CISM: Information Security Team
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 41% Most missed: “A server containing an accounting database is maintained by a database administr…”
CISM: Information Security Team
Time left 00:00
24 Questions

1. What is the main advantage of using external resources for managing an information security program?
2. The security manager is creating security procedures for the entire organization. Which department should be given priority to write the procedure?
3. A server containing an accounting database is maintained by a database administrator. Who should determine the appropriate level of classification?
4. When should the risk assessment for a new process be conducted?
5. What is the main objective of documenting the security procedure?
6. What is the main advantage of using external resources for managing an information security program?
7. The effectiveness of anti-virus software primarily depends on which of the following?
8. The security manager notes that employees of the marketing department are sending some critical customer data through email. What should the security manager do first?
9. What should a process document for the use of a cryptography document primarily include?
10. What is the most important step upon the termination of employment?
11. What is the most effective way to ensure compliance with an information security policy?
12. What should a process document for the use of a cryptography document primarily include?
13. When should anti-virus signature files be updated?
14. Which of the following roles should not be given the right to update a database access control list to ensure proper segregation of duties?
15. A particular module is accessible to all the members of the development team. The module is used to test the business data. From a security perspective, which of the following is the best option?
16. The effectiveness of an information security program can be best ensured by which of the following?
17. What is the most important criterion for the selection of anti-virus software?
18. What is the best way to reduce the risk of accidental system shutdown through the power button?
19. What is the best method to address the risk of sending confidential information in an email attachment?
20. When should anti-virus signature files be updated?
21. Which of the following roles should not be given the right to update a database access control list to ensure proper segregation of duties?
22. The security manager has obtained commitment and approval from senior management for the establishment of an information security program. What should be their next step?
23. What is the most important criterion for the selection of anti-virus software?
24. A particular module is accessible to all the members of the development team. The module is used to test the business data. From a security perspective, which of the following is the best option?