniques allow.

d) they help to raise awareness of safety.

e) None

Q) Which of the following steps in the risk assessment should be done first?

a) Identity Business Assets

b) Definition of business risk

c) vulnerability assessment

d) Assessment of key controls

e) None

Q) The system administrator does not immediately inform the security officer of a malicious attack. information security manager will be able to prevent this situation:

a) regularly check the preparedness plans in the incident.

b) Regularly test intrusion detection system (IDS).

c) establishing mandatory training for all employees.

d) Periodically incident response procedures.

e) None