Free BCS CISMP-V9 Exam Actual Questions

The questions for CISMP-V9 were last updated On Nov 7, 2024

Question No. 1

For which security-related reason SHOULD staff monitoring critical CCTV systems be rotated regularly during each work session?

Show Answer Hide Answer
Correct Answer: D

Regular rotation of staff monitoring critical CCTV systems is recommended primarily to address the limitations of the human attention span. Research suggests that the average human attention span during intense monitoring tasks is approximately 20 minutes. After this period, vigilance and alertness can significantly decrease, leading to a potential lapse in monitoring effectiveness. Rotating staff helps to ensure that individuals are always at their most attentive when observing the CCTV feeds, which is crucial for maintaining security and safety standards. This practice also helps to mitigate risks associated with fatigue and the potential for missing critical events or details.


Question No. 2

Which standards framework offers a set of IT Service Management best practices to assist organisations in aligning IT service delivery with business goals - including security goals?

Show Answer Hide Answer
Correct Answer: A

ITIL (Information Technology Infrastructure Library) is a widely recognized framework that offers a comprehensive set of best practices for IT Service Management (ITSM). It assists organizations in aligning IT services with business goals, including security objectives. ITIL provides guidance on the entire service lifecycle, from service strategy and design to service transition, operation, and continual service improvement. By following ITIL's structured approach, organizations can enhance the quality of IT services, manage risk effectively, improve customer satisfaction, and ensure that IT and business strategies are in sync.


Question No. 3

In a security governance framework, which of the following publications would be at the HIGHEST level?

Show Answer Hide Answer
Correct Answer: C

In a security governance framework, the policy is typically at the highest level because it defines the overall direction and principles that govern the security posture of an organization. Policies are high-level statements that provide guidance to all members of an organization and form the foundation upon which standards, procedures, and guidelines are built. They are approved by the highest levels of management and are meant to be more stable over time, providing a consistent framework for security across the organization.


Question No. 5

What Is the PRIMARY reason for organisations obtaining outsourced managed security services?

Show Answer Hide Answer
Correct Answer: C

The primary reason organizations opt for outsourced managed security services is to gain access to specialized security tools and expertise that may not be feasible to maintain in-house due to cost or resource constraints. Managed Security Service Providers (MSSPs) offer a range of security services that can be tailored to an organization's needs, allowing them to benefit from advanced security measures without the need for significant capital investment or the hiring of specialized staff. This shared service model is cost-effective and enables organizations to focus on their core business activities while ensuring robust security measures are in place. MSSPs can provide continuous monitoring, management of security devices and systems, incident response, and compliance support, which are crucial for maintaining a strong security posture in the face of evolving threats and complex regulatory environments.