CISM Practice Test

When developing a tabletop test plan for incident response testing, the PRIMARY purpose
of the scenario should be to:

A.

challenge the incident response team to solve the problem under pressure

B.

give the business a measure of the organization's overall readiness

C.

measure management engagement as part of an incident response team

D.

provide participants with situations to ensure understanding of their roles

To inform a risk treatment decision, which of the following should the information security
manager compare with the organization's risk appetite?

A.

Level of residual risk

B.

Configuration parameters

C.

Gap analysis results

D.

Level of risk treatment

Which of the following is the MOST relevant factor when determining the appropriate
escalation process in the incident response plan?

A.

Replacement cost of the affected systems

B.

Resilience capability of the affected systems

C.

Significance of the affected systems

D.

Number of resources allocated to respond

An information security manager is asked to provide a short presentation on the
organization's current IT risk posture to the board of directors. Which of the following would
be MOST effective to include in this presentation?

A.

Gap analysis results

B.

Threat assessment results

C.

Risk heat map

D.

Risk register

An organization's outsourced firewall was poorly configured and allowed unauthorized
access that resulted in downtime of 48 hours. Which of the following should be the
information security manager's NEXT course of action?

A.

Seek damages from the service provider

B.

Obtain supporting evidence that the problem has been corrected.

C.

Reconfigure the firewall in accordance with best practices

D.

Revisit the contract and improve accountability of the service provider