2023 CISM-CN exam torrent CISM-CN Study Guide
Easily pass CISM-CN Exam with our Dumps & PDF Test Engine
NEW QUESTION # 87
以下哪一項是成功的安全計劃最重要的要求?
- A. 將安全流程映射到基線安全標準
- B. 關鍵系統滲透測試
- C. 資產價值的管理決策
- D. 與員工簽訂的保密協議 (NDA)
Answer: C
Explanation:
"A successful security program requires management support and involvement. One of the key aspects of management support is to decide on the value of assets and the acceptable level of risk for them. This will help define the security objectives and priorities for the program. The other options are possible activities within a security program, but they are not as important as management decision on asset value."
NEW QUESTION # 88
以下哪一項是信息資產分類的最大好處?
- A. 為實施需要了解的政策提供基礎
- B. 支持職責分離
- C. 幫助確定恢復點目標 (RPO)
- D. 定義資源所有權
Answer: A
Explanation:
The greatest benefit of information asset classification is providing a basis for imple-menting a need-to-know policy. Information asset classification is a process of catego-rizing information based on its level of sensitivity and importance, and applying appro-priate security controls based on the level of risk associated with that information1. A need-to-know policy is a principle that states that access to information should be granted only to those individuals who require it to perform their official duties or tasks2. The purpose of a need-to-know policy is to limit the exposure of sensitive information to unauthorized or unnecessary parties, and to reduce the risk of data breaches, leaks, or misuse. Information asset classification provides a basis for implementing a need-to-know policy by:
* Defining the value and protection requirements of different types of information
* Labeling the information with the appropriate classification level, such as public, internal, confidential, secret, or top secret
* Establishing the roles and responsibilities of information owners, custodians, and users
* Enforcing access controls and encryption for the information
* Documenting the security policies and procedures for the information By providing a basis for implementing a need-to-know policy, information asset classi-fication can help organizations to protect their sensitive information, comply with rele-vant laws and regulations, and achieve their business objectives. The other options are not the greatest benefits of information asset classification. Helping to determine the recovery point objective (RPO) is not a benefit, but rather a consequence of applying security controls based on the classification level. RPO is the acceptable amount of data loss in case of a disruption3. Supporting segregation of duties is not a benefit, but rather a prerequisite for implementing a need-to-know policy. Segregation of duties is a principle that states that no single individual should have control over two or more phases of a business process or transaction that are susceptible to errors or fraud4. De-fining resource ownership is not a benefit, but rather a component of information asset classification. Resource ownership is the assignment of accountability and authority for an information asset to an individual or a group5. Reference: 1: Information Classifi-cation - Advisera 2: Need-to-Know Principle - NIST 3: Recovery Point Objective - NIST 4: Segregation of Duties - NIST 5: Resource Ownership - NIST : Information Classification in Information Security - GeeksforGeeks : Information Asset Classification Policy - UCI
NEW QUESTION # 89
僅使用經過淨化的數據來測試應用程序時會引入哪些風險?
- A. 將會發生違反合規義務的情況。
- B. 遷移事件期間可能發生數據洩露
- C. 生產中可能出現意外結果
- D. 測試階段可能會發生數據丟失。
Answer: C
Explanation:
Unexpected outcomes may arise in production when using only sanitized data for the testing of applications. Sanitized data is data that has been purposely and permanently deleted or modified to prevent unauthorized access or misuse. Sanitized data may not reflect the real characteristics, patterns, or behaviors of the original data, and thus may not be suitable for testing applications that rely on data quality and accuracy. According to NIST, data sanitization methods can affect the usability of data for testing purposes1. The other options are not risks introduced by using sanitized data for testing applications, but rather risks that can be mitigated by using sanitized data. Data loss, data disclosure, and breaches of compliance obligations are possible consequences of using unsanitized data that contains sensitive or confidential information. Reference: 2: What is Data Sanitization? | Data Erasure Methods | Imperva 3: Data sanitization techniques: Standards, practices, legislation 1: Data sanitization - Wikipedia
NEW QUESTION # 90
在业务连续性计划 (BCP) 中定义恢复策略时,以下哪项是最重要的考虑因素?
- A. 法律法规要求
- B. 备份站点的地理位置
- C. 组织对服务中断的容忍度
- D. 发生灾难的可能性
Answer: C
NEW QUESTION # 91
以下哪項最能幫助組織保留法律上可接受的證據7
- A. 健全的法律框架,附有法律行動說明
- B. 法證人員培訓,包括技術操作
- C. 有關法證記錄保留的記錄流程
- D. 帶有聯繫點的監管鍊錶格
Answer: D
Explanation:
Chain of custody forms with points of contact are the best way to enable an organization to maintain legally admissible evidence because they document the sequence of control, transfer, and analysis of the evidence, and every person who handled it, the dates and times, and the purpose for each action1. They also ensure the authenticity and integrity of the evidence, and prevent tampering or loss1. Documented processes around forensic records retention are not sufficient to maintain legally admissible evidence because they do not track or verify the handling of the evidence. Robust legal framework with notes of legal actions are not sufficient to maintain legally admissible evidence because they do not record or validate the preservation of the evidence. Forensic personnel training that includes technical actions are not sufficient to maintain legally admissible evidence because they do not account or certify the custody of the evidence. Reference: 1 https://www.researchgate.net/publication/326079761_Digital_Chain_of_Custody
NEW QUESTION # 92
组织正在实施信息安全治理框架。为了向利益相关者传达计划的有效性,最重要的是建立:
- A. 安全策略的监控进程。
- B. 控制自我评估(CSA)过程。
- C. 自动向利益相关者报告。
- D. 每个里程碑的指标。
Answer: D
NEW QUESTION # 93
對於遷移到基於雲的解決方案的組織來說,以下哪項是最佳的事件響應方法?
