Isaca CISM Exam Practice Test Instant Access

Question 1

Which type of backup BEST enables an organization to recover data after a ransomware attack?

AOnline backup

BIncremental backup

CDifferential backup

DOffline backup

Answer : D

Comprehensive and Detailed Step-by-Step Explanation:

Recovering from ransomware requires backups that are unaffected by the ransomware attack. Here's why offline backups are most effective:

A . Online backup: These are connected to the network and may also be compromised during an attack.

B . Incremental backup: While efficient, incremental backups rely on previous backups and are typically stored online, making them vulnerable to ransomware.

C . Differential backup: Similar to incremental backups, these are not immune if stored online or on compromised systems.

D . Offline backup: This is the BEST choice as offline backups are stored in a location that is not connected to the network, preventing ransomware from encrypting them.

Question 2

Which of the following is the BEST way to compete for funding for an information security program in an organization with limited resources?

ADemonstrate the effectiveness of business continuity plans (BCPs).

BReport key performance indicator (KPI) trends.

CDemonstrate that the program enables business activities.

DProvide evidence of increased security events at peer organizations.

Answer : C

Comprehensive and Detailed Step-by-Step Explanation:

The goal of securing funding for an information security program often requires aligning the program with business goals and demonstrating its value to the organization. Here's an analysis of each option:

A . Demonstrate the effectiveness of business continuity plans (BCPs): While important, this focuses on continuity rather than the overall value of the information security program to business objectives. This is not the strongest method to justify funding.

B . Report key performance indicator (KPI) trends: KPI trends are useful for tracking performance but may not directly demonstrate how the program supports business activities or adds value.

C . Demonstrate that the program enables business activities: This is the BEST option because it ties the information security program directly to business operations. When security is seen as an enabler (e.g., reducing risks in critical areas like customer data protection), stakeholders are more likely to allocate resources.

D . Provide evidence of increased security events at peer organizations: This may indicate a general threat landscape but does not provide concrete evidence of the program's value or relevance to the organization's specific goals.

Question 3

Which of the following processes is MOST important for the success of a business continuity plan (BCP)?

AInvolving all stakeholders in testing and training

BScheduling periodic internal and external audits

CIncluding the board and senior management in plan reviews

DMaintaining copies of the plan at the primary and recovery sites

Answer : A

Question 4

Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?

ALack of knowledgeable personnel

BLack of communication processes

CLack of process documentation

DLack of alignment with organizational goals

Answer : A

Question 5

Which of the following should be done FIRST when developing a business continuity plan (BCP)?

AReview current recovery policies.

BDefine the organizational strategy.

CPrioritize the critical processes.

DReview existing cyber insurance coverage.

Answer : B

Question 6

The PRIMARY reason to properly classify information assets is to determine:

Aappropriate encryption strength using a risk-based approach.

Bthe business impact if assets are compromised.

Cthe appropriate protection based on sensitivity.

Duser access levels based on the need to know.

Answer : C

Question 7

Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:

Aquickly resolved and eliminated regardless of cost.

Btracked and reported on until their final resolution.

Cdocumented in security awareness programs.

Dnoted and re-examined later if similar weaknesses are found.

Answer : D

Isaca CISM Certified Information Security Manager Exam Practice Test