• Home
  • Articles
  • [Nov 05, 2023] Get Free Updates Up to 365 days On Developing CISM-CN Braindumps [Q142-Q165]

[Nov 05, 2023] Get Free Updates Up to 365 days On Developing CISM-CN Braindumps [Q142-Q165]

Share

[Nov 05, 2023] Get Free Updates Up to 365 days On Developing CISM-CN Braindumps

Best Quality ISACA CISM-CN Exam Questions

NEW QUESTION # 142
以下哪項對信息資產固有風險的影響最大?

  • A. 風險承受能力
  • B. 業務關鍵性
  • C. 淨現值 (NPV)
  • D. 投資回報率 (ROI)

Answer: B

Explanation:
Business criticality is the degree to which an asset is essential to the success of the business and the extent to which its loss or compromise could have a significant impact on the business. Business criticality is one of the main factors that help to determine the inherent risk of an asset, as assets that are more critical to the business tend to have a higher inherent risk.


NEW QUESTION # 143
基于异常的入侵检测系统 (IDS) 通过收集以下方面的数据来运行:

  • A. 异常网络行为并向防火墙发出指令以丢弃流氓连接
  • B. 正常网络行为并将其用作测量异常活动的基线
  • C. 来自历史数据的攻击模式签名
  • D. 异常网络行为并将其用作衡量正常活动的基线

Answer: B

Explanation:
An anomaly-based intrusion detection system (IDS) operates by gathering data on normal network behavior and using it as a baseline for measuring abnormal activity. This is important because it allows the IDS to detect any activity that is outside of the normal range of usage for the network, which can help to identify potential malicious activity or security threats. Additionally, the IDS will monitor for any changes in the baseline behavior and alert the administrator if any irregularities are detected. By contrast, signature-based IDSs operate by gathering attack pattern signatures from historical data and comparing them against incoming traffic in order to identify malicious activity.


NEW QUESTION # 144
在對攻擊進行事件後審查時,以下哪一項對信息安全經理最有用?

  • A. 攻擊者的位置
  • B. 組織的攻擊成本
  • C. 攻擊者使用的操作方法
  • D. 來自入侵檢測系統 (IDS) 日誌的詳細信息

Answer: C


NEW QUESTION # 145
信息安全經理了解到 IT 人員沒有遵守信息安全策略,因為這會導致流程效率低下。信息安全經理首先應該做什麼?

  • A. 在 IT 職能部門內進行用戶意識培訓。
  • B. 確定與不遵守政策相關的風險。
  • C. 要求內部審計對政策制定流程進行審查,
  • D. 建議 IT 更新信息安全策略和程序。

Answer: B


NEW QUESTION # 146
當在線公司發現正在進行的網絡攻擊時,以下哪一項是最佳行動方案?

  • A. 關閉所有網絡接入點
  • B. 隔離受影響網段
  • C. 將所有事件日誌轉儲到可移動介質
  • D. 啟用所有事件的跟踪日誌記錄

Answer: B

Explanation:
The BEST course of action when an online company discovers a network attack in progress is to isolate the affected network segment. This prevents the attacker from gaining further access to the network and limits the scope of the attack. Dumping event logs to removable media and enabling trace logging may be useful for forensic purposes, but should not be the first course of action in the midst of an active attack. Shutting off all network access points would be too drastic and would prevent legitimate traffic from accessing the network.


NEW QUESTION # 147
以下哪项是监控与信息安全相关的关键风险指标 (KRI) 的主要原因?

  • A. 识别剩余风险
  • B. 重新评估风险偏好
  • C. 警告不可接受的风险
  • D. 基准控制性能

Answer: D


NEW QUESTION # 148
這違反了禁止在辦公室使用攝像頭的政策,向員工發放了配備網絡攝像頭的智能手機和平板電腦。以下哪一項應該是信息安全經理的首要行動方案?

  • A. 進行風險評估,
  • B. 傳達可接受的使用政策。
  • C. 執行根本原因分析。
  • D. 修改政策。

Answer: A


NEW QUESTION # 149
对于迁移到基于云的解决方案的组织,以下哪项是事件响应的最佳方法?

