Browse Exams Pricing

ExamsCISMQuestions

CISM Exam Questions

989 real CISM exam questions with expert-verified answers and explanations. Page 8 of 20.

Question #351Information Security Governance
Which of the following is MOST important to the ongoing effectiveness of an information security governance framework?
Information Security GovernanceFramework EffectivenessAdaptabilityBusiness Alignment
Question #352Information Security Governance
Which of the following will BEST facilitate integrating the information security program into corporate governance?
Information Security StrategyCorporate GovernanceStrategic AlignmentProgram Integration
Question #353Information Security Risk Management
An information security manager identified that a user's laptop did not have full disk encryption enabled and recommended this be configured immediately. Which type of risk treatme...
Risk treatmentMitigationSecurity controlsFull Disk Encryption
Question #354Information Security Incident Management
An organization's information security manager has been alerted to a possible security incident related to a system intrusion. Which of the following should be the information secu...
Incident responseIncident verificationIncident management lifecycleDetection and analysis
Question #355Information Security Incident Management
Which of the following is the BEST way for an organization to ensure timely categorization of information security incidents?
Incident Response Plan TestingIncident CategorizationIncident Management EffectivenessTimeliness
Question #356Information Security Program Development and Management
Which of the following is the BEST approach to reduce the likelihood of unauthorized use of generative AI?
Generative AI securitySecurity awareness trainingUser behavior managementProactive security controls
Question #357Information Security Risk Management
Which of the following is the MOST important reason for obtaining input from risk owners when implementing controls?
Risk ManagementRisk OwnersControl ImplementationAcceptable Risk
Question #358Information Security Incident Management
An information security manager learns that a third-party data processor has been compromised by a cyberattack. Which of the following should be done FIRST?
Incident ResponseIncident CategorizationInitial Incident HandlingDocumentation
Question #359Information Security Incident Management
Access logs that are frequently required as evidence in legal proceedings should be stored:
Log ManagementData IntegrityLegal EvidenceEvidence Handling
Question #360Information Security Governance
Which of the following internal factors has the GREATEST impact on establishing an organization's security culture?
Security cultureLeadership supportInformation security governanceOrganizational factors
Question #361Information Security Risk Management
Which of the following is the MOST likely reason for a vulnerability scanner to return incomplete results?
Vulnerability ScanningSecurity AssessmentUnauthenticated ScansRisk Identification
Question #362Information Security Program Development and Management
Which of the following is the BEST metric to measure the efficiency of an information security program?
Information Security MetricsProgram EfficiencyControl BaselinesSecurity Program Management
Question #363Information Security Program Development and Management
Which of the following is MOST important for building a strong organizational cybersecurity culture?
Cybersecurity CultureSecurity AwarenessSecurity TrainingEmployee Engagement
Question #364Information Security Incident Management
Which of the following should be the FIRST step in recovering from a ransomware attack?
RansomwareIncident ResponseContainmentRecovery Steps
Question #365Information Security Risk Management
An identified risk was addressed by applying a technical solution to reduce the likelihood or impact of an event. Which risk response has been applied?
Risk ResponseRisk MitigationTechnical Controls
Question #366Information Security Incident Management
An organization successfully responded to an information security incident. However, the information security manager learned that some of the steps specified in the incident manag...
Incident Management ProcessPost-Incident ReviewProcedure AdherenceProcess Improvement
Question #367Information Security Program Development and Management
Which of the following is MOST important to ensure the effectiveness of an organization's business continuity plan (BCP)?
Business Continuity PlanningBCP TestingPlan Effectiveness
Question #368Information Security Program Development and Management
Which of the following is the BEST reason to separate short-term from long-term plans within an information security roadmap?
Security PlanningResource AllocationRoadmap DevelopmentProgram Management
Question #369Information Security Incident Management
Which of the following should be the FIRST course of action by the incident response team when responding to an incident?
Incident ResponseIncident ContainmentIncident Management Process
Question #370Information Security Program Development and Management
The GREATEST benefit of an effective information security awareness program is the organization's ability to:
Security AwarenessIncident ReductionProgram EffectivenessHuman Factor
Question #371Information Security Risk Management
What should an information security manager do FIRST when an organization is planning to use a third-party cloud computing service for a critical business process?
Cloud SecurityThird-Party Risk ManagementRisk AssessmentSecurity Program Planning
Question #372Information Security Governance
A global organization is planning to expand its operations into a new country with stricter data protection regulations than those in the headquarters' home country. Which of the f...
Regulatory ComplianceData Protection LawsLegal InterpretationGlobal Expansion
Question #373Information Security Incident Management
An incident response plan is being developed for servers hosting sensitive information. In the event of a breach, who should make the decision to shut down the system?
Incident Response PlanRoles and ResponsibilitiesDecision MakingService Owner
Question #374Information Security Governance
Which of the following is MOST important in order to obtain senior leadership support when presenting an information security strategy?
Senior leadership supportRisk appetiteInformation security strategyGovernance alignment
Question #375Incident Management
Which of the following should be of GREATEST concern when creating a continuity plan for a legacy system installed over ten years ago?
