DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Prepare for CISM Success: Exam Questions 2024 Updated, Certified Information Security Manager | SPOTO

Prepare for CISM success with SPOTO's updated exam questions for 2024. Our comprehensive resources cover all vital topics, including information security governance, risk management, incident management, and regulatory compliance. Access a variety of exam preparation tools, such as sample questions and mock exams, to enhance your understanding and boost your confidence. Say goodbye to unreliable sources and embrace trusted exam practice with SPOTO. Utilize our exam simulator to replicate the exam environment and refine your exam-taking strategies effectively. Whether you're in need of exam materials or online exam questions, SPOTO provides the essential resources for success. Start your exam preparation journey today with our free test and ensure you're fully prepared to excel in the Certified Information Security Manager exam.
Take other online exams

Question #1
The MOST effective approach to address issues that arise between IT management, business units and security management when implementing a new security strategy is for the information security manager to:
A. escalate issues to an external third party for resolutio
B. ensure that senior management provides authority for security to address the issue
C. insist that managers or units not in agreement with the security solution accept the ris
D. refer the issues to senior management along with any security recommendation
View answer
Correct Answer: D
Question #2
Which of the following is MOST likely to be discretionary?
A. Policies
B. Procedures
C. Guidelines
D. Standards
View answer
Correct Answer: D
Question #3
Which of the following is the MOST immediate consequence of failing to tune a newly installed intrusion detection system (IDS) with the threshold set to a low value?
A. The number of false positives increases
B. The number of false negatives increases
C. Active probing is missed
D. Attack profiles are ignored
View answer
Correct Answer: B
Question #4
When residual risk is minimized:
A. acceptable risk is probabl
B. transferred risk is acceptabl
C. control risk is reduce
D. risk is transferabl
View answer
Correct Answer: C
Question #5
The MOST important success factor to design an effective IT security awareness program is to:
A. customize the content to the target audienc
B. ensure senior management is represente
C. ensure that all the staff is traine
D. avoid technical content but give concrete example
View answer
Correct Answer: D
Question #6
Which of the following is the MOST appropriate frequency for updating antivirus signature files for antivirus software on production servers?
A. Daily
B. Weekly
C. Concurrently with O/S patch updates
D. During scheduled change control updates
View answer
Correct Answer: B
Question #7
The chief information security officer (CISO) should ideally have a direct reporting relationship to the:
A. head of internal audi
B. chief operations officer (COO)
C. chief technology officer (CTO)
D. legal counse
View answer
Correct Answer: B
Question #8
Access control to a sensitive intranet application by mobile users can BEST be implemented through:
A. data encryptio
B. digital signature
C. strong password
D. two-factor authenticatio
View answer
Correct Answer: B
Question #9
The PRIMARY benefit of performing an information asset classification is to:
A. link security requirements to business objective
B. identify controls commensurate to ris
C. define access right
D. establish ownershi
View answer
Correct Answer: B
Question #10
Which of the following is the MOST effective solution for preventing individuals external to the organization from modifying sensitive information on a corporate database?
A. Screened subnets
B. Information classification policies and procedures
C. Role-based access controls
D. Intrusion detection system (IDS)
View answer
Correct Answer: C
Question #11
From an information security manager perspective, what is the immediate benefit of clearly-defined roles and responsibilities?
A. Enhanced policy compliance
B. Improved procedure flows
C. Segregation of duties
D. Better accountability
View answer
Correct Answer: D
Question #12
Topic 5Following a highly sensitive data breach at a large company, all servers and workstations were patched. The informationsecurity managers NEXT step should be to:
A. inform senior management of changes in risk metrics
B. perform an assessment to measure the current state
C. deliver security awareness training
D. ensure baseline back-ups are performed
View answer
Correct Answer: B
Question #13
Who should determine the appropriate classification of accounting ledger data located on a database server and maintained by a database administrator in the IT department?
A. Database administrator (DBA )
B. Finance department management
C. Information security manager
D. IT department management
View answer
Correct Answer: B
Question #14
Topic 5Which is the MOST important to enable a timely response to a security breach?
A. Knowledge sharing and collaboration
B. Security event logging
C. Roles and responsibilities
D. Forensic analysis
View answer
Correct Answer: B
Question #15
An extranet server should be placed:
A. outside the firewal
B. on the firewall serve
C. on a screened subne
D. on the external route
View answer
Correct Answer: D
Question #16
Which of the following is the BEST method to reduce the number of incidents of employees forwarding spam and chain e-mail messages?
A. Acceptable use policy
B. Setting low mailbox limits
C. User awareness training
D. Taking disciplinary action
View answer
Correct Answer: A
Question #17
The service level agreement (SLA) for an outsourced IT function does not reflect an adequate level of protection. In this situation an information security manager should:
A. ensure the provider is made liable for losse
B. recommend not renewing the contract upon expiratio
C. recommend the immediate termination of the contrac
D. determine the current level of securit
View answer
Correct Answer: C
Question #18
The recovery time objective (RTO) is reached at which of the following milestones?
A. Disaster declaration
B. Recovery of the backups
C. Restoration of the system
D. Return to business as usual processing
View answer
Correct Answer: C
Question #19
Which of the following is the BEST metric for evaluating the effectiveness of security awareness twining? The number of:
A. password reset
B. reported incident
C. incidents resolve
D. access rule violation
View answer
Correct Answer: B
Question #20
Senior management commitment and support for information security will BEST be attained by an information security manager by emphasizing:
A. organizational risk
B. organization wide metrics
C. security needs
D. the responsibilities of organizational units
View answer
Correct Answer: B
Question #21
Acceptable levels of information security risk should be determined by:
A. legal counsel
B. security management
C. external auditors
D. die steering committee
View answer
Correct Answer: C
Question #22
Topic 5When designing an incident response plan to be agreed upon with a cloud computing vendor, including which of thefollowing will BEST help to ensure the effectiveness of the plan?