- A. 修改事件響應程序以涵蓋雲環境。
- B. 將事件響應的責任轉移給雲提供商。
- C. 繼續使用現有的事件響應程序。
- D. 採用雲提供商的事件響應程序。
Answer: A
NEW QUESTION # 94
确保经常遇到的事件反映在用户安全意识培训计划中的最佳方法是包括:
- A. 之前的训练课程。
- B. 服务台请求示例。
- C. 对安全问卷的回答。
- D. 离职面谈的结果。
Answer: B
NEW QUESTION # 95
以下哪一項是確保勒索軟件攻擊後恢復乾淨數據能力的最佳方法?
- A. 加密敏感生產數據
- B. 維護多個離線備份
- C. 購買網絡保險
- D. 對備份執行完整性檢查
Answer: B
Explanation:
Maintaining multiple offline backups is the best way to ensure the capability to restore clean data after a ransomware attack. This is because offline backups are not connected to the network and thus cannot be compromised by the ransomware. Additionally, performing integrity checks on backups will help to ensure that any backups that have been potentially corrupted by the ransomware can be identified and discarded. Encrypting sensitive production data and purchasing cyber insurance can help to protect against a ransomware attack, but are not the best way to ensure the capability to restore clean data after an attack.
NEW QUESTION # 96
以下哪項最能支持組織供應鏈攻擊的事件管理流程?
- A. 與供應商系統執行集成測試
- B. 要求對供應商員工進行安全意識培訓
- C. 在供應商合同中包含服務級別協議 (SLA)
- D. 與供應商建立溝通路徑
Answer: D
NEW QUESTION # 97
在恢復需要完全重建的受損系統時,應首先考慮以下哪項?
- A. 配置管理文件
- B. 網絡系統日誌
- C. 入侵檢測系統 (IDS) 日誌
- D. 補丁管理文件
Answer: A
Explanation:
When recovering a compromised system that needs a complete rebuild, the first step should be to restore configuration management files. Configuration management files are critical for identifying the system's original state and the changes that were made to it, and restoring them can help ensure that the system is rebuilt to its original state.
According to the Certified Information Security Manager (CISM) Study Manual, "The initial phase of the recovery process requires that configuration management files be restored. These files represent the foundation of the system and provide insight into the original state of the system, which is important for identifying changes that were made to the system as well as ensuring the recovery process can return the system to its original state." Patch management files, network system logs, and intrusion detection system (IDS) logs are also important in the recovery process, but they should be addressed after configuration management files have been restored.
Reference:
Certified Information Security Manager (CISM) Study Manual, 15th Edition, Page 256.
NEW QUESTION # 98
用戶報告存儲敏感公司數據的個人移動設備被盜。以下哪項最能最大限度地降低數據暴露的風險?
- A. 阻止用戶使用個人移動設備。
- B. 刪除用戶對公司數據的訪問權限。
- C. 遠程擦除設備。
- D. 向警方報告該事件。
Answer: C
NEW QUESTION # 99
以下哪項對信息資產固有風險的影響最大?
- A. 風險承受能力
- B. 投資回報率 (ROI)
- C. 淨現值 (NPV)
- D. 業務關鍵性
Answer: D
Explanation:
Business criticality is the degree to which an asset is essential to the success of the business and the extent to which its loss or compromise could have a significant impact on the business. Business criticality is one of the main factors that help to determine the inherent risk of an asset, as assets that are more critical to the business tend to have a higher inherent risk.
NEW QUESTION # 100
某組織正在製定風險緩解計劃,考慮使用冗餘電源來降低與關鍵系統中斷相關的業務風險。正在考慮哪種類型的控制?
- A. 威懾
- B. 預防性
- C. 糾正
- D. 偵探
Answer: B
NEW QUESTION # 101
信息安全經理獲悉風險負責人已批准例外情況,用較弱的補償控制替換關鍵控制,以提高流程效率。以下哪一項應該是最值得關注的?
- A. 補償控制可能不具有成本效益。
- B. 安全審計可能會報告更多高風險發現。
- C. 風險水平可能會超出可接受的限度。
- D. 可能會導致不遵守行業最佳實踐。
Answer: C
NEW QUESTION # 102
以下哪一項應該是獲得外包批准以解決安全漏洞的第一步?
- A. 執行成本效益分析。
- B. 開始對外包公司進行盡職調查。
- C. 收集其他指標。
- D. 向高級管理層提交資金申請。
Answer: A
NEW QUESTION # 103
信息安全經理了解到與組織想要實施的新興技術相關的新標準。信息安全經理應建議首先執行以下哪項操作?
- A. 回顧行業專家對新標準的分析。
- B. 對新技術進行風險評估。
- C. 確定組織是否可以從採用新標準中受益。
- D. 獲得法律顧問關於標準對法規的適用性的意見,
Answer: B
NEW QUESTION # 104
......
CISM-CN PDF Pass Leader, CISM-CN Latest Real Test: https://torrentpdf.practicedump.com/CISM-CN-exam-questions.html