exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam

Exam CISM topic 1 question 31 discussion

Actual exam question from Isaca's CISM
Question #: 31
Topic #: 1
[All CISM Questions]

Which of the following is the MOST important incident management consideration for an organization subscribing to a cloud service?

  • A. Decision on the classification of cloud-hosted data
  • B. Expertise of personnel providing incident response
  • C. Implementation of a SIEM in the organization
  • D. An agreement on the definition of a security incident
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Viperhunter
3 months, 3 weeks ago
Selected Answer: D
When an organization subscribes to a cloud service, it's crucial to have a clear and shared understanding with the cloud service provider about what constitutes a security incident. This agreement helps in establishing a common ground for incident detection, reporting, and response. It ensures that both the organization and the cloud service provider are aligned on what events trigger incident response actions. While the other options (decision on the classification of cloud-hosted data, expertise of personnel providing incident response, implementation of a SIEM) are important aspects of incident management, having a well-defined agreement on the definition of a security incident is foundational for effective collaboration between the organization and the cloud service provider in responding to and mitigating security incidents.
upvoted 3 times
...
Patt70
8 months, 3 weeks ago
Answer is D - Its very important to have a clear and agreed upon definition of a security incident, is crucial for effective incident management and response.
upvoted 1 times
...
richck102
10 months ago
D. An agreement on the definition of a security incident
upvoted 1 times
...
d3vnu77
1 year, 1 month ago
I think it is A. The decision of the type of data to be hosted precedes the actions to be used in treating the data. If they only host low importance data then a low service level will apply.
upvoted 3 times
...
Broesweelies
1 year, 1 month ago
D. An agreement on the definition of a security incident is the MOST important incident management consideration for an organization subscribing to a cloud service, according to ISACA. Having a clear and agreed upon definition of a security incident is crucial for effective incident management and response.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago