Browse Exams Pricing

ExamsCISMQuestions

CISM Exam Questions

989 real CISM exam questions with expert-verified answers and explanations. Page 10 of 20.

Question #451Information Security Incident Management
An employee who is a remote user has copied financial data from the corporate server to a laptop using virtual private network (VPN) connectivity. Which of the following is the MOS...
Data leakageIncident classificationAcceptable use policyData handling
Question #452Information Security Governance
An organization is migrating critical workloads to a multi-cloud environment subject to different regulatory and contractual requirements for data protection. Which of the followin...
Multi-cloud securityCompliance managementData protectionSecurity framework development
Question #453Information Security Governance
Which of the following BEST enables an organization to protect itself from data breaches?
Information Security StrategyData Breach PreventionSecurity GovernanceOrganizational Protection
Question #454Information Security Incident Management
Which of the following is MOST important for the successful implementation of an incident response plan?
Incident ResponseStaff TrainingPlan ImplementationOperational Readiness
Question #455Information Security Program Development and Management
Which of the following is the MOST important consideration when defining a recovery strategy in a business continuity plan (BCP)?
Business Continuity PlanningRecovery StrategyOrganizational Tolerance
Question #456Information Security Risk Management
Which of the following BEST enables an organization to determine the costs of downtime for a critical application?
Business Impact Analysis (BIA)Downtime costsCriticality assessmentBusiness Continuity
Question #457Information Security Incident Management
Which of the following is the BEST way to ensure the capability to restore clean data after a ransomware attack?
Ransomware RecoveryData BackupBusiness ContinuityIncident Response
Question #458Information Security Program Development and Management
Which of the following will BEST mitigate web-based application attacks?
Web application securityInput validationApplication security controlsSecure coding
Question #459Information Security Program Development and Management
Application security controls should FIRST be addressed during which stage of the software development life cycle?
Secure SDLCApplication SecuritySecurity by DesignRequirements Gathering
Question #460Information Security Governance
Which of the following roles is PRIMARILY responsible for asset classification?
Asset classificationRoles and responsibilitiesAsset ownershipInformation asset management
Question #461Information Security Program Development and Management
Which of the following is the PRIMARY objective of testing security controls within a critical infrastructure?
Security control testingCritical infrastructure securityIT resilienceInformation security program management
Question #462Information Security Program Development and Management
Which of the following BEST indicates the effectiveness of an information security awareness program?
Security AwarenessProgram EffectivenessSecurity MetricsIncident Reporting
Question #463Information Security Risk Management
Which of the following is the MOST effective way to verify a service provider is maintaining adequate controls to protect customer data?
Third-party assuranceVendor risk managementControl verificationIndependent audits
Question #464Information Security Incident Management
What is MOST important following a post-incident review to help ensure more effective response to future incidents?
Post-incident reviewIncident response planLessons learnedContinuous improvement
Question #465Information Security Incident Management
Which of the following provides the BEST opportunity to evaluate the capabilities of incident response team members?
Incident Response TestingBreach SimulationSecurity ExercisesTeam Capability Evaluation
Question #466Information Security Governance
Recommendations for investment in security technology should be PRIMARILY based on:
Security InvestmentBusiness AlignmentStrategic SecuritySecurity Governance
Question #467Information Security Governance
A new information security manager learns that the organization is preserving large amounts of customer data logs. Portions of the data are not required by law to be retained, and...
Data RetentionPolicy ReviewData GovernanceInformation Lifecycle Management
Question #468Information Security Program Development and Management
Which of the following should be the FIRST consideration when developing a strategy for protecting an organization's data?
Data classificationData protectionSecurity strategyInformation asset management
Question #469Information Security Incident Management
Which of the following is the MOST important information to report to senior management after a significant security incident?
Incident ReportingSenior Management CommunicationIncident Response
Question #470Information Security Program Development and Management
Which of the following activities would provide the MOST assurance that a backup solution is operating effectively?
Backup and RecoveryData ProtectionControl TestingAssurance
Question #471Information Security Incident Management
A health care organization has been informed of a breach at a third-party vendor. Which of the following should the organization's information security manager do FIRST?
Incident responseBreach managementImpact assessmentThird-party risk
Question #472Information Security Program Development and Management
Which of the following is the BEST way to build a robust security culture?
security culturesecurity awarenessemployee engagementincentives
Question #473Information Security Risk Management
Senior management is concerned with the increasing integration of AI into applications used by the organization's systems. Which of the following is the BEST approach to ensure AI-...
AI securityRisk assessmentSecurity strategyApplication security
Question #474Information Security Incident Management
Which of the following should an information security manager do FIRST when informed that customer data has been breached within a third-party vendor's environment?
Incident responseThird-party breachBreach verificationInitial incident action
Question #475Information Security Governance
Which of the following should an information security manager do FIRST when new regulation requires a significant investment to upgrade a legacy application?
Regulatory ComplianceBusiness Impact AnalysisInformation Security GovernanceRisk Management
Question #476Information Security Incident Management
An employee who denies accusations of downloading inappropriate material to an organizational device has been discharged. In support of the disciplinary action, the collection of l...
Digital ForensicsEvidence CollectionIncident ResponseLegal Compliance
Question #477Information Security Incident Management
Which of the following is MOST important to enable the escalation of security incidents to appropriate stakeholders?
Incident ManagementIncident EscalationSeverity CriteriaIncident Response
Question #478Information Security Risk Management
Which of the following is the BEST method for minimizing the risk of noncompliance to security requirements by a third-party service provider?
Third-party risk managementVendor securityCompliance monitoringSecurity assurance
Question #479Information Security Program Development and Management
An information security manager wants to implement phishing simulations throughout the organization. Which of the following is the GREATEST benefit to the information security prog...
Phishing simulationsSecurity awareness trainingCyber awareness assessmentSecurity program effectiveness
Question #480Information Security Risk Management
Senior management is concerned about data exposure through the use of public AI services. Which of the following is the information security manager's BEST course of action?
Risk AssessmentAI SecurityData ExposureSecurity Management
Question #481Information Security Governance
An information security manager finds that the security function is reactive instead of proactive when responding to changing business processes. Which of the following is the BEST...
Proactive SecurityChange Management IntegrationSecurity PolicyInformation Security Governance
Question #482Information Security Incident Management
Which of the following is the BEST way to enhance an organization's incident management capability?
Incident ManagementContinuous ImprovementLessons LearnedPost-Incident Review
Question #483Information Security Governance
A startup company deployed several new applications with vulnerabilities into production because security reviews were not conducted. What will BEST help to ensure effective applic...
Application SecurityChange ManagementRisk ManagementSecurity Governance
Question #484Information Security Program Development and Management
Which of the following would be the PRIMARY reason to use a hot site?
Hot siteDisaster RecoveryBusiness Continuity PlanningRecovery Time Objective (RTO)
Question #485Information Security Governance
The selection of security controls should be PRIMARILY linked to:
Risk AppetiteSecurity ControlsRisk ManagementControl Selection
Question #486Information Security Risk Management
An information security manager has completed a risk assessment for a business information system. Of the following, who is BEST positioned to decide on the implementation of mitig...
Risk treatment decisionSystem owner accountabilityMitigating controlsRoles and responsibilities
Question #487Information Security Risk Management
An application system audit revealed the same security weakness identified in a previous audit with risk acceptance due to expire. From a risk management perspective, which of the...
Risk Management ProcessRisk AcceptanceRisk OwnerInformation Security Manager Responsibilities
Question #488Information Security Incident Management
A post-incident review revealed that key stakeholders took longer than acceptable to decide whether an application should be shut down following a security breach. Which of the fol...
Incident ResponseEscalation ProceduresStakeholder Decision-MakingPost-Incident Review
Question #489Information Security Program Development and Management
Which of the following BEST demonstrates the effectiveness of the vulnerability management process?
Vulnerability ManagementSecurity MetricsEffectiveness MeasurementVulnerability Scanning
Question #490Information Security Incident Management
Which of the following is the PRIMARY reason to establish incident containment procedures?
Incident containmentIncident responseDamage limitationSecurity incident procedures
Question #491Information Security Governance
Which of the following should be an information security manager's PRIMARY concern when an organization is expanding business to a new country?
Regulatory complianceInternational expansionLegal requirementsInformation security governance
Question #492Information Security Risk Management
A chief information security officer (CISO) has identified multiple critical risks with various financial, operational, and reputational impacts. Which of the following is the MOST...
risk treatmentrisk appetiterisk criteriarisk management strategy
Question #493Information Security Incident Management
Senior management wants to thoroughly test a disaster recovery plan (DRP) for a mission-critical system. Which of the following would provide the MOST reliable results?
Disaster Recovery Plan (DRP)DRP TestingBusiness ContinuityFull Interruption Test
Question #494Information Security Risk Management
Which of the following is the MOST effective way to ensure the information security risk associated with third-party services is understood?
Third-party risk managementVendor risk assessmentContractual audit rightsOngoing risk monitoring
Question #495Information Security Program Development and Management
Vulnerability analysis results indicate that a critical software platform needs to be upgraded. Which of the following is the BEST way to obtain investment for the upgrade?
Business CaseInvestment JustificationSecurity FundingResource Allocation
Question #496Information Security Governance
An organization's head of information security has been tasked with creating an information security strategy. What is the MOST important reason to include organization-wide repres...
Information Security StrategyBusiness AlignmentStakeholder EngagementSecurity Governance
Question #497Information Security Risk Management
Which of the following is the BEST time to update an organization's business impact analysis (BIA)?
Business Impact Analysis (BIA)BIA MaintenanceRisk AssessmentBusiness Continuity Planning (BCP)
Question #498Information Security Governance
Which of the following information would BEST enable senior management to assess the value of compliance with new regulations?
Compliance assessmentRisk impactSenior management reportingRegulatory compliance
Question #499Information Security Program Development and Management
Which of the following would be a global organization's PRIMARY challenge when deploying a SIEM system?
SIEM deploymentGlobal organizationsLog managementData storage challenges
Question #500Information Security Governance
Which of the following should be the PRIMARY basis for determining risk appetite?
Risk appetiteOrganizational objectivesInformation security governanceStrategic risk management

PreviousPage 10 of 20Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.