PDF download · CISM Security Mgr Practice 202

Free CISM Security Mgr Practice 202 Practice Test PDF

Download a free CISM Security Mgr Practice 202 practice test PDF with 30 questions, answers and explanations, then continue with online mock exams.

Free sample · CISM Security Mgr Practice 202Q1
The National Institute of Standards and Technology (NIST) defines three categories of risk mitigation strategies in incident management. They are:
Correct — D. Answer: Avoidance, Transference, and Mitigation NIST defines the three categories of risk mitigation strategies as: Avoidance (eliminating the risk factor entirely through preventive measures) Transference (shifting the risk to a third party, typically through insurance or outsourcing) Mitigation (reducing the impact or likelihood of the risk through control measures)
↑ Tap an answer to check it
Download

Free CISM Security Mgr Practice 202 PDF with 30 questions

Print it, save it, or use it as a quick cram sheet before taking a timed mock exam.

Download PDF

The PDF includes 30 CISM Security Mgr Practice 202 questions with answers and explanations.

Sample questions

Try CISM Security Mgr Practice 202 questions now

  1. Q1The National Institute of Standards and Technology (NIST) defines three categories of risk mitigation strategies in incident management. They are:

    Show answer

    ✓ Correct answer: Avoidance, Transference, and Mitigation

    Answer: Avoidance, Transference, and Mitigation NIST defines the three categories of risk mitigation strategies as: Avoidance (eliminating the risk factor entirely through preventive measures) Transference (shifting the risk to a third party, typically through insurance or outsourcing) Mitigation (reducing the impact or likelihood of the risk through control measures)

    Open the full explanation page →

  2. Q2An international bank is concerned that a cyber-attack could disrupt their primary trading network. They decide to set up an alternate trading site that can be operational immediately if such an attack occurs. Additionally, they want a tertiary site as a fallback option in case the secondary site is compromised. They have also specified that they want to reduce costs for this tertiary site. As the information security manager, what would you recommend for the tertiary site?

    Show answer

    ✓ Correct answer: Cold site

    Answer: Cold site A cold site is an appropriate choice for a bank expecting to rely on an alternative site (in this scenario: the secondary site) and needing a cost-effective tertiary option. If an extreme cyber-attack compromises the primary trading network, they can fail over to the alternate site. Once functional in the secondary site, they can then provision the cold site to become operational as needed. A hot site is not suitable because it does not align with the cost-reduction requirement for the tertiary site. A reciprocal agreement, which involves resource sharing with another entity, typically doesn't fit the banking industry's critical and sensitive operations. A mirror site is expensive and already operational, making it impractical as a backup for the alternate site. However, a bank might find a mirror site suitable as a primary or secondary option due to its real-time capabilities.

    Open the full explanation page →

  3. Q3Who is typically responsible for ensuring the proper handling and documentation of events during a disaster recovery process?

    Show answer

    ✓ Correct answer: Disaster Recovery Coordinator

    Answer: Disaster Recovery Coordinator The Disaster Recovery Coordinator is responsible for ensuring that disaster recovery plans are executed properly and that all actions and events are documented accordingly. They oversee the disaster recovery process to minimize downtime and data loss. The CIO will oversee the broader security strategy while the Board of Directors are informed stakeholders, and the Network Administrator focuses on maintaining network functionality.

    Open the full explanation page →

  4. Q4What is the MAIN difference between symmetric and asymmetric encryption?

    Show answer

    ✓ Correct answer: The type of keys used for encryption and decryption

    Correct answer: The type of keys used for encryption and decryption In symmetric encryption, the same key is used for both encryption and decryption. In asymmetric encryption, a pair of related but different keys (public and private) is used for encryption and decryption. The complexity of the algorithm, speed, and type of data are not the primary differences. Symmetric encryption algorithms tend to be less complex and faster, whereas asymmetric encryption is more complex but provides better security for key exchange purposes.

    Open the full explanation page →

  5. Q5What is the primary difference between event correlation and anomaly detection?

    Show answer

    ✓ Correct answer: Event correlation links multiple related events to identify potential security incidents. Anomaly detection identifies deviations from a standard behavior.

    Answer: Event correlation links multiple related events to identify potential security incidents. Anomaly detection identifies deviations from a standard behavior. The primary difference between event correlation and anomaly detection is that event correlation links multiple related events based on predefined patterns or rules, while anomaly detection identifies deviations from normal behavior. Event correlation relies on finding relationships between different security events, potentially indicating an incident. Anomaly detection, on the other hand, looks for unusual behavior that deviates from established baselines, indicating potential unknown threats.

    Open the full explanation page →

  6. Q6A financial brokerage firm is preparing for a major market event that is expected to significantly increase their network traffic. They are concerned about their primary internet connection failing during peak trading hours. To ensure they remain operational in the event of a failure, what solution could they implement to MINIMIZE downtime?

    Show answer

    ✓ Correct answer: Redundant internet connections

    Answer: Redundant internet connections Redundant internet connections provide a backup internet link to switch to if the primary connection fails, thus ensuring continued operation with minimal downtime. Network load balancing distributes traffic efficiently but does not directly address redundancy in case of a primary connection failure. Cloud-based backup focuses on data backup rather than maintaining continuous network connectivity. A VPN secures connections but does not provide redundancy or backup internet links.

    Open the full explanation page →

Unlock everything

Full CISM Security Mgr Practice 202 bank + unlimited mocks

Try 30 questions free. Unlock the complete CISM Security Mgr Practice 202 question bank, every explanation, and unlimited timed mock exams. Practice on any device.

Unlock CISM Security Mgr Practice 202 →
Cramming?
$2.99
/ week · per exam
Best value
$6.99
/ month · per exam