  • A. 采用云提供商的事件响应程序。
  • B. 修改事件响应程序以涵盖云环境。
  • C. 继续使用现有的事件响应程序。
  • D. 将事件响应的责任转移给云提供商。

Answer: B


NEW QUESTION # 150
恢復點目標(RPO)對災難恢復的貢獻是:

  • A. 盡量減少停電時間。
  • B. 定義備份策略
  • C. 消除單點故障。
  • D. 減少平均故障間隔時間 (MTBF)。

Answer: B

Explanation:
The contribution of recovery point objective (RPO) to disaster recovery is to define backup strategy because it determines the maximum amount of data loss that is acceptable to an organization after a disruption, and guides the frequency and type of backups needed to restore the data to a usable format1. Minimize outage periods is not a contribution of RPO, but rather a contribution of recovery time objective (RTO), which defines the maximum amount of time that is acceptable to restore normal operations after a disruption2. Eliminate single points of failure is not a contribution of RPO, but rather a goal of high availability (HA), which ensures that systems or services are continuously operational and resilient3. Reduce mean time between failures (MTBF) is not a contribution of RPO, but rather a measure of reliability, which indicates the average time that a system or component operates without failure4. Reference: 1 https://www.druva.com/glossary/what-is-a-recovery-point-objective-definition-and-related-faqs 2 https://www.druva.com/glossary/what-is-a-recovery-time-objective-definition-and-related-faqs 3 https://www.fortinet.com/resources/cyberglossary/high-availability 4 https://www.fortinet.com/resources/cyberglossary/mean-time-between-failures


NEW QUESTION # 151
對於新僱用的負責制定和實施信息安全策略的信息安全經理來說,以下哪一項最有用?

  • A. 組織的信息技術 (IT) 戰略
  • B. 組織的使命宣言和路線圖
  • C. 先前成功的信息安全策略
  • D. 信息安全團隊的能力和專業知識

Answer: B


NEW QUESTION # 152
确保经常遇到的事件反映在用户安全意识培训计划中的最佳方法是包括:

  • A. 离职面谈的结果。
  • B. 服务台请求示例。
  • C. 之前的训练课程。
  • D. 对安全问卷的回答。

Answer: B


NEW QUESTION # 153
随着对远程访问安全性需求的增加,组织发现有必要快速转变为在家工作模式。
应立即关注以下哪项?

  • A. 加强端点安全
  • B. 增强网络响应能力
  • C. 启用网络级身份验证
  • D. 转向零信任访问模型

Answer: A


NEW QUESTION # 154
在创建组织的灾难恢复计划 (DRP) 时,信息安全经理应该首先执行以下哪项?

  • A. 审查沟通计划。
  • B. 制定响应和恢复策略。
  • C. 进行业务影响分析 (BIA)
  • D. 确定响应和恢复学习。

Answer: C

Explanation:
Conducting a business impact analysis (BIA) is the first step when creating an organization's disaster recovery plan (DRP) because it helps to identify and prioritize the critical business functions or processes that need to be restored after a disruption, and determine their recovery time objectives (RTOs) and recovery point objectives (RPOs)2. Identifying the response and recovery teams is not the first step, but rather a subsequent step that involves assigning roles and responsibilities for executing the DRP. Reviewing the communications plan is not the first step, but rather a subsequent step that involves defining the communication channels and protocols for notifying and updating the stakeholders during and after a disruption. Developing response and recovery strategies is not the first step, but rather a subsequent step that involves selecting and implementing the appropriate solutions and procedures for restoring the critical business functions or processes. Reference: 2 https://www.isaca.org/resources/isaca-journal/issues/2018/volume-3/business-impact-analysis-bia-and-disaster-recovery-planning-drp


NEW QUESTION # 155
在商業提案中,潛在供應商提倡通過國際安全標準認證,作為其安全能力的衡量標準。
在依賴此認證之前,最重要的是信息安全經理確認:

  • A. 認證在整個合同有效期內保持有效。
  • B. 使用當前國際標準來評估安全流程。
  • C. 認證範圍與所提供的服務相關。
  • D. 認證可以擴展到覆蓋客戶的業務。

Answer: C


NEW QUESTION # 156
以下哪一項是組織選擇關鍵風險指標 (KRI) 時最重要的因素?

