Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISM Exam - Topic 4 Question 80 Discussion

Actual exam question for Isaca's CISM exam
Question #: 80
Topic #: 4
[All CISM Questions]

Which of the following should an information security manager do FIRST when there is a conflict between the organization's information security policy and a local regulation?

Show Suggested Answer Hide Answer
Suggested Answer: C

Data encryption standards are the best information security initiative for creating an enterprise strategy for protecting data across multiple data repositories and different departments because they help to ensure the confidentiality, integrity, and availability of data in transit and at rest. Data encryption is a process of transforming data into an unreadable format using a secret key or algorithm, so that only authorized parties can access and decrypt it. Data encryption standards are the rules or specifications that define how data encryption should be performed, such as the type, strength, and mode of encryption, the key management and distribution methods, and the compliance requirements. Data encryption standards help to protect data from unauthorized access, modification, or theft, as well as to meet the regulatory obligations for data privacy and security. Therefore, data encryption standards are the correct answer.


https://www.techtarget.com/searchdatabackup/tip/20-keys-to-a-successful-enterprise-data-protection-strategy

https://cloudian.com/guides/data-protection/data-protection-strategy-10-components-of-an-effective-strategy/

https://www.veritas.com/information-center/enterprise-data-protection

by Mozell at Aug 06, 2024, 06:35 AM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nettie
6 months ago
An independent assessment sounds like overkill, right?
upvoted 0 times
...
Man
6 months ago
Wait, why would you enforce the local regulation first?
upvoted 0 times
...
Hobert
6 months ago
Enforcing the policy without checking the law seems risky.
upvoted 0 times
...
Ines
7 months ago
Totally agree, B is the way to go!
upvoted 0 times
...
Temeka
7 months ago
I think getting legal guidance is crucial first.
upvoted 0 times
...
Janae
7 months ago
I feel like enforcing the organization's policy could lead to bigger issues, so maybe getting legal guidance is the safest bet.
upvoted 0 times
...
Mila
7 months ago
I’m leaning towards obtaining an independent assessment of the regulation, but I wonder if that would delay necessary actions.
upvoted 0 times
...
Freeman
7 months ago
I remember a practice question about conflicting policies, and I think enforcing the local regulation might be the right choice, but it feels risky.
upvoted 0 times
...
Noel
8 months ago
I think the first step should be to obtain legal guidance, but I'm not entirely sure if that's the best approach.
upvoted 0 times
...
Larue
8 months ago
Okay, I'm leaning towards obtaining legal guidance first. That seems like the most prudent approach to navigate this conflict.
upvoted 0 times
...
Lenna
8 months ago
Hmm, I'm not sure. Enforcing the local regulation seems like the safest bet, but I'll need to think this through carefully.
upvoted 0 times
...
Earlean
8 months ago
This is a tricky one. I think I'd start by getting some legal guidance to understand the implications of the conflict.
upvoted 0 times
...
Quentin
8 months ago
I'd go with enforcing the organization's security policy. That's the priority, and we can work on aligning the regulation later.
upvoted 0 times
...
Micaela
8 months ago
I remember practicing with a question about restoring files, and I think Backup Recovery was mentioned, but it sounds a bit off for this scenario.
upvoted 0 times
...
Aide
1 year ago
Independent assessment, huh? Sounds like a fancy way of saying 'pass the buck'. But hey, if it's the right move, I'm all for it. Gotta cover all our bases when it comes to security.
upvoted 0 times
Lettie
11 months ago
Obtain an independent assessment of the regulation.
upvoted 0 times
...
Diane
11 months ago
Enforce the organization's information security policy.
upvoted 0 times
...
Denise
12 months ago
Obtain legal guidance.
upvoted 0 times
...
Norah
12 months ago
Enforce the organization's information security policy.
upvoted 0 times
...
...
Antonette
1 year ago
Hmm, this one's a head-scratcher. I'd be tempted to just enforce the org's security policy, but I guess that could get me in trouble with the local authorities. Gotta play it safe and get that legal advice first.
upvoted 0 times
Ozell
11 months ago
User 3: I agree, it's better to play it safe and get advice before taking action.
upvoted 0 times
...
Ling
11 months ago
User 2: No, we should definitely obtain legal guidance first.
upvoted 0 times
...
Beatriz
12 months ago
User 1: I think we should enforce the organization's information security policy.
upvoted 0 times
...
...
Jacki
1 year ago
I agree with Elza, getting legal advice is crucial in this situation.
upvoted 0 times
...
Ramonita
1 year ago
Haha, this is the kind of question that keeps security managers up at night. I'd say let's go with option B and get some legal input. Wouldn't want to end up in hot water over a policy clash!
upvoted 0 times
Catarina
1 year ago
Definitely, we need to make sure we're on solid legal ground.
upvoted 0 times
...
Salena
1 year ago
I agree, legal guidance is crucial in these situations.
upvoted 0 times
...
...
Pura
1 year ago
Whoa, talk about a tricky situation! Sounds like we've got a battle of the policies going on. I'd probably start by getting some legal guidance - can't be too careful with those local regulations, you know?
upvoted 0 times
...
Elza
1 year ago
I disagree, I believe we should obtain legal guidance to understand the implications.
upvoted 0 times
...
Jovita
1 year ago
I think we should enforce the local regulation first.
upvoted 0 times
...

Save Cancel