ISACA CISM Certified Information Security Manager Online Training
ISACA CISM Online Training
The questions for CISM were last updated at Jul 18,2025.
- Exam Code: CISM
- Exam Name: Certified Information Security Manager
- Certification Provider: ISACA
- Latest update: Jul 18,2025
Which of the following processes is the FIRST step in establishing an information security policy?
- A . Review of current global standards
- B . Business risk assessment
- C . Security controls evaluation
- D . Information security audit
A company has purchased a rival organization and is looking to integrate security strategies.
Which of the following is the GREATEST issue to consider?
- A . The organizations have different risk appetites
- B . Differing security skills within the organizations
- C . Confidential information could be leaked
- D . Differing security technologies
Which of the following is the PRIMARY reason social media has become a popular target for attack?
- A . The reduced effectiveness of access controls
- B . The accessibility of social media from multiple locations
- C . The prevalence of strong perimeter protection
- D . The element of trust created by social media
When using a newly implemented security information and event management (SIEM) infrastructure, which of the following should be considered FIRST?
- A . Encryption
- B . Retention
- C . Report distribution
- D . Tuning
An organization’s security policy is to disable access to USB storage devices on laptops and desktops.
Which of the following is the STRONGEST justification foi granting an exception to the policy?
- A . Access is restricted to read-only.
- B . USB storage devices are enabled based on user roles
- C . Users accept the risk of noncompliance.
- D . The benefit is greater than the potential risk
Which of the following is the BEST way to improve the timely reporting of information security incidents?
- A . Perform periodic simulations with the incident response team.
- B . Regularly reassess and update the incident response plan.
- C . Integrate an intrusion detection system (IDS) in the DMZ
- D . Incorporate security procedures in help desk processes
Which of the following would BEST assist an information security manager in gaining strategic support from executive management?
- A . Risk analysis specific to the organization
- B . Research on trends in global information security breaches
- C . Rating of the organization s security, based on international standards
- D . Annual report of security incidents within the organization
When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?
- A . The security awareness programs
- B . Firewall logs
- C . The risk management processes
- D . Post-incident analysis results
What should be information security manager’s FIRST course of action when it is discovered a staff member has been posting corporate information on social media sites?
- A . Asses the classification of the data posted.
- B . Implement controls to block the social media sites.
- C . Refer the staff member to the information security policy
- D . Notify senior management
Which of the following is the MOST important consideration when determining the approach for gaining organization-wide acceptance of an information security plan?
- A . Mature security policy
- B . Information security roles and responsibilities
- C . Organizational information security awareness
- D . Organizational culture
Latest CISM Dumps Valid Version with 1327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