  • A. 合規要求
  • B. 目標受眾
  • C. 投資回報率(ROI)
  • D. 信息的重要性

Answer: D

Explanation:
A key risk indicator (KRI) is a metric that provides an early warning of potential exposure to a risk. A KRI should be relevant, measurable, timely, and actionable. The most important factor in an organization's selection of a KRI is the criticality of information, which means that the KRI should reflect the value and sensitivity of the information assets that are exposed to the risk. For example, a KRI for data breach risk could be the number of unauthorized access attempts to a database that contains confidential customer data. The criticality of information helps to prioritize the risks and focus on the most significant ones. Reference: https://www.isaca.org/credentialing/cism https://www.wiley.com/en-us/CISM+Certified+Information+Security+Manager+Study+Guide-p-9781119801948


NEW QUESTION # 157
当存在以下情况时,重新评估风险最为关键:

  • A. 安全策略的改变。
  • B. 威胁格局的变化。
  • C. 对实施缓解控制的阻力。
  • D. 更新安全报告的管理请求。

Answer: B


NEW QUESTION # 158
以下哪项是制定战略信息安全决策的最佳方法?

  • A. 建立定期高级管理会议。
  • B. 建立业务部门安全工作组。
  • C. 建立信息安全指导委员会。
  • D. 建立定期的信息安全状态报告。

Answer: C

Explanation:
An Information Security Steering Committee is a group of stakeholders responsible for providing governance and guidance to the organization on all matters related to information security. The committee provides oversight and guidance on security policies, strategies, and technology implementation. It also ensures that the organization is in compliance with relevant laws and regulations. Additionally, it serves as a forum for discussing security-related issues and ensures that security is taken into account when making strategic decisions.


NEW QUESTION # 159
以下哪份文件應包含服務恢復的初始優先順序?

  • A. IT風險分析
  • B. 威脅評估
  • C. 業務流程圖
  • D. 業務影響分析 (BIA)

Answer: D

Explanation:
A business impact analysis (BIA) is the document that should contain the initial priori-tization of recovery of services. A BIA is a process of identifying and analyzing the po-tential effects of disruptions to critical business functions and processes. A BIA typi-cally includes the following steps1:
* Identifying the critical business functions and processes that support the organization's mission and objectives.
* Estimating the maximum tolerable downtime (MTD) for each function or process, which is the longest time that the organization can afford to be without that function or process before suffering unacceptable consequences.
* Assessing the potential impacts of disruptions to each function or process, such as finan-cial losses, reputational damage, legal liabilities, regulatory penalties, customer dissatis-faction, etc.
* Prioritizing the recovery of functions or processes based on their MTDs and impacts, and assigning recovery time objectives (RTOs) and recovery point objectives (RPOs) for each function or process. RTOs are the target times for restoring functions or processes after a disruption, while RPOs are the acceptable amounts of data loss in case of a disruption.
* Identifying the resources and dependencies required for each function or process, such as staff, equipment, software, data, suppliers, customers, etc.
A BIA provides the basis for developing a business continuity plan (BCP), which is a document that outlines the strategies and procedures for ensuring the continuity or re-covery of critical business functions and processes in the event of a disruption2. The other options are not documents that should contain the initial prioritization of recov-ery of services. An IT risk analysis is a process of identifying and evaluating the threats and vulnerabilities that affect the IT systems and assets of an organization. It helps to determine the likelihood and impact of potential IT incidents, and to select and imple-ment appropriate controls to mitigate the risks3. A threat assessment is a process of identifying and analyzing the sources and capabilities of adversaries that may pose a threat to an organization's security. It helps to determine the level of threat posed by different actors, and to develop countermeasures to prevent or respond to attacks. A business process map is a visual representation of the activities, inputs, outputs, roles, and resources involved in a business process. It helps to understand how a process works, how it can be improved, and how it relates to other processes. Reference: 1: Business impact analysis (BIA) - Wikipedia 2: Business continuity plan - Wikipedia 3: IT risk management - Wikipedia : Threat assessment - Wikipedia : Business process map-ping - Wikipedia


NEW QUESTION # 160
一個組織正在經歷數字化轉型過程,這將 IT 組織置於一個不熟悉的風險環境中。信息安全經理的任務是領導 IT 風險管理流程。以下哪一項應被給予最高優先級?

  • A. 風險處理方案的選擇
  • B. 關鍵風險指標(KRI)的設計
  • C. 控制差距分析
  • D. 風險識別

Answer: D


NEW QUESTION # 161
以下哪一项最能证明信息安全计划的附加值?

  • A. SWOT 分析
  • B. 平衡计分卡
  • C. 安全基线
  • D. 差距分析

Answer: B

Explanation:
A balanced scorecard is a tool that can be used to demonstrate the added value of an information security program by measuring and reporting on key performance indicators (KPIs) and key risk indicators (KRIs) aligned with strategic objectives. Security baselines, a gap analysis and a SWOT analysis are all useful for assessing and improving security posture, but they do not necessarily show how security contributes to business value.


NEW QUESTION # 162
安装安全信息和事件管理 (SIEM) 系统时正在实施什么类型的控制?

  • A. 预防
  • B. 威慑
  • C. 侦探
  • D. 纠正

Answer: C

Explanation:
A security information and event management (SIEM) system is a type of detective control because it monitors and analyzes the security events or logs from different sources or systems, and detects any anomalies or incidents that may indicate a security breach or compromise. A preventive control is a type of control that prevents or blocks any unauthorized or malicious activity or access from occurring. A deterrent control is a type of control that discourages or warns any potential attackers or intruders from attempting any unauthorized or malicious activity or access. A corrective control is a type of control that restores or repairs any damage or disruption caused by an unauthorized or malicious activity or access. Reference: https://www.isaca.org/resources/isaca-journal/issues/2017/volume-6/the-value-of-penetration-testing https://www.isaca.org/resources/isaca-journal/issues/2016/volume-5/security-scanning-versus-penetration-testing


NEW QUESTION # 163
在建立安全风险意识文化方面,以下哪项最重要的是要传达给员工?

  • A. 员工访问应基于最小权限原则。
  • B. 个人信息需要与敏感信息不同的安全控制。
  • C. 安全责任由所有员工承担。
  • D. 了解信息资产的价值对于风险管理至关重要。

Answer: C

Explanation:
In building a security risk-aware culture, it is most important to convey to employees that the responsibility for security rests with all employees. Every employee plays a role in ensuring the security of the organization's information assets, and it is essential that they understand their role and take security seriously. This means not only following security policies and procedures but also being vigilant in identifying and reporting potential security incidents.
The other items listed (personal information requiring different security controls than sensitive information, employee access should be based on the principle of least privilege, and understanding an information asset's value is critical to risk management) are all important elements of a comprehensive security program, but they are secondary to the fundamental message that security is a shared responsibility. By emphasizing this message and empowering employees to take an active role in security, organizations can build a stronger, more effective security risk-aware culture.


NEW QUESTION # 164
除了高管支持和業務協調之外,以下哪項對於信息安全治理最重要?

  • A. 安全的所有權
  • B. 培訓資源的分配
  • C. 系統的可審計性
  • D. 遵守政策

Answer: A

Explanation:
Information security governance is the process of establishing and maintaining a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. In addition to executive sponsorship and business alignment, a critical factor for effective information security governance is ownership of security, which means that the roles and responsibilities for information security are clearly defined and assigned to the appropriate stakeholders, such as business owners, information owners, information custodians, and users. Ownership of security also implies accountability for the protection of information assets and the management of security risks. Reference: https://www.isaca.org/credentialing/cism https://www.nist.gov/publications/information-security-handbook-guide-managers


NEW QUESTION # 165
......

ISACA Exam Practice Test To Gain Brilliante Result: https://torrentpdf.practicedump.com/CISM-CN-exam-questions.html

Related Articles

more
ISACA CISM-CN Certification Practice Exam

Copyright © 2026 PracticeDump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy