Browse Exams Pricing

ExamsCISMQuestions

CISM Exam Questions

989 real CISM exam questions with expert-verified answers and explanations. Page 1 of 20.

Question #1Information Security Incident Management
Which of the following is the BEST way to enhance training for incident response teams?
Incident Response TrainingPost-Incident ReviewLessons LearnedContinuous Improvement
Question #2Information Security Program Development and Management
When establishing metrics for an information security program, the BEST approach is to identify indicators that:
Security program metricsProgram effectivenessPerformance measurementProgram management
Question #3Information Security Governance
Which of the following is the MOST essential element of an information security program?
Stakeholder EngagementBusiness AlignmentInformation Security GovernanceProgram Development
Question #4Information Security Program Development and Management
A recent audit found that an organization's new user accounts are not set up uniformly. Which of the following is MOST important for the information security manager to review?
Security documentationStandardsUser account provisioningInformation security program management
Question #5Information Security Governance
A new information security manager finds that the organization tends to use short-term solutions to address problems. Resource allocation and spending are not effectively tracked,...
Information Security GovernanceSteering CommitteeStrategic DirectionProgram Establishment
Question #6Information Security Governance
Which of the following is the PRIMARY responsibility of an information security governance committee?
Information Security GovernanceGovernance CommitteeSecurity StrategyStrategic Oversight
Question #7Information Security Incident Management
An online trading company discovers that a network attack has penetrated the firewall. What should be the information security manager's FIRST response?
Incident ResponseBusiness Impact AnalysisIncident Management ProcessFirst Response
Question #8Information Security Incident Management
Which of the following should be done FIRST once a cybersecurity attack has been confirmed?
Incident ResponseContainmentCybersecurity AttackFirst Steps
Question #9Information Security Governance
When integrating security risk management into an organization it is MOST important to ensure:
Risk Management IntegrationOrganizational Buy-inStakeholder ApprovalInformation Security Governance
Question #10Information Security Governance
The effectiveness of an information security governance framework will BEST be enhanced if:
Information Security GovernanceRisk Management IntegrationStrategic AlignmentFramework Effectiveness
Question #11Information Security Incident Management
Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall sh...
Log monitoringIncident detectionFirewall securitySecurity operations
Question #12Information Security Governance
Which of the following would BEST demonstrate the status of an organization's information security program to the board of directors?
Information Security ProgramBoard ReportingMetricsGovernance Oversight
Question #13Information Risk Management
When building support for an information security program, which of the following elements is MOST important?
Information Risk AssessmentProgram JustificationStakeholder Buy-inInformation Security Program Development
Question #14Information Security Governance
An information security team must obtain approval from the information security steering committee to implement a key control. Which of the following is the MOST important input to...
Business CaseSteering CommitteeControl ApprovalDecision Making
Question #15Information Security Governance
What should a global information security manager do FIRST when informed that a new regulation with significant impact will go into effect soon?
Regulation complianceGap analysisRegulatory impactCompliance assessment
Question #16Information Security Governance
Which of the following is the MOST important function of an information security steering committee?
Information Security GovernanceSteering CommitteeStakeholder ManagementBusiness Alignment
Question #17Incident Management
The PRIMARY objective of timely declaration of a disaster is to:
Disaster RecoveryBusiness ContinuityIncident ResponseContinuity of Operations
Question #18Information Security Risk Management
A software vendor has announced a zero-day vulnerability that exposes an organization's critical business systems. The vendor has released an emergency patch. Which of the followin...
Zero-day vulnerabilityPatch managementRisk assessmentEmergency response
Question #19Information Security Incident Management
Which of the following is MOST important to determine following the discovery and eradication of a malware attack?
Incident responseRoot cause analysisMalware preventionPost-incident activities
Question #20Information Security Program Development and Management
Which of the following is the MOST important factor of a successful information security program?
Information Security ProgramStrategyProgram SuccessStrategic Alignment
Question #21Information Security Program Development and Management
Which of the following is MOST important for building a robust information security culture within an organization?
Security cultureAwareness trainingHuman factorsOrganizational behavior
Question #22Information Security Governance
Which of the following roles is BEST able to influence the security culture within an organization?
Security CultureExecutive LeadershipTone at the TopOrganizational Governance
Question #23Information Security Risk Management
Which of the following is the MOST important reason to conduct interviews as part of the business impact analysis (BIA) process?
Business Impact Analysis (BIA)Stakeholder EngagementBusiness Continuity Planning
Question #24Information Security Risk Management
An organization's research department plans to apply machine learning algorithms on a large data set containing customer names and purchase history. The risk of personal data leaka...
Risk TreatmentData AnonymizationData PrivacyData Leakage Prevention
Question #25Information Security Incident Management
Which of the following incident response phases involves actions to help safeguard critical systems while maintaining business operations?
Incident Response PhasesContainmentBusiness OperationsSystem Safeguarding
Question #26Incident Management
Which of the following BEST facilitates effective incident response testing?
Incident ResponseTestingScenario SimulationEffectiveness
Question #27Information Security Risk Management
Which of the following is the PRIMARY reason for granting a security exception?
Security ExceptionsRisk AcceptanceBusiness AlignmentRisk Justification
Question #28Information Security Program Development and Management
Which of the following is MOST effective in preventing the introduction of vulnerabilities that may disrupt the availability of a critical business application?
Change ManagementVulnerability PreventionAvailabilityApplication Security
Question #29Information Security Incident Management
Which type of plan is PRIMARILY intended to reduce the potential impact of security events that may occur?
Incident ResponseSecurity PlanningImpact ReductionIncident Management
Question #30Information Security Governance
Meeting which of the following security objectives BEST ensures that information is protected against unauthorized disclosure?
ConfidentialityInformation Security ObjectivesData Protection
Question #31Information Security Governance
Which of the following BEST indicates that information security governance and corporate governance are integrated?
Information security governanceCorporate governance integrationSteering committeeBusiness alignment
Question #32Information Security Governance
An organization has acquired a new system with strict maintenance instructions and schedules. Where should this information be documented?
Documentation typesOperational proceduresSystem maintenanceInformation security framework
Question #33Information Security Incident Management
Following an unsuccessful denial of service (DoS) attack, identified weaknesses should be:
Incident ManagementVulnerability ManagementRemediation TrackingPost-incident Activities
Question #34Information Security Program Development and Management
Which of the following is the GREATEST benefit of conducting an organization-wide security awareness program?
Security AwarenessUser BehaviorSecurity Training
Question #35Information Security Incident Management
Which of the following is the BEST indicator of an emerging incident?
Incident DetectionIncident IndicatorsService AvailabilityEarly Warning Signs
Question #36Information Security Governance
A multinational organization is introducing a security governance framework. The information security manager's concern is that regional security practices differ. Which of the fol...
Security GovernanceRegulatory ComplianceLocal RegulationsMultinational Context
Question #37Information Security Incident Management
Which of the following trends would be of GREATEST concern when reviewing the performance of an organization's intrusion detection systems (IDSs)?
Intrusion Detection SystemsSecurity MonitoringPerformance MetricsFalse Negatives
Question #38Information Security Program Development and Management
The PRIMARY purpose for continuous monitoring of security controls is to ensure:
Continuous monitoringSecurity controlsControl effectiveness
Question #39Information Security Incident Management
A user reports a stolen personal mobile device that stores sensitive corporate data. Which of the following will BEST minimize the risk of data exposure?
Mobile Device SecurityIncident ResponseData Loss PreventionRemote Wipe
Question #40Information Security Governance
Which of the following should be the PRIMARY goal of information security?
Information security objectivesBusiness alignmentStrategic importance
Question #41Information Security Incident Management
When developing a categorization method for security incidents, the categories MUST:
Incident CategorizationIncident Management ProcessData ConsistencyStandardization
Question #42Information Security Risk Management
When developing a business case to justify an information security investment, which of the following would BEST enable an informed decision by senior management?
Business Case JustificationSecurity InvestmentRisk AssessmentSenior Management Decision
Question #43Information Security Risk Management
Which of the following is the BEST way to reduce the risk associated with a bring your own device (BYOD) program?
BYOD SecurityMobile Device Management (MDM)Risk MitigationSecurity Controls
Question #44Information Security Program Development and Management
What is the PRIMARY objective of implementing standard security configurations?
Configuration ManagementSecurity BaselinesVulnerability ManagementThreat Reduction
Question #45Information Security Program Development and Management
Which of the following would BEST ensure that security is integrated during application development?
Security by DesignSDLC SecurityApplication SecuritySecurity Requirements
Question #46Information Security Incident Management
Which of the following is the BEST way to improve an organization's ability to detect and respond to incidents?
Security Awareness TrainingIncident DetectionIncident ResponseHuman Factor
Question #47Information Security Governance
Of the following, who would provide the MOST relevant input when aligning the information security strategy with organizational goals?
Information Security GovernanceStrategic AlignmentSteering CommitteesOrganizational Roles and Responsibilities
Question #48Information Security Program Development and Management
Which of the following is the PRIMARY benefit of an information security awareness training program?
Information Security AwarenessSecurity TrainingHuman BehaviorSecurity Program
Question #49Information Security Incident Management
A new type of ransomware has infected an organization's network. Which of the following would have BEST enabled the organization to detect this situation?
Ransomware detectionAnomaly detectionIncident detectionSystem monitoring
Question #50Information Security Incident Management
An incident management team leader sends out a notification that the organization has successfully recovered from a cyberattack. Which of the following should be done NEXT?
Incident Management ProcessPost-Incident ActivitiesLessons LearnedContinuous Improvement

Page 1 of 20Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.