Question 1

An organization has received complaints from users that some of their files have been encrypted. These users are receiving demands for money to decrypt the files. Which of the following would be the BEST course of action?

Options :

A : Conduct an impact assessment.

B : Isolate the affected systems.

C : Rebuild the affected systems.

D : Initiate incident response.

Answer: D

Question 2

Which risk is introduced when using only sanitized data for the testing of applications?

Options :

A : Data loss may occur during the testing phase.

B : Data disclosure may occur during the migration event

C : Unexpected outcomes may arise in production

D : Breaches of compliance obligations will occur.

Answer: C

Question 3

What will BEST facilitate the success of new security initiatives?

Options :

A : Establish an IT security steering committee.

B : Include business in security decision making.

C : Update security policies on a regular basis

D : Monitor post-implementation security metrics.

Answer: B

Question 4

A new type of ransomware has infected an organization's network. Which of the following would have BEST enabled the organization to detect this situation?

Options :

A : Regular review of the threat landscape

B : Periodic information security training for end users

C : Use of integrated patch deployment tools

D : Monitoring of anomalies in system behavior

Answer: D

Question 5

Which of the following is the BEST control to protect customer personal information that is stored in the cloud?

Options :

A : Timely deletion of digital records

B : Appropriate data anonymization

C : Strong encryption methods

D : Strong physical access controls

Answer: C

Free CISM Mock Exam – Practice Online Confidently

Buying Options: