New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISM Exam - Topic 7 Question 68 Discussion

Actual exam question for Isaca's CISM exam
Question #: 68
Topic #: 7
[All CISM Questions]

An organization has multiple data repositories across different departments. The information security manager has been tasked with creating an enterprise strategy for protecting dat

a. Which of the following information security initiatives should be the HIGHEST priority for the organization?

Show Suggested Answer Hide Answer
Suggested Answer: C

Data encryption standards are the best information security initiative for creating an enterprise strategy for protecting data across multiple data repositories and different departments because they help to ensure the confidentiality, integrity, and availability of data in transit and at rest. Data encryption is a process of transforming data into an unreadable format using a secret key or algorithm, so that only authorized parties can access and decrypt it. Data encryption standards are the rules or specifications that define how data encryption should be performed, such as the type, strength, and mode of encryption, the key management and distribution methods, and the compliance requirements. Data encryption standards help to protect data from unauthorized access, modification, or theft, as well as to meet the regulatory obligations for data privacy and security. Therefore, data encryption standards are the correct answer.


https://www.techtarget.com/searchdatabackup/tip/20-keys-to-a-successful-enterprise-data-protection-strategy

https://cloudian.com/guides/data-protection/data-protection-strategy-10-components-of-an-effective-strategy/

https://www.veritas.com/information-center/enterprise-data-protection

by Carin at Mar 06, 2024, 07:38 AM

Limited Time Offer

25%

Off

Get Premium CISM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nada
3 months ago
Surprised that DLP isn't getting more votes!
upvoted 0 times
...
Gwen
3 months ago
Wait, why isn't data retention strategy getting more love?
upvoted 0 times
...
Ezekiel
3 months ago
Data masking is important, but not the highest priority.
upvoted 0 times
...
Leota
4 months ago
I think data loss prevention should be the top priority.
upvoted 0 times
...
Owen
4 months ago
Data encryption standards are a must!
upvoted 0 times
...
Jesus
4 months ago
I’m leaning towards data masking because it helps protect sensitive information, but I’m not confident if it’s the most urgent initiative compared to encryption or DLP.
upvoted 0 times
...
Renay
4 months ago
Data loss prevention seems really important, especially with so many repositories. I just wonder if it’s more of a reactive measure compared to encryption, which feels proactive.
upvoted 0 times
...
Noe
4 months ago
I remember practicing a question about data retention strategies, but I feel like that’s more about compliance than immediate security. Maybe it’s not the top priority here?
upvoted 0 times
...
Cheryl
5 months ago
I think data encryption standards should be the highest priority since they protect data at rest and in transit. But I'm not entirely sure if DLP might be more critical in some cases.
upvoted 0 times
...
Farrah
5 months ago
I'm a bit confused by this question. Data masking, data retention, encryption, and DLP all seem important for data protection. I'll need to think carefully about which one would be the most critical initiative to focus on first.
upvoted 0 times
...
Layla
5 months ago
Data encryption standards seem like the obvious choice here. Ensuring that all data is properly encrypted, regardless of where it's stored, should be the top priority for securing the organization's information.
upvoted 0 times
...
Rodrigo
5 months ago
This seems like a straightforward question about information security priorities. I'll need to carefully consider the options and think about the most critical initiative for protecting data across the organization.
upvoted 0 times
...
Aretha
5 months ago
Hmm, this is a tricky one. There are a few different security initiatives to choose from, and I'm not entirely sure which one should be the highest priority. I'll need to weigh the pros and cons of each approach.
upvoted 0 times
...
Alexis
5 months ago
I'm a bit unsure about the "child work order" option. Does that really tie the service calls back to the original installation? I'm leaning more towards the resource-based approaches.
upvoted 0 times
...
Isaac
5 months ago
I'm pretty confident that custom products should be tracked in ServiceNow, so I'm leaning towards A as the correct answer.
upvoted 0 times
...
Glendora
5 months ago
Ugh, I'm drawing a blank on the difference between all these types of bonds. I guess I'll just have to make an educated guess on this one. Hopefully I can at least eliminate a couple of the options.
upvoted 0 times
...
Chan
5 months ago
Okay, I've got this. The answer is clearly B - balancing the stakeholder needs through trade-offs is the way to go here.
upvoted 0 times
...
Lashaunda
5 months ago
I would go with "Contact Center Administration." I'm not 100% certain, but it seems like the right place to check.
upvoted 0 times
...
Percy
2 years ago
I think data loss prevention (DLP) should be the top priority to prevent unauthorized access.
upvoted 0 times
...
Kris
2 years ago
That's true, data masking can help protect data while still allowing analysis.
upvoted 0 times
...
Sharee
2 years ago
Data masking could also be important to ensure privacy of data.
upvoted 0 times
...
Simona
2 years ago
I agree with Kris, data encryption is crucial for protecting sensitive information.
upvoted 0 times
...
Kris
2 years ago
I think data encryption standards should be the highest priority.
upvoted 0 times
...

Save Cancel