ISACA CISM Certified Information Security Manager Online Training
ISACA CISM Online Training
The questions for CISM were last updated at Sep 06,2025.
- Exam Code: CISM
- Exam Name: Certified Information Security Manager
- Certification Provider: ISACA
- Latest update: Sep 06,2025
Which of the following is an information security manager’s BEST course of action when informed of decision to reduce funding for the information security program?
- A . Remove overlapping security controls
- B . Prioritize security projects based on risk.
- C . Design key risk indicators (KRIs)
- D . Create a business case appeal decision.
Which of the following will BEST protect an organization against spear phishing?
- A . Antivirus software
- B . Acceptable use policy
- C . Email content filtering
- D . End-user training
Which of the following should be PRIMARILY included in a security training program for business process owners?
- A . Application recovery time
- B . Impact of security risks
- C . Application vulnerabilities
- D . List of security incidents reported
Which of the following external entities would provide the BEST guideance to an organization facing advanced attacks?
- A . Recognised threat intelligence communities
- B . Open-source reconnaissance
- C . Disaster recovery consultants widely endorsed in industry forums
- D . Incident response experts from highly regarded peer organizations
Which of the following is a PRIMARY security responsibility of an information owner?
- A . Testing information classification controls
- B . Determining the controls associated with information classification
- C . Maintaining the integrity of data in the information system
- D . Deciding what level of classification the information requires
To ensure appropriate control of information processed in IT systems, security safeguards should be based PRIMARILY on:
- A . criteria consistent with classification levels
- B . efficient technical processing considerations,
- C . overall IT capacity and operational constraints,
- D . established guidelines
Which of the following BEST enables an effective escalation process within an incident response program?
- A . Dedicated funding for incident management
- B . Adequate incident response staffing
- C . Monitored program metrics
- D . Defined incident thresholds
Which of the following activities BEST enables executive management to ensure value delivery within an information security program?
- A . Requiring employees to undergo information security awareness training
- B . Assigning an information security manager to a senior management position
- C . Approving an industry-recognized information security framework
- D . Reviewing business cases for information security initiatives
Which of the following would present the GREATEST need to revise information security poll’
- A . Implementation of a new firewall
- B . An increase in reported incidents
- C . A merger with a competing company
- D . Changes in standards and procedures
During which phase of an incident response process should corrective actions to the response procedure be considered and implemented?
- A . Review
- B . Identification
- C . Eradication
- D . Containment
Latest CISM Dumps Valid Version with 1327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
