Browse Exams Pricing

ExamsCISMQuestions

CISM Exam Questions

989 real CISM exam questions with expert-verified answers and explanations. Page 4 of 20.

Question #151Information Security Incident Management
An organization experienced a breach which was successfully contained and remediated. Based on industry regulations, the breach needs to be communicated externally. What should the...
Incident responseBreach notificationRegulatory compliancePost-incident activities
Question #152Incident Management
Which of the following is MOST important to verify during a test of an organization's incident response process?
Incident Response TestingIncident Response TeamRoles and ResponsibilitiesProcess Verification
Question #153Information Security Incident Management
An intrusion prevention system (IPS) has reported a significant increase in the number of hacking attempts over the past month, though no systems have actually been compromised. Wh...
IPSIncident ResponseAlert ValidationSecurity Monitoring
Question #154Information Security Risk Management
The likelihood of a successful intrusion is a function of:
Risk AssessmentThreatsVulnerabilitiesRisk Likelihood
Question #155Information Security Incident Management
During incident recovery, which of the following is the BEST approach to ensure the eradication of traces hidden by an attacker?
Incident EradicationSystem RecoveryIncident Response Best Practices
Question #156Information Security Program Development and Management
Which of the following BEST enables the effectiveness of an information security training program for new employees?
information security trainingsecurity awarenesstraining effectivenessjob-specific training
Question #157Information Security Program Development and Management
Which of the following is MOST likely to require an organization to update its business continuity plan (BCP)?
Business Continuity Plan (BCP)BCP MaintenanceOrganizational ResilienceChange Management
Question #158Information Security Governance
Which of the following is the BEST approach for encouraging business units to assume their roles and responsibilities in an information security program?
Senior Management EngagementOrganizational AccountabilityInformation Security Program Adoption
Question #159Information Security Incident Management
Which of the following is the GREATEST risk associated with a poorly trained incident response team responding to a major incident?
Incident ResponseEvidence HandlingForensic Readiness
Question #160Information Security Program Development and Management
Which of the following would be MOST useful to determine the current status of an information security program's maturity level?
Information Security Program MaturityBenchmarkingProgram AssessmentSecurity Program Management
Question #161Information Security Governance
Which of the following BEST indicates ongoing senior management commitment to the organization's information security strategy?
Senior Management CommitmentInformation Security GovernanceFundingResource Allocation
Question #162Information Security Risk Management
Which of the following is the MOST important objective when recommending controls?
Security ControlsRisk MitigationRisk ManagementControl Objectives
Question #163Information Security Governance
Which of the following is a PRIMARY responsibility of a data owner?
Data OwnerData ClassificationInformation Security RolesAccountability
Question #164Information Security Risk Management
Which of the following is the responsibility of a risk owner?
Risk ownerRisk management rolesRisk treatment plansAccountability
Question #165Information Security Risk Management
Which of the following should be done FIRST when management approves additional controls?
Risk AssessmentControl ImplementationRisk Management ProcessSecurity Controls
Question #166Information Security Incident Management
Which of the following is the MOST likely reason for invoking the incident response plan?
Incident Response PlanThreat DetectionDMZ SecurityIncident Escalation
Question #167Information Security Program Development and Management
After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?
Gap AnalysisSecurity Program DevelopmentProject PlanningSecurity Assessment
Question #168Information Security Program Development and Management
Which of the following is MOST likely to help an organization's ability to manage advanced persistent threats (APTs)?
Advanced Persistent Threats (APTs)Security PersonnelSecurity OperationsThreat Management
Question #169Information Security Program Development and Management
Once a suite of security controls has been successfully implemented for an organization's business units, it is MOST important for the information security manager to:
Control testingControl effectivenessSecurity program managementContinuous monitoring
Question #170Information Security Program Development and Management
Which of the following metrics would BEST demonstrate the success of a newly implemented information security framework?
Security Framework MetricsPerformance MeasurementAudit FindingsFramework Success
Question #171Information Security Risk Management
Which of the following is MOST important to consider when determining backup frequency?
Recovery Point Objective (RPO)Backup FrequencyBusiness Continuity PlanningDisaster Recovery
Question #172Information Security Governance
Which of the following is the MOST important objective of business stakeholder involvement during information security strategy development?
Security Strategy DevelopmentStakeholder EngagementBusiness Alignment
Question #173Information Security Governance
How does an organization PRIMARILY benefit from the creation of an information security steering committee?
Information Security Steering CommitteeSecurity GovernanceBusiness AlignmentStrategic Oversight
Question #174Information Security Risk Management
A security firm publicizes a critical security flaw in the encryption protocol for an external facing web page. Which of the following should the information security manager do FI...
Risk AssessmentVulnerability ManagementPrioritizationSecurity Program Management
Question #175Information Security Incident Management
An organization has suffered from a large-scale security event impacting a critical system. Following the decision to restore the system at an alternate location, which plan should...
Disaster Recovery PlanSystem RestorationIncident RecoveryBusiness Continuity
Question #176Information Security Governance
Which of the following is the sole responsibility of the client organization when adopting a Software as a Service (SaaS) model?
SaaSShared Responsibility ModelData ClassificationCloud Security
Question #177Information Security Risk Management
An organization has learned that several employees recently clicked on a malicious email link that encrypted the employees' files. Which of the following is the BEST preventive con...
Security awareness trainingPreventive controlsPhishing preventionRansomware mitigation
Question #178Information Security Program Development and Management
Which of the following is the MOST important consideration for implementing effective information security management in vendor relationships?
Vendor risk managementThird-party securityContractual requirementsInformation security management
Question #179Information Security Incident Management
Which of the following should be considered FIRST when responding to a major security breach?
Incident Response ProcessContainmentSecurity Breach Response
Question #180Information Security Governance
Which of the following is the MOST important characteristic of an effective security metric?
Security MetricsReportingCommunicationInformation Presentation
Question #181Information Security Program Development and Management
Which of the following is MOST helpful in the development of a cost-effective information security strategy that is aligned with business requirements?
Security Strategy DevelopmentInformation Asset ClassificationBusiness AlignmentResource Optimization
Question #182Information Security Incident Management
Which of the following is a PRIMARY goal of conducting a post-incident review?
Post-incident reviewIncident managementContinuous improvement
Question #183Information Security Incident Management
The PRIMARY purpose of the recovery phase in incident response is to:
Incident ResponseRecovery PhaseBusiness Continuity PlanService Restoration
Question #184Information Security Program Development and Management
Which of the following is the MOST important factor in determining whether a disaster recovery test is successful?
Disaster RecoveryDR TestingBusiness ContinuitySuccess Criteria
Question #185Information Security Incident Management
The PRIMARY purpose of developing and implementing an incident response plan is to:
Incident Response PlanningBusiness ResilienceIncident Management Objectives
Question #186Information Security Governance
Which of the following would BEST enable senior management to integrate security into all organizational processes following an increase in cyberattacks on business applications?
Information Security GovernanceSecurity PoliciesBusiness AlignmentSecurity Integration
Question #187Information Security Governance
Which of the following should be done FIRST when developing a business continuity plan (BCP)?
Business Continuity Planning (BCP)Organizational StrategyBCP DevelopmentGovernance Alignment
Question #188Information Security Governance
A chief information officer (CIO) recently approved remote access from a system administrator's home as an exception to the security policy. What would be the information security...
Policy ManagementPolicy ExceptionsInformation Security GovernanceContinuous Improvement
Question #189Information Security Governance
Which of the following is a function of the information security steering committee?
Information Security Steering CommitteeSecurity GovernanceStrategic AlignmentBusiness Objectives
Question #190Information Security Incident Management
An incident response team learns that stakeholders' private data may have been breached. Who should the incident response team communicate this information to FIRST?
Incident CommunicationData OwnerData Breach ResponseRoles and Responsibilities
Question #191Information Security Governance
What should be the NEXT course of action when an information security manager has identified a department that is repeatedly not following the security policy?
Policy complianceEscalation proceduresSecurity governanceNon-compliance handling
Question #192Information Security Incident Management
Which of the following BEST enables users to recover from ransomware or malware attacks?
Data RecoveryIncident RecoveryBackupsBusiness Continuity
Question #193Information Security Risk Management
Which of the following is the MOST important role of the information security manager when the organization is in the process of adopting emerging technologies?
Emerging TechnologiesSecurity Manager RoleImpact AssessmentRisk Management
Question #194Information Security Risk Management
When performing vulnerability scans, the information security team finds multiple systems that do not match security configuration standards. Which of the following should be done...
Risk AssessmentVulnerability ManagementSecurity ConfigurationCompliance
Question #195Information Security Governance
A business unit has requested an exception to the organization's new access control policy. Which of the following is the BEST way for the information security manager to address t...
Policy exception managementInformation security governancePolicy review processAccess control policy
Question #196Information Security Governance
Which of the following is MOST important to have in place to help secure ongoing funding for the information security program?
Information Security StrategyProgram FundingGovernanceResource Management
Question #197Information Security Incident Management
After detecting an advanced persistent threat (APT), which of the following should be the information security manager's FIRST step?
Incident ResponseAPTStakeholder CommunicationIncident Management Process
Question #198Information Security Incident Management
An information security manager is notified that a third-party data processor has incurred a breach for which it is believed customer data has been lost. The information security m...
Incident responseData breachThird-party riskInformation gathering
Question #199Incident Management
Which of the following is the PRIMARY objective of the incident management recovery phase?
Incident ManagementRecovery PhaseBusiness ContinuityService Restoration
Question #200Information Security Program Development and Management
Which of the following presents the GREATEST challenge to a large multinational organization using an automated identity and access management (IAM) system?
Identity and Access Management (IAM)Automated ProvisioningHR Data IntegrationSecurity Challenges

PreviousPage 4 of 20Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.