Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISM Exam - Topic 5 Question 65 Discussion

Actual exam question for Isaca's CISM exam
Question #: 65
Topic #: 5
[All CISM Questions]

The PRIMARY objective of timely declaration of a disaster is to:

Show Suggested Answer Hide Answer
Suggested Answer: B

The greatest concern with the situation of privileged employee access requests to production servers being approved but not logged is the lack of accountability, which means the inability to trace or verify the actions and decisions of the privileged users. Lack of accountability can lead to security risks such as unauthorized changes, data breaches, fraud, or misuse of privileges. Logging user actions is a key component of privileged access management (PAM), which helps to monitor, detect, and prevent unauthorized privileged access to critical resources. The other options, such as lack of availability, improper authorization, or inadequate authentication, are not directly related to the situation of not logging user actions. Reference:

https://www.microsoft.com/en-us/security/business/security-101/what-is-privileged-access-management-pam

https://www.ekransystem.com/en/blog/privileged-user-monitoring-best-practices

https://www.beyondtrust.com/resources/glossary/privileged-access-management-pam


by Carin at Nov 22, 2023, 03:57 PM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Scarlet
6 months ago
Definitely D, essential services must keep running!
upvoted 0 times
...
Ben
6 months ago
Protecting assets is super important too!
upvoted 0 times
...
Cecil
7 months ago
Wait, is that really the primary objective?
upvoted 0 times
...
Miesha
7 months ago
Totally agree, it's all about continuity!
upvoted 0 times
...
Franklyn
7 months ago
Timely declaration helps in resource allocation.
upvoted 0 times
...
Hector
7 months ago
I’m a bit confused; I thought the main goal was to assess deficiencies, but now I’m not so certain.
upvoted 0 times
...
Tandra
7 months ago
I’m leaning towards option D, but I could see how engaging management could also be a key part of the process.
upvoted 0 times
...
Jackie
7 months ago
I remember a practice question that focused on protecting physical assets, but I feel like that might be more of a secondary goal.
upvoted 0 times
...
Edna
8 months ago
I think the primary objective is about ensuring continuity of essential services, but I'm not completely sure.
upvoted 0 times
...
Glory
8 months ago
Ugh, this is a tricky one. I'm torn between a few of the options, and I don't want to overthink it. I'll just go with my best guess and move on to the next question.
upvoted 0 times
...
Coletta
8 months ago
Aha, I think I've got it! The key here is the "primary objective" part of the question. Option D seems to capture the core purpose of ensuring the organization's essential services continue, which is likely the main goal of a timely disaster declaration.
upvoted 0 times
...
Lucina
8 months ago
Hmm, I'm not entirely sure about this one. The options seem a bit similar, and I want to make sure I understand the nuance between them. Let me think this through step-by-step.
upvoted 0 times
...
Cecilia
8 months ago
This seems like a straightforward question about the purpose of declaring a disaster. I'll carefully read through the options and choose the one that best matches the primary objective.
upvoted 0 times
...
Mariko
8 months ago
This question seems straightforward. I think the key is to focus on the NTFS security and QlikView Management Service requirements.
upvoted 0 times
...
Leanora
8 months ago
This is a good question to test our understanding of Server Protect's functionality. I think the answer is C, but I'll double-check the details just to be sure.
upvoted 0 times
...
Theresia
8 months ago
I feel like this scenario really highlights peer pressure, but I'm not entirely sure if it's more about corporate culture influencing behavior too.
upvoted 0 times
...
Herschel
1 year ago
Disaster declaration? I declare this question a disaster! Let's just move on to the next one before the building burns down around us.
upvoted 0 times
Elli
11 months ago
C) assess and correct disaster recovery process deficiencies.
upvoted 0 times
...
Willodean
11 months ago
B) protect critical physical assets from further loss.
upvoted 0 times
...
Antione
12 months ago
A) ensure the continuity of the organization's essential services.
upvoted 0 times
...
...
Jin
1 year ago
Disaster? What disaster? I'm just gonna work on my tan and let the IT department handle it. As long as the wifi's still up, I'm good!
upvoted 0 times
Frankie
12 months ago
D) ensure engagement of business management in the recovery process.
upvoted 0 times
...
Bette
12 months ago
B) protect critical physical assets from further loss.
upvoted 0 times
...
Jaclyn
1 year ago
A) ensure the continuity of the organization's essential services.
upvoted 0 times
...
...
Daron
1 year ago
D, because you need that business management involvement to get the recovery process moving. Without them, you're just sitting around waiting for the IT guys to work their magic.
upvoted 0 times
Avery
12 months ago
D) ensure engagement of business management in the recovery process.
upvoted 0 times
...
Adolph
1 year ago
B) protect critical physical assets from further loss.
upvoted 0 times
...
Letha
1 year ago
A) ensure the continuity of the organization's essential services.
upvoted 0 times
...
...
Minna
1 year ago
C, all the way. You gotta use those disaster recovery deficiencies as a learning experience, right? Mistakes were made, let's make sure they don't happen again.
upvoted 0 times
...
Launa
1 year ago
I'm going with B. Protecting those critical assets is the top priority, otherwise you'll be starting from scratch after the disaster.
upvoted 0 times
Anjelica
11 months ago
I think engaging business management in the recovery process is also key to a successful recovery.
upvoted 0 times
...
Alverta
12 months ago
That's true, without essential services, the organization may struggle to recover effectively.
upvoted 0 times
...
Lavonne
1 year ago
But don't you think ensuring the continuity of essential services is just as important?
upvoted 0 times
...
Huey
1 year ago
I agree, protecting critical assets is crucial to minimize losses.
upvoted 0 times
...
...
Niesha
1 year ago
A is definitely the primary objective. I mean, what's the point of recovering assets if you can't even keep your essential services running?
upvoted 0 times
Audry
1 year ago
Yes, without essential services, the organization would struggle to recover effectively.
upvoted 0 times
...
Leanna
1 year ago
I agree, keeping essential services running is crucial in a disaster.
upvoted 0 times
...
Marvel
1 year ago
B) protect critical physical assets from further loss.
upvoted 0 times
...
Michell
1 year ago
A) ensure the continuity of the organization's essential services.
upvoted 0 times
...
...
Teddy
1 year ago
I believe protecting critical physical assets is also crucial to the recovery process.
upvoted 0 times
...
Charlene
1 year ago
I agree with Wilda, it's important to keep the organization running smoothly.
upvoted 0 times
...
Wilda
1 year ago
I think the primary objective is to ensure continuity of essential services.
upvoted 0 times
...

Save Cancel