CISMP-V9 Dumps CISMP-V9 Braindumps
CISMP-V9 Real Questions CISMP-V9 Practice Test CISMP-V9 Actual Questions
killexams.com
Foundation Certificate in Information Security Management Principles V9.0
https://killexams.com/pass4sure/exam-detail/CISMP-V9
Question: 38
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management? A . TOGAF
B . SABSA C . PCI DS E . OWAS
Question: 39
How does network visualisation assist in managing information security?
A . Visualisation can communicate large amounts of data in a manner that is a relatively simple way for people to analyse and interpret. B . Visualisation provides structured tables and lists that can be analysed using common tools such as MS Excel.
C . Visualisation offers unstructured data that records the entirety of the data in a flat, filterable ftle format. D . Visualisation software operates in a way that is rarely and thereby it is less prone to malware infection.
Question: 40
Which of the following is NOT a valid statement to include in an organisation’s security policy? A . The policy has the support of Board and the Chief Executive.
B . The policy has been agreed and amended to suit all third party contractors. C . How the organisation will manage information assurance.
D . The compliance with legal and regulatory obligations.
Question: 41
Which security framework impacts on organisations that accept credit cards, process credit card transactions, store relevant data or transmitcredit card data? A . PCI DS
C . TOGA
E . ENISA NI
G . Sarbanes-Oxiey
https://digitalguardian.com/blog/what-pci-compliance
Question: 42
Which of the following is NOT considered to be a form of computer misuse? A . Illegal retention of personal data.
B . Illegal interception of information. C . Illegal access to computer systems. D . Downloading of pirated software.
Question: 43
Which term describes the acknowledgement and acceptance of ownership of actions, decisions, policies and deliverables? A . Accountability.
B . Responsibility. C . Credibility.
D . Confidentiality.
https://hr.nd.edu/assets/17442/behavior_model_4_ratings_3_.pdf
Question: 44
What form of training SHOULD developers be undertaking to understand the security of the code they have written and how it can improve security defence whilst being attacked? A . Red Team Training.
B . Blue Team Training. C . Black Hat Training. D . Awareness Training.
Question: 45
Which of the following is the MOST important reason for undertaking Continual Professional Development (CPD)within the Information Securitysphere? A . Professional qualification bodies demand CP
C . Information Security changes constantly and at speed.
D . IT certifications require CPD and Security needs to remain credible. E . CPD is a prerequisite of any Chartered Institution qualification.