Free Access ISACA.CISM.v2024-12-21.q371 Practice Test (Page 36)

Question 171

The MOST effective control to detect fraud inside an organization's network is to:

A.implement C (IDS).

B.segregate duties

C.review access logs.

D.apply two-factor authentication

Question 172

Which of the following is the GREATEST benefit of incorporating information security governance into the corporate governance framework?

A.Heightened awareness of information security strategies

B.Improved process resiliency in the event of attacks

C.Promotion of security-by-design principles to the business

D.Management accountability for information security

Question 173

A penetration test was conducted by an accredited third party. Which of the following should be the information security manager's FIRST course of action?

A.Request funding needed to resolve the top vulnerabilities.

B.Ensure a risk assessment is performed to evaluate the findings.

C.Report findings to senior management.

D.Ensure vulnerabilities found are resolved within acceptable timeframes.

Question 174

Which of the following is the MOST effective way to ensure information security policies are followed?

A.Perform a gap analysis.

B.Require regular security awareness training.

C.Require sign-off on acceptable use policies.

D.Provide detailed security procedures.

Question 175

Which of the following should be the PRIMARY objective of the information security incident response process?

A.Conducting incident triage

B.Communicating with internal and external parties

C.Minimizing negative impact to critical operations

D.Classifying incidents

Correct Answer: C

Explanation
The primary objective of the information security incident response process is to minimize the negative impact to critical operations. An information security incident is an event that threatens or compromises the confidentiality, integrity, or availability of the organization's information assets or processes. The information security incident response process is a process that defines the roles, responsibilities, procedures, and tools for detecting, analyzing, containing, eradicating, recovering, and learning from information security incidents. The main goal of the information security incident response process is to restore the normal operations as quickly and effectively as possible, and to prevent or reduce the harm or loss caused by the incident to the organization, its stakeholders, or its environment.
Conducting incident triage (A) is an important activity of the information security incident response process, but not the primary objective. Incident triage is the process of prioritizing and assigning the incidents based on their severity, urgency, and impact. Incident triage helps to allocate the appropriate resources, personnel, and time to handle the incidents, and to escalate the incidents to the relevant authorities or parties if needed.
However, incident triage is not the ultimate goal of the information security incident response process, but a means to achieve it.
Communicating with internal and external parties (B) is also an important activity of the information security incident response process, but not the primary objective. Communicating with internal and external parties is the process of informing and updating the stakeholders, such as management, employees, customers, partners, regulators, or media, about the incident status, actions, and outcomes. Communicating with internal and external parties helps to maintain the trust, confidence, and reputation of the organization, and to comply with the legal and contractual obligations, such as notification or reporting requirements. However, communicating with internal and external parties is not the ultimate goal of the information security incident response process, but a means to achieve it.
Classifying incidents (D) is also an important activity of the information security incident response process, but not the primary objective. Classifying incidents is the process of categorizing and labeling the incidents based on their type, source, cause, or impact. Classifying incidents helps to identify and understand the nature and scope of the incidents, and to apply the appropriate response procedures and controls. However, classifying incidents is not the ultimate goal of the information security incident response process, but a means to achieve it.
References = CISM Review Manual, 16th Edition, Chapter 4: Information Security Incident Management, Section: Incident Response Plan, page 1811

Premium Bundle

Newest CISM Exam PDF Dumps shared by BraindumpsPass.com for Helping Passing CISM Exam! BraindumpsPass.com now offer the updated CISM exam dumps, the BraindumpsPass.com CISM exam questions have been updated and answers have been corrected get the latest BraindumpsPass.com CISM pdf dumps with Exam Engine here:

Access CISM Premium Version

(1226 Q&As Dumps, 40%OFF Special Discount: Exam-Tests)

Other Version: 8728ISACA.CISM.v2025-02-21.q785; 14206ISACA.CISM.v2022-06-26.q752; 17350ISACA.CISM.v2022-03-24.q890; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 277PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 389Nokia.4A0-113.v2026-05-01.q69; 423EC-COUNCIL.312-49v11.v2026-04-30.q214; 346Microsoft.MB-820.v2026-04-30.q101; 262Salesforce.MC-202.v2026-04-30.q57; 306BICSI.INSTC_V8.v2026-04-29.q53; 435NMLS.MLO.v2026-04-28.q82; 292NCARB.Project-Management.v2026-04-28.q27; 525EMC.D-AV-DY-23.v2026-04-27.q184; 1361ServiceNow.CSA.v2026-04-27.q483