ISACA (CISM): Certified Information Security Manager

  1. Home
  2. ISACA (CISM): Certified Information Security Manager
ISACA CISM Sample Questions

Question 1 – A public website should protect consumers’ private information using the following methods?

  • A. Applying strong authentication to online accounts
  • B. Encrypting consumer data in transit and at rest
  • C. Using a secure encrypted transport layer
  • D. Applying a masking policy to the consumer data

Correct Answer: B

Question 2 – The information security manager should PRIMARILY consider the following when developing an incident response plan:

  • A. affected stakeholders.
  • B. incident response team.
  • C. availability of technical resources.
  • D. media coverage

Correct Answer: A

Question 3 – An information security manager should consider which of the following MOST crucial factors when determining whether an asset is appropriately classified?

  • A. Value to the business
  • B. Security policy requirements
  • C. Ownership of information
  • D. Level of protection

Correct Answer: A

Question 4 – In order for an incident response team to be most effective, it must:

  • A. be updated based on lessons learned.
  • B. have team members who are trained security personnel.
  • C. meets on a regular basis to review log files.
  • D. incidents are identified using a security information and event monitoring (SIEM) system.

Correct Answer: A

Question 5 – It is essential that the information security manager has a thorough understanding of the organization’s business goals so they can:

  • A. relate information security to change management.
  • B. develop an information security strategy.
  • C. develop operational procedures
  • D. define key performance indicators (KPIs).

Correct Answer: D

Question 6 – How can an information security manager be successful if he or she doesn’t understand the program of information security?

  • A. Understanding current and emerging technologies
  • B. Establishing key performance indicators (KPIs)
  • C. Conducting periodic risk assessments
  • D. Obtaining stakeholder input

Correct Answer: D

Question 7 – Using an organization’s perimeter firewall, an attacker gained access and altered it to allow wider external access and data theft. What is the best way to identify this incident in a timely manner?

  • A. Implementing a data loss prevention (DLP) suite
  • B. Deploying an intrusion prevention system (IPS)
  • C. Deploying a security information and event management system (SIEM)
  • D. Conducting regular system administrator awareness training

Correct Answer: C

Question 8 – Identifying indicators of an information security program’s success is the BEST approach.

  • A. supporting major information security initiatives.
  • B. reflecting the corporate risk culture.
  • C. reducing information security program spending.
  • D. demonstrating the effectiveness of the security program.

Correct Answer: D

Question 9 – What is the most likely security event that will trigger an incident response plan and escalate to management for an organization that provides web-based services?

  • A. Anti-malware alerts on several employees’ workstations
  • B. Several port scans of the web server
  • C. Multiple failed login attempts on an employee’s workstation
  • D. Suspicious network traffic originating from the demilitarized zone (DMZ)

Correct Answer: A

Question 10 – As part of contract negotiations with a third party, which of the following would be the MOST effective method to address the security concerns of an organization?

  • A. Reviewing the third-party contract with the organization’s legal department.
  • B. Communicating security policy with the third-party vendor.
  • C. Ensuring security is involved in the procurement process.
  • D. Conducting an information security audit on the third-party vendor.

Correct Answer: B

Question 11 – Which of the following is MOST frequently reviewed as part of web application security monitoring?

  • A. Audit reports
  • B. Access logs
  • C. Access lists
  • D. Threat metrics

Correct Answer: B

Question 12 – A manager of information security should ensure that security is incorporated into the project development process of an organization by using which of the following methods?

  • A. Developing good communications with the project management office (PMO).
  • B. Participating in project initiation, approval, and funding.
  • C. Conducting security reviews during design, testing, and implementation.
  • D. Integrati g organization’s security requirements into project management.

Correct Answer: D

Question 13 – Information security programs and underlying business processes can be evaluated most effectively by determining which of the following provides the MOST relevant information.

  • A. SWOT analysis
  • B. Industry benchmarks
  • C. Cost-benefit analysis
  • D. Balanced scorecard

Correct Answer: D

Question 14 – How likely is it that an enterprise security policy will address this issue?

  • A. Definitions of responsibilities
  • B. Retention schedules
  • C. System access specifications
  • D. Organizational risk

Correct Answer: A

Question 15 – For incident response testing, a tabletop test scenario should be developed with the following primary purpose:

  • A. measuring management engagement as part of an incident response team.
  • B. providing participants with situations for ensuring the understanding of their roles.
  • C. giving the business a measure of the organization’s overall readiness.
  • D. challenging the incident response team for solving the problem under pressure.

Correct Answer: B

Question 16 – Organizations can benefit from an information security risk analysis BEST by ensuring:

  • A. the infrastructure has the appropriate level of access control.
  • B. cost-effective decisions are made with regard to which assets need protection
  • C. an appropriate level of funding is applied to security processes.
  • D. the organization implements appropriate security technologies

Correct Answer: B

Question 17 – The local security regulations in a multinational organization should take precedence over the global security policy for three main reasons:

  • A. business objectives are defined by local business unit managers.
  • B. deploying awareness of local regulations is more practical than global policy.
  • C. global security policies include unnecessary controls for local businesses.
  • D. requirements of local regulations take precedence.

Correct Answer: D

Question 18 – A manager of information security should first understand the impact that a new regulatory requirement will have on his or her organization’s information security controls by:

  • A. conducting a cost-benefit analysis.
  • B. conducting a risk assessment.
  • C. interviewing senior management.
  • D. performing a gap analysis.

Correct Answer: D

Question 19 – In order to evaluate the existing information security controls and select new information security controls, which of the following processes should management use when changing the enterprise business strategy?

  • A. Access control management
  • B. Change management
  • C. Configuration management
  • D. Risk management

Correct Answer: D

Question 20 – Which of the given would be the most suitable way for building a risk-aware culture?

  • A. Periodically changing risk awareness messages.
  • B. Ensuring that threats are communicated organization-wide in a timely manner.
  • C. Periodically testing compliance with security controls and post results.
  • D. Establishing incentives and a channel for staff for reporting risks.

Correct Answer: C

cism free practice tests
Menu