Business Continuity PlanningRecovery Time ObjectiveLegacy SystemsSystem Restoration
Question #376Information Security Program Development and Management
An information security manager identifies deficiencies in the organization's vulnerability management program. Which of the following is the MOST important consideration when prep...
Vulnerability Management ProgramProcess ImprovementStakeholder EngagementChange Management
Question #377Information Security Governance
Detailed business continuity plans (BCPs) should be PRIMARILY based on:
Business Continuity PlanningGovernanceStrategic DirectionSenior Management Oversight
Question #378Information Security Incident Management
If the investigation of an incident is not completed within the time allocated in the incident response plan, which of the following actions should be taken by the incident respons...
Incident EscalationIncident Response ProceduresIncident ManagementIncident Timelines
Question #379Information Security Risk Management
An organization finds unauthorized software has been installed on a number of workstations. The software was found to contain a Trojan, which had been uploading data to an unknown...
Access ControlEndpoint SecurityPreventive ControlsMalware Protection
Question #380Information Security Incident Management
Which of the following should be the FIRST action in response to a ransomware attack?
RansomwareIncident ResponseContainmentNetwork Security
Question #381Information Security Governance
The MOST important reason for an organization to establish a social media policy is to:
Social Media PolicyBrand ProtectionPolicy ObjectivesReputational Risk
Question #382Information Security Program Development and Management
In a large organization, it is MOST important that disaster recovery and business continuity plans:
Disaster Recovery PlanningBusiness Continuity PlanningIntegrated PlanningOrganizational Resilience
Question #383Information Security Program Development and Management
Which of the following BEST enables an organization to meet information security-related compliance requirements?
Information security complianceSecurity program developmentRegulatory requirementsProactive security
Question #384Information Security Incident Management
Which of the following BEST enables those tasked with analyzing a security breach to understand its impact and report it to the appropriate channels?
Incident ClassificationBreach AnalysisIncident ReportingImpact Assessment
Question #385Information Security Incident Management
An event occurred that resulted in the activation of the business continuity plan (BCP). All employees were notified during the event, and they followed the plan. However, two majo...
Business Continuity Planning (BCP)Communication PlanSupplier ManagementTesting and Exercising
Question #386Information Security Governance
Which of the following is the BEST reason to implement an information security architecture?
Information Security ArchitectureSecurity RequirementsConsistent ImplementationSecurity Governance
Question #387Information Security Governance
A business unit has updated its long-term business plan to include the upgrading of information management systems to increase productivity. To support this initiative, what should...
Business AlignmentSecurity StrategyGovernance PrinciplesStrategic Planning
Question #388Information Security Risk Management
Which of the following is an information security manager's BEST course of action when a business unit manager wants to adopt an emerging technology that may affect the organizatio...
Emerging Technology RiskThreat AnalysisRisk IdentificationInformation Security Management
Question #389Information Security Risk Management
Which of the following is MOST likely to be impacted when emerging technologies are introduced to an organization?
Emerging TechnologiesRisk ProfileRisk ManagementImpact Analysis
Question #390Incident Management
Which of the following is the MOST important consideration in the eradication phase of incident response?
Incident Response PhasesEradicationForensicsRoot Cause Analysis
Question #391Information Security Incident Management
Which of the following is the PRIMARY reason to review the firewall logs when an external network-based attack is reported by the intrusion detection system (IDS)?
Incident ResponseIntrusion Detection System (IDS)Firewall LogsIncident Validation
Question #392Information Security Risk Management
Which of the following is the BEST evidence of an effectively designed key risk indicator (KRI)?
Key Risk Indicators (KRIs)Risk MeasurementQuantitative MetricsRisk Management Effectiveness
Question #393Information Security Governance
A financial institution is planning to introduce a new service that requires the handling of customer data. Which of the following is MOST important for the information security ma...
Legal and Regulatory ComplianceData PrivacyInformation Security GovernanceNew Service Introduction
Question #394Information Security Risk Management
What is the PRIMARY benefit of effective configuration management?
Configuration ManagementRisk ReductionInformation Security ControlsSystem Hardening
Question #395Information Security Risk Management
Which of the following is an example of a change to the external threat landscape?
External ThreatsThreat LandscapeRisk IdentificationCryptographic Vulnerabilities
Question #396Information Security Program Development and Management
An information security manager discovers that the organization's new information security policy is not being followed across all departments. Which of the following should be of...
Policy complianceBusiness alignmentControl effectivenessOperational impact
Question #397Information Security Governance
Which of the following BEST helps to establish an organization's security culture?
Security CultureSenior ManagementGovernanceMandate
Question #398Information Security Incident Management
Which of the following should be done FIRST to prioritize response to incidents?
Incident responseIncident prioritizationTriageIncident handling process
Question #399Information Security Incident Management
After a recovery from a successful malware attack, instances of the malware continue to be discovered. Which phase of incident response was not successful?
Incident ResponseEradicationMalwareIncident Management Phases
Question #400Information Security Governance
Which of the following BEST enables the implementation of an information security framework?
Stakeholder buy-inFramework implementationOrganizational supportSecurity governance

PreviousPage 8 of 20Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.