Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CISM Exam Dumps - Isaca Certification Questions and Answers

Question # 4

Several months after the installation of a new firewall with intrusion prevention features to block malicious activity, a breach was discovered that came in through the firewall shortly after installation. This breach could have been detected earlier by implementing firewall:

Options:

A.

packet filtering.

B.

web surfing controls.

C.

log monitoring.

D.

application awareness.

Buy Now
Question # 5

Which of the following is the MOST important benefit of using a cloud access security broker when migrating to a cloud environment?

Options:

A.

Enhanced data governance

B.

Increased third-party assurance

C.

)Improved incident management

D.

Reduced total cost of ownership (TCO)

Buy Now
Question # 6

Which of the following BEST determines the data retention strategy and subsequent policy for an organization?

Options:

A.

Business impact analysis (BIA)

B.

Business requirements

C.

Supplier requirements

D.

Risk appetite

Buy Now
Question # 7

An organization has purchased an Internet sales company to extend the sales department. The information security manager ' s FIRST step to ensure the security policy framework encompasses the new business model is to:

Options:

A.

perform a gap analysis.

B.

implement both companies ' policies separately

C.

merge both companies ' policies

D.

perform a vulnerability assessment

Buy Now
Question # 8

For the information security manager, integrating the various assurance functions of an organization is important PRIMARILY to enable:

Options:

A.

consistent security.

B.

comprehensive audits

C.

a security-aware culture

D.

compliance with policy

Buy Now
Question # 9

Which of the following is MOST important to include in monthly information security reports to the board?

Options:

A.

Trend analysis of security metrics

B.

Risk assessment results

C.

Root cause analysis of security incidents

D.

Threat intelligence

Buy Now
Question # 10

An information security manager is updating the organization ' s incident response plan. Which of the following is the BEST way to validate that the process and procedures provided by IT and business units are complete, accurate, and known by all responsible teams?

Options:

A.

Review the test objectives with stakeholders.

B.

Conduct a data breach incident tabletop exercise.

C.

Conduct an incident response plan survey.

D.

Review data breach incident triage steps.

Buy Now
Question # 11

Which or the following is MOST important to consider when determining backup frequency?

Options:

A.

Recovery point objective (RPO)

B.

Recovery time objective (RTO)

C.

Allowable interruption window

D.

Maximum tolerable outage (MTO)

Buy Now
Question # 12

An organization ' s information security manager is performing a post-incident review of a security incident in which the following events occurred:

• A bad actor broke into a business-critical FTP server by brute forcing an administrative password

• The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored

• The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server

• After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail

Which of the following could have been prevented by conducting regular incident response testing?

Options:

A.

Ignored alert messages

B.

The server being compromised

C.

The brute force attack

D.

Stolen data

Buy Now
Question # 13

Which of the following BEST illustrates residual risk within an organization?

Options:

A.

Heat map

B.

Risk management framework

C.

Business impact analysis (BIA)

D.

Balanced scorecard

Buy Now
Question # 14

Which of the following is the MOST important requirement for a successful security program?

Options:

A.

Mapping security processes to baseline security standards

B.

Penetration testing on key systems

C.

Management decision on asset value

D.

Nondisclosure agreements (NDA) with employees

Buy Now
Question # 15

Which of the following defines the triggers within a business continuity plan (BCP)? @

Options:

A.

Needs of the organization

B.

Disaster recovery plan (DRP)

C.

Information security policy

D.

Gap analysis

Buy Now
Question # 16

After a server has been attacked, which of the following is the BEST course of action?

Options:

A.

Initiate incident response.

B.

Review vulnerability assessment.

C.

Conduct a security audit.

D.

Isolate the system.

Buy Now
Question # 17

When updating the information security policy to accommodate a new regulation, the information security manager should FIRST:

Options:

A.

Review key risk indicators (KRIs)

B.

Perform a gap analysis

C.

Consult process owners

D.

Update key performance indicators (KPIs)

Buy Now
Question # 18

Which of the following should be the FIRST step in developing an information security strategy?

Options:

A.

Perform a gap analysis based on the current state

B.

Create a roadmap to identify security baselines and controls.

C.

Identify key stakeholders to champion information security.

D.

Determine acceptable levels of information security risk.

Buy Now
Question # 19

Which of the following provides the MOST comprehensive insight into ongoing threats facing an organization?

Options:

A.

Business impact analysis (BIA)

B.

Risk register

C.

Penetration testing

D.

Vulnerability assessment

Buy Now
Question # 20

Which of the following is the MOST important detail to capture in an organization ' s risk register?

Options:

A.

Risk appetite

B.

Risk severity level

C.

Risk acceptance criteria

D.

Risk ownership

Buy Now
Question # 21

Which of the following is the MOST important reason for an organization to communicate to affected parties that a security incident has occurred?

Options:

A.

To improve awareness of information security

B.

To disclose the root cause of the incident

C.

To increase goodwill toward the organization

D.

To comply with regulations regarding notification

Buy Now
Question # 22

Which of the following should be the PRIMARY basis for determining the value of assets?

Options:

A.

Cost of replacing the assets

B.

Business cost when assets are not available

C.

Original cost of the assets minus depreciation

D.

Total cost of ownership (TCO)

Buy Now
Question # 23

A security incident has been reported within an organization. When should an information security manager contact the information owner?

Options:

A.

After the incident has been contained

B.

After the incident has been mitigated

C.

After the incident has been confirmed

D.

After the potential incident has been logged

Buy Now
Exam Code: CISM
Exam Name: Certified Information Security Manager
Last Update: Jul 5, 2026
Questions: 1135
CISM pdf

CISM PDF

$59.7  $199
CISM Engine

CISM Testing Engine

$67.5  $225
CISM PDF + Engine

CISM PDF + Testing Engine

$74.7  $249