QUESTION: 325

A large organization is considering a policy that would allow employees to bring their own smartphones into the organizational environment. The MOST important concern to the information security manager should be the:

higher costs in supporting end users
impact on network capacity
decrease in end user productivity
lack of a device management solution

Answer(s): D

Reference:

https://www.isaca.org/Journal/archives/2013/Volume-4/Pages/Leveraging-and-Securing-the-Bring-Your-Own-Device-and-Technology-Approach.aspx

Show Answer Next Question

QUESTION: 326

Which of the following vulnerabilities presents the GREATEST risk of external hackers gaining access to the corporate network?

Internal hosts running unnecessary services
Inadequate logging
Excessive administrative rights to an internal database
Missing patches on a workstation

Answer(s): C

Show Answer Next Question

QUESTION: 327

An information security manager has developed a strategy to address new information security risks resulting from recent changes in the business. Which of the following would be MOST important to include when presenting the strategy to senior management?

The costs associated with business process changes
Results of benchmarking against industry peers
The impact of organizational changes on the security risk profile
Security controls needed for risk mitigation

Answer(s): C

Show Answer Next Question

QUESTION: 328

What is the BEST way to determine the level of risk associated with information assets processed by an IT application?

Evaluate the potential value of information for an attacker
Calculate the business value of the information assets
Review the cost of acquiring the information assets for the business
Research compliance requirements associated with the information

Answer(s): B

Show Answer Next Question

Free ISACA CISM Exam Braindumps (page: 83)

QUESTION: 325

Reference:

QUESTION: 326

QUESTION: 327

QUESTION: 328

CISM Exam Discussions & Posts