Available Number of Questions: Maximum of
1044 Questions
Exam Name: Certified Information Security Manager
Exam Duration: 240 Minutes
Related Certification(s):
Isaca Certified Information Security Manager Certification
Isaca CISM Exam Topics - You’ll Be Tested in Actual Exam
The ISACA Certified Information Security Manager (CISM) exam is a comprehensive assessment designed to evaluate professionals' expertise in managing and designing information security programs. It covers a wide range of critical topics, including information security governance, risk management, and compliance. Exam candidates are expected to demonstrate their knowledge of developing and implementing security strategies, policies, and procedures. Additionally, the exam assesses their understanding of incident management and response, including the ability to detect, respond to, and recover from security incidents. Furthermore, CISM candidates must showcase their proficiency in information asset management, ensuring the protection of critical assets and data. The exam also delves into business continuity and disaster recovery planning, emphasizing the importance of resilient systems and processes. Additionally, it evaluates professionals' skills in aligning information security with business objectives and maintaining effective communication and collaboration within organizations. Overall, the CISM exam serves as a rigorous evaluation of a candidate's ability to lead and manage information security programs effectively, ensuring the protection of organizational assets and data.
Isaca CISM Exam Short Quiz
Attempt this Isaca CISM exam quiz to self-assess your preparation for the actual Isaca Certified Information Security Manager exam. CertBoosters also provides premium Isaca CISM exam questions to pass the Isaca Certified Information Security Manager exam in the shortest possible time. Be sure to try our free practice exam software for the Isaca CISM exam.
1of 0 questions |
Isaca CISM Exam Quiz
✓ 0 answered
🔖 0 bookmarked
IsacaCISM
Q1:
Senior management recently approved a mobile access policy that conflicts with industry best practices. Which of the following is the information security manager's BEST course of action when developing security standards for mobile access to the organization's network?
○
AAlign the standards with the organizational policy.
○
BAlign the standards with industry best practices.
○
CResolve the discrepancy before developing the standards.
○
DPerform a cost-benefit analysis of aligning the standards to policy.
IsacaCISM
Q2:
Which of the following should an organization do FIRST upon learning that a subsidiary is located in a country where civil unrest has just begun?
○
AAssess changes in the risk profile.
○
BActivate the disaster recovery plan (DRP).
○
CInvoke the incident response plan.
○
DConduct security awareness training.
IsacaCISM
Q3:
Which of the following is the MOST important characteristic of an effective information security metric?
○
AThe metric expresses residual risk relative to risk tolerance.
○
BThe metric is frequently reported to senior management.
○
CThe metric directly maps to an industry risk management framework.
○
DThe metric compares the organization's inherent risk against its risk appetite.
IsacaCISM
Q4:
Which of the following is MOST important for an information security manager to consider when determining whether data should be stored?
○
AData protection regulations
○
BData storage limitations
○
CBusiness requirements
○
DType and nature of data
IsacaCISM
Q5:
What should be the NEXT course of action when an information security manager has identified a department that is repeatedly not following the security policy?
○
APerform a vulnerability assessment on the systems within the department.
○
BIntroduce additional controls to force compliance with policy.
○
CRequire department users to repeat security awareness training.
○
DReport the policy violation to senior management.
