CISM 受験資格、CISM 模擬問題
NO.1 Which of the following represents the MAJOR focus of privacy regulations?
A. Identity theft
B. Identifiable personal data
C. Unrestricted data mining
D. Human rights protection D.
Answer: B
Explanation:
Protection of identifiable personal data is the major focus of recent privacy regulations such as the
Health Insurance Portability and Accountability Act (HIPAA). Data mining is an accepted tool for ad
hoc reporting; it could pose a threat to privacy only if it violates regulator)' provisions. Identity theft
is a potential consequence of privacy violations but not the main focus of many regulations. Human
rights addresses privacy issues but is not the main focus of regulations.
NO.2 Which of the following should be the FIRST step in developing an information security plan?
A. Perform a technical vulnerabilities assessment
B. Assess the current levels of security awareness
C. Analyze the current business strategy
D. Perform a business impact analysis
Answer: C
CISM スキル
Explanation:
Prior to assessing technical vulnerabilities or levels of security awareness, an information security
manager needs to gain an understanding of the current business strategy and direction. A business
impact analysis should be performed prior to developing a business continuity plan, but this would
not be an appropriate first step in developing an information security strategy because it focuses on
availability.
NO.3 Senior management commitment and support for information security can BEST be obtained
through presentations that:
A. evaluate the organization against best security practices.
B. explain the technical risks to the organization.
C. tie security risks to key business objectives.
D. use illustrative examples of successful attacks.
Answer: C
CISM ガイド CISM 教本
Explanation:
Senior management seeks to understand the business justification for investing in security. This can
best be accomplished by tying security to key business objectives. Senior management will not be as
interested in technical risks or examples of successful attacks if they are not tied to the impact on
business environment and objectives. Industry best practices are important to senior management
but, again, senior management will give them the right level of importance when they are
presented in terms of key business objectives.
NO.4 Retention of business records should PRIMARILY be based on:
A. storage capacity and longevity.
B. business ease and value analysis.
C. business strategy and direction.
D. regulatory and legal requirements.
Answer: D
CISM 虎の巻
Explanation:
Retention of business records is generally driven by legal and regulatory requirements. Business
strategy and direction would not normally apply nor would they override legal and regulatory
requirements. Storage capacity and longevity are important but secondary issues. Business case and
value analysis would be secondary to complying with legal and regulatory requirements.
あなたのキャリアでいくつかの輝かしい業績を行うことを望まないのですか。きっとそれを望んでいるでしょう。では、常に自分自身をアップグレードする必要があります。では、IT業種で仕事しているあなたはどうやって自分のレベルを高めるべきですか。実は、CISM 受験資格認定試験を受験して認証資格を取るのは一つの良い方法です。ISACAの認定試験のCISM 受験資格資格は非常に大切なものですから、ISACAの試験を受ける人もますます多くなっています。
なぜ受験生のほとんどはJPexamを選んだのですか。それはJPexamがすごく便利で、広い通用性があるからです。JPexamのITエリートたちは彼らの専門的な目で、最新的なISACAのCISM 受験資格試験トレーニング資料に注目していて、うちのISACAのCISM 受験資格問題集の高い正確性を保証するのです。もし君はいささかな心配することがあるなら、あなたはうちの商品を購入する前に、JPexamは無料でサンプルを提供することができます。
試験番号:CISM問題集試験科目:Certified Information Security Manager
最近更新時間:2017-11-03
問題と解答:全631問 CISM 実際試験
100%の返金保証。1年間の無料アップデート。
JPexamは最新の70-768問題集と高品質の1z1-961問題と回答を提供します。JPexamのC9020-563 VCEテストエンジンと1Y0-230試験ガイドはあなたが一回で試験に合格するのを助けることができます。高品質の7595X PDFトレーニング教材は、あなたがより迅速かつ簡単に試験に合格することを100%保証します。試験に合格して認証資格を取るのはそのような簡単なことです。
