Which of the following is the MOST important to keep in mind when assessing the value of information?
Answer(s): A
The potential for financial loss is always a key factor when assessing the value of information. Choices B, C and D may be contributors, but not the key factor.
What would a security manager PRIMARILY utilize when proposing the implementation of a security solution?
Answer(s): C
The information security manager needs to prioritize the controls based on risk management and the requirements of the organization. The information security manager must look at the costs of the various controls and compare them against the benefit the organization will receive from the security solution. The information security manager needs to have knowledge of the development of business cases to illustrate the costs and benefits of the various controls. All other choices are supplemental.
To justify its ongoing security budget, which of the following would be of MOST use to the information security' department?
Cost-benefit analysis is the legitimate way to justify budget. The frequency of security breaches may assist the argument for budget but is not the key tool; it does not address the impact. Annualized loss expectancy (ALE) does not address the potential benefit of security investment. Peer group comparison would provide a good estimate for the necessary security budget but it would not take into account the specific needs of the organization.
Which of the following situations would MOST inhibit the effective implementation of security governance?
Answer(s): D
The need for senior management involvement and support is a key success factor for the implementation of appropriate security governance. Complexity of technology, budgetary constraints and conflicting business priorities are realities that should be factored into the governance model of the organization, and should not be regarded as inhibitors.
What would be the MOST significant security risks when using wireless local area network (LAN) technology?
A rogue access point masquerades as a legitimate access point. The risk is that legitimate users may connect through this access point and have their traffic monitored. All other choices are not dependent on the use of a wireless local area network (LAN) technology.
Share your comments for ISACA CISM exam with other users:
question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
helpful content
oracle 19c is complex db
helpful for practice
support team is fast and deeply knowledgeable. i appreciate that a lot.
helpful questions
thanks for question
the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
i need exam questions nca 6.5 any help please ?
just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
very helpful
i need this exam
nice questions... are these questions the same of the exam?
need to view
highly appreciate for your sharing.
kindly share this dump. thank you
link plz for download
data quality oecd
rman is one good recovery technology
need it thx
good questions
good one nice revision
i love this thank you i need
question # 142: data governance is not one of the deliverables in the document and content management context diagram.
most answers not correct here
what % of questions do we get in the real exam?
i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!
all the best
very usefull document
nice and helpful questions
i found the questions helpful
q 105 . ans is d
i have interest to get a sybase iq dba certification
want to pass exm.