Free ISACA CISM Exam Braindumps (page: 46)

The BEST way to encourage good security practices is to:

  1. schedule periodic compliance audits.
  2. discipline those who fail to comply with the security policy.
  3. recognize appropriate security behavior by individuals.
  4. publish the information security policy.

Answer(s): C



Which of the following enables compliance with a nonrepudiation policy requirement for electronic transactions?

  1. Digital certificates
  2. Digital signatures
  3. Encrypted passwords
  4. One-time passwords

Answer(s): B



Which of the following is the BEST approach to identify noncompliance issues with legal, regulatory, and contractual requirements?

  1. Risk assessment
  2. Business impact analysis (BIA)
  3. Vulnerability assessment
  4. Gap analysis

Answer(s): D



A new version of an information security regulation is published that requires an organization’s compliance. The information security manager should FIRST:

  1. perform an audit based on the new version of the regulation.
  2. conduct a risk assessment to determine the risk of noncompliance.
  3. conduct benchmarking against similar organizations.
  4. perform a gap analysis against the new regulation.

Answer(s): D






Post your Comments and Discuss ISACA CISM exam prep with other Community members:

CISM Exam Discussions & Posts