Which of the following change management procedures is MOST likely to cause concern to the information security manager?

1. A. Fallback processes are tested the weekend before changes are made
2. B. Users are not notified of scheduled system changes
3. C. A manual rather than an automated process is used to compare program versions.
4. D. The development manager migrates programs into production

Correct Answer: D
According to the Certified Information Security Manager (CISM) Study Guide, one of the primary responsibilities of an information security manager is to ensure that changes to systems and processes are managed in a secure and controlled manner. The change management procedure that is most likely to cause concern for an information security manager is when the development manager migrates programs into production without proper oversight or control. This can increase the risk of unauthorized changes being made to systems and data, and can also increase the risk of configuration errors or other issues that can negatively impact the security and availability of systems. To mitigate these risks, it is important for the information security manager to work closely with the development team to establish and enforce change management procedures that ensure that all changes are properly approved, tested, and implemented in a controlled manner.

Which of the following should be the PRIMARY objective of the information security incident response process?

1. A. Conducting incident triage
2. B. Communicating with internal and external parties
3. C. Minimizing negative impact to critical operations
4. D. Classifying incidents

Correct Answer: C

When developing an asset classification program, which of the following steps should be completed FIRST?

1. A. Categorize each asset.
2. B. Create an inventor
3. C. &
4. D. Create a business case for a digital rights management tool.
5. E. Implement a data loss prevention (OLP) system.

Correct Answer: B

Which of the following events would MOST likely require a revision to the information security program?

1. A. An increase in industry threat level .
2. B. A significant increase in reported incidents
3. C. A change in IT management
4. D. A merger with another organization

Correct Answer: D
A merger with another organization would likely require a revision to the information security program because it can result in significant changes to the structure, size, and information systems of the merged entity. This can affect the security requirements, risk tolerance, and governance policies of the organization. To ensure that the information security program remains effective, it is important to review and revise the security policies, standards, and procedures in light of the changes brought on by the merger. The information security program should align with the new organization's risk tolerance, security requirements, and governance policies. This information can be found in the ISACA's Certified Information Security Manager (CISM) Study Manual, Section 3.1.

Which of the following is MOST helpful for protecting an enterprise from advanced persistent threats (APTs)?

1. A. Updated security policies
2. B. Defined security standards
3. C. Threat intelligence
4. D. Regular antivirus updates

Correct Answer: B