Browse Exams Pricing

ExamsCISMQuestions

CISM Exam Questions

989 real CISM exam questions with expert-verified answers and explanations. Page 6 of 20.

Question #251Information Security Governance
Business objectives and organizational risk appetite are MOST useful inputs to the development of information security:
Information security strategyBusiness alignmentRisk appetiteSecurity governance
Question #252Information Security Governance
Which of the following should be updated FIRST to account for new regulatory requirements that impact current information security controls?
Regulatory ComplianceInformation Security PolicyGovernancePolicy Management
Question #253Information Security Incident Management
Which of the following is MOST helpful in determining whether a phishing email is malicious?
Phishing detectionThreat intelligenceEmail securitySecurity operations
Question #254Information Security Risk Management
The PRIMARY reason to properly classify information assets is to determine:
Information Asset ClassificationData SensitivitySecurity ControlsRisk Treatment
Question #255Information Security Incident Management
Which of the following would be the GREATEST obstacle to implementing incident notification and escalation processes in an organization with high turnover?
Incident managementOrganizational challengesPersonnel managementProcess implementation
Question #256Information Security Program Development and Management
Which of the following processes is MOST important for the success of a business continuity plan (ВСР)?
Business Continuity PlanningBCP TestingBCP TrainingStakeholder Engagement
Question #257Information Security Risk Management
Which of the following is the MOST important characteristic of an effective information security metric?
Information Security MetricsRisk ManagementResidual RiskRisk Tolerance
Question #258Information Security Governance
Senior management recently approved a mobile access policy that conflicts with industry best practices. Which of the following is the information security manager's BEST course of...
Security PolicySecurity StandardsBest PracticesManagement Responsibility
Question #259Information Security Program Development and Management
Which of the following metrics would provide an accurate measure of an information security program's performance?
Program Performance MeasurementSecurity MetricsQualitative & Quantitative DataDecision Support
Question #260Information Security Incident Management
An employee of an organization has reported losing a smartphone that contains sensitive information. The BEST step to address this situation is to:
Lost device responseData loss preventionRemote wipeIncident management
Question #261Information Security Incident Management
For event logs to be acceptable for incident investigation, which of the following is the MOST important consideration to establish chain of evidence?
Log ManagementIncident ResponseDigital ForensicsChain of Evidence
Question #262Information Security Incident Management
Identifying which of the following BEST enables a cyberattack to be contained?
Incident ResponseCyberattack ContainmentVulnerability ManagementSecurity Incident Handling
Question #263Information Security Incident Management
Which of the following is MOST important to consider when developing an incident response playbook?
Incident Response PlaybookAsset CriticalityIncident PrioritizationSecurity Planning
Question #264Information Security Risk Management
Which of the following is MOST relevant for an information security manager to communicate to business units?
Risk OwnershipBusiness AlignmentStakeholder CommunicationInformation Security Management
Question #265Information Security Program Development and Management
Which of the following provides the BEST evidence that a security program is mature?
Security Program MaturityRisk-Based ApproachControl ImplementationRisk Assessment
Question #266Information Security Program Development and Management
Which of the following is MOST important to integrate into a cybersecurity strategy that supports public cloud, bring your own device (BYOD). and remote work?
Zero TrustCloud SecurityBYOD SecurityRemote Work Security
Question #267Information Security Incident Management
When performing a computer forensics investigation, a security incident response team leader should be MOST concerned with:
Computer ForensicsChain of CustodyIncident ResponseEvidence Handling
Question #268Information Security Risk Management
Which of the following is the BEST approach for an information security manager to effectively manage third-party risk?
Third-party risk managementVendor managementContract reviewOngoing risk monitoring
Question #269Information Security Program Development and Management
Which of the following is the BEST indication of a mature information security program?
Information security program maturitySecurity program integrationSecurity program managementBusiness alignment
Question #270Information Security Incident Management
Which of the following BEST ensures prompt and effective communication during incidents?
Incident CommunicationIncident Management ProcessIncident Response Plan
Question #271Information Security Governance
Which of the following is the PRIMARY benefit of a centralized approach to information security assurance?
Centralized SecuritySecurity AssuranceOrganizational StructureSecurity Governance
Question #272Information Security Program Development and Management
Which of the following is MOST appropriate to report to management when addressing concerns with the effectiveness of the organization's information security program?
Reporting to managementProgram effectivenessBusiness impactInformation security program
Question #273Information Security Incident Management
Within an incident response plan, which of the following MUST be done before an incident is escalated?
Incident ResponseIncident EscalationIncident TriageIncident Severity
Question #274Information Security Incident Management
During a post-incident review, which of the following would provide the BEST data source for identifying improvements to the incident team response?
Post-incident reviewIncident response teamLessons learnedImprovement identification
Question #275Information Security Risk Management
Which of the following is the BEST approach for addressing new regulatory requirements regarding personal data?
Regulatory ComplianceRisk ManagementPersonal Data Protection
Question #276Information Security Risk Management
Which of the following information BEST supports risk management decision making?
Risk ManagementVulnerability AssessmentRisk Decision MakingRisk Assessment Inputs
Question #277Information Security Incident Management
Which of the following is the MOST critical to ensuring evidence from a cyber crime remains legally admissible?
Evidence HandlingDigital ForensicsLegal AdmissibilityChain of Custody
Question #278Information Security Incident Management
An information security manager is developing a breach notification procedure for multiple geographic regions. After understanding where the organization's customers reside, which...
Breach notificationRegulatory complianceIncident response procedureGlobal security
Question #279Information Security Incident Management
Which of the following should be the PRIMARY basis for a severity hierarchy for information security incident classification?
Incident ClassificationIncident SeverityBusiness ImpactIncident Management
Question #280Information Security Incident Management
Following an incident that resulted in significant impact to the organization the information security manager is tasked with establishing appropriate controls to prevent similar i...
Incident ManagementRoot Cause AnalysisPost-Incident ReviewPreventative Controls
Question #281Information Security Program Development and Management
Which of the following would provide the BEST justification for the implementation of a new security solution?
Business caseProject justificationSecurity solution implementationInvestment decision
Question #282Information Security Incident Management
After an incident has been eradicated, which of the following should be done NEXT?
Incident Response LifecyclePost-Incident ActivitiesRoot Cause AnalysisIncident Eradication
Question #283Information Security Governance
Which of the following provides the GREATEST assurance that existing controls meet compliance requirements?
ComplianceIndependent AuditsControl AssuranceOversight
Question #284Information Security Program Development and Management
Which of the following is the MOST effective approach to communicate general information security responsibilities across an organization?
Security AwarenessSecurity TrainingCommunicationOrganizational Responsibilities
Question #285Information Security Governance
Which of the following is the MOST important aspect for an information security manager to consider when developing effective information security policies?
Information Security PoliciesPolicy DevelopmentBusiness AlignmentSecurity Governance
Question #286Information Security Incident Management
Which of the following backups is BEST for forensic purposes?
Digital ForensicsData AcquisitionEvidence PreservationIncident Response
Question #287Information Security Incident Management
Which type of test is MOST effective in communicating the roles of end users to support timely identification and response to information security incidents?
Incident Response TrainingEnd User AwarenessIncident Management TestingRole Communication
Question #288Information Security Risk Management
Which of the following is the MOST important reason to develop an organizational threat profile?
Threat ProfileThreat ManagementProactive SecurityRisk Identification
Question #289Information Security Risk Management
The BEST way for an information security manager to provide senior management with an overview of the organization's information assets and their levels of criticality is to presen...
Risk AssessmentAsset CriticalityReporting to ManagementInformation Security Management
Question #290Information Security Program Development and Management
Which of the following should be the MOST important consideration when implementing a SIEM solution?
SIEM ImplementationSecurity MonitoringTuningSecurity Operations
Question #291Information Security Program Development and Management
When implementing a SIEM solution to monitor the effectiveness of security controls, which of the following is the MOST important requirement from an information security manager's...
SIEMSecurity ControlsEffectiveness MeasurementSecurity Program Management
Question #292Information Security Incident Management
Which of the following actions should be taken during a post-incident review?
Post-incident reviewIncident response lifecycleLessons learnedProcess improvement
Question #293Information Security Governance
Which of the following is the PRIMARY responsibility of a data owner?
Data OwnerInformation ClassificationRoles and ResponsibilitiesInformation Governance
Question #294Information Security Risk Management
What should be an organization's MAIN concern when evaluating an Infrastructure as a Service (IaaS) cloud computing model for an e-commerce application?
Cloud ComputingIaaSAvailabilityThird-party Risk
Question #295Information Security Program Development and Management
Which of the following is the PRIMARY reason that an information security manager would contract with an external provider to perform penetration testing?
Penetration TestingVulnerability AssessmentThird-Party ManagementSecurity Testing
Question #296Information Security Governance
Which of the following is MOST important when building a security-aware culture?
Security cultureManagement commitmentLeadership roleSecurity awareness
Question #297Information Security Risk Management
Which of the following is an information security manager's MOST important course of action after receiving information about a new cybersecurity threat?
Risk AssessmentThreat ManagementImpact AnalysisSecurity Management Priorities
Question #298Information Security Program
Which of the following provides nonrepudiation of electronic transactions?
NonrepudiationDigital CertificatesPublic Key InfrastructureCryptography
Question #299Information Security Risk Management
A business unit is not complying with a control implemented to mitigate risk because doing so impacts the ability to achieve business goals. When reporting the noncompliance to sen...
Risk mitigationCompensating controlsControl complianceBusiness alignment
Question #300Information Security Risk Management
Which of the following is the MOST effective method to ensure organizations have adequate security controls over outsourced services?
Third-party risk managementOutsourcing securitySecurity assuranceCompliance auditing

PreviousPage 6 of 20Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.