Home > Certified Information Security Manager (CISM) > Quizzes > CISM: Information Security Incident Management
CISM: Information Security Incident Management
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 67% Most missed: “What is the best way to detect security violations in a timely and effective man…”
CISM: Information Security Incident Management
Time left 00:00
25 Questions

1. What is an area of major concern for a risk-based incident response program?
2. The data restoration plan is primarily based on what?
3. What is the most important aspect of an incident response policy?
4. The emergency response plan should primarily concentrate on what?
5. Incident management supports the organization by doing what?
6. What is the best way to detect security violations in a timely and effective manner?
7. After an incident, the security manager has noted that full system recovery will take a longer time than normal. His efforts are concentrated on partially recovering the system. This level of partial system recovery is most likely based on what?
8. What is the main objective of incident response?
9. The security manager noted that incident reports from different business units are not consistent and correct. What should be his first course of action?
10. What is the most important aspect while defining the incident response procedures?
11. What is the main objective of incident management and response?
12. The security manager has noted a security incident. What should be his next course of action?
13. What area is of the most concern for a security manager?
14. A business continuity program is primarily based on what?
15. The security manager has been informed about a fire in the facility. What should be his course of action?
16. What is the most effective way to determine the impact of a denial-of-service attack?
17. Which of the following plans will best support the security manager in handling a security breach?
18. What area is of most concern for a security manager?
19. The security manager has noted that the BCP has not been updated in the last 5 years and that the maximum tolerable outage (MTO) is much shorter than the allowable interruption window (AIW). What should be their course of action?
20. The security manager is developing an incident response plan. What should be his first step?
21. What is the most effective factor in any incident management process?
22. What is the most effective way to monitor outsourced incident management functions?
23. The severity of the incident can be best determined by which of the following?
24. The security manager has noted that the email server has been compromised at the administrative level. What is the best way to make the system secure?
25. What is the most important factor for a global organization to ensure the continuity of a business in an emergency?