A. A training program for the vendor staff
B. An audit and compliance program
C. Responsibility and accountability assignments
D. Requirements for onsite recovery testing
View answer
Correct Answer: C
Question #23
When a departmental system continues to be out of compliance with an information security policy's password strength requirements, the BEST action to undertake is to:
A. submit the issue to the steering committe
B. conduct an impact analysis to quantify the risk
C. isolate the system from the rest of the networ
D. request a risk acceptance from senior managemen
View answer
Correct Answer: C
Question #24
It is MOST important that information security architecture be aligned with which of the following? Real 11 Isaca CISM Exam
A. Industry best practices
B. Information technology plans
C. Information security best practices
D. Business objectives and goals
View answer
Correct Answer: B
Question #25
Successful implementation of information security governance will FIRST require:
A. security awareness training
B. updated security policies
C. a computer incident management team
D. a security architecture
View answer
Correct Answer: B
Question #26
The MOST important reason that statistical anomaly-based intrusion detection systems (slat IDSs) are less commonly used than signature-based IDSs, is that stat IDSs:
A. create more overhead than signature-based IDS
B. cause false positives from minor changes to system variable
C. generate false alarms from varying user or system action
D. cannot detect new types of attack
View answer
Correct Answer: D
Question #27
An information security organization should PRIMARILY:
A. support the business objectives of the company by providing security-related support service
B. be responsible for setting up and documenting the information security responsibilities of the information security team member
C. ensure that the information security policies of the company are in line with global best practices and standard
D. ensure that the information security expectations are conveyed to employee
View answer
Correct Answer: D
Question #28
Senior management commitment and support for information security will BEST be attained by an information security manager by emphasizing:
A. organizational ris
B. organization wide metric
C. security need
D. the responsibilities of organizational unit
View answer
Correct Answer: B
Question #29
Topic 5A desktop computer that was involved in a computer security incident should be secured as evidence by:
A. disconnecting the computer from all power sources
B. disabling all local user accounts except for one administrator
C. encrypting local files and uploading exact copies to a secure server
D. copying all files using the operating system (OS) to write-once media
View answer
Correct Answer: A
Question #30
The BEST metric for evaluating the effectiveness of a firewall is the:
A. number of attacks blocke
B. number of packets droppe
C. average throughput rat
D. number of firewall rule
View answer
Correct Answer: C
Question #31
Topic 5Which of the following actions should be taken when an online trading company discovers a network attack in progress?
A. Shut off all network access points
B. Dump all event logs to removable media
C. Isolate the affected network segment
D. Enable trace logging on all event
View answer
Correct Answer: C
Question #32
To BEST improve the alignment of the information security objectives in an organization, the chief information security officer (CISO) should:
A. revise the information security progra
B. evaluate a balanced business scorecar
C. conduct regular user awareness session
D. perform penetration test
View answer
Correct Answer: A
Question #33
Information security policies should:
A. address corporate network vulnerabilitie
B. address the process for communicating a violatio
C. be straightforward and easy to understan
D. be customized to specific groups and role
View answer
Correct Answer: B
Question #34
Which of the following represents the MAJOR focus of privacy regulations?
A. Unrestricted data mining
B. Identity theft
C. Human rights protection
D. D
View answer
Correct Answer: D
Question #35
Topic 5A company has a network of branch offices with local file/print and mail servers; each branch individually contracts a hot site.Which of the following would be the GREATEST weakness in recovery capability?
A. Exclusive use of the hot site is limited to six weeks
B. The hot site may have to be shared with other customers
C. The time of declaration determines site access priority
D. The provider services all major companies in the area
View answer
Correct Answer: D
Question #36
Topic 5Which of the following is the MOST important part of an incident response plan?
A. Recovery time objective (RTO)
B. Business impact analysis (BIA)
C. Recovery point objective (RPO)
D. Mean time to report (MTTR)
View answer
Correct Answer: A
Question #37
In business-critical applications, user access should be approved by the:
A. information security manage
B. data owne
C. data custodia
D. business managemen
View answer
Correct Answer: C
Question #38
Topic 5Which of the following is the MOST important incident management consideration for an organization subscribing to a cloudservice?
A. Expertise of personnel providing incident response
B. Implementation of a SIEM in the organization
C. Decision on the classification of cloud-hosted data
D. An agreement on the definition of a security incident
View answer
Correct Answer: D
Question #39
When a security standard conflicts with a business objective, the situation should be resolved by:
A. changing the security standard
B. changing the business objective
C. performing a risk analysis
D. authorizing a risk acceptance
View answer
Correct Answer: C
Question #40
The MAIN reason for having the Information Security Steering Committee review a new security controls implementation plan is to ensure that:
A. the plan aligns with the organization's business pla
B. departmental budgets are allocated appropriately to pay for the pla
C. regulatory oversight requirements are me
D. the impact of the plan on the business units is reduce
View answer
Correct Answer: A
Question #41
Good information security procedures should:
A. define the allowable limits of behavio
B. underline the importance of security governanc
C. describe security baselines for each platfor
D. be updated frequently as new software is release
View answer
Correct Answer: B
Question #42
An information security program should focus on:
A. best practices also in place at peer companie
B. solutions codified in international standard
C. key controls identified in risk assessment
D. continued process improvemen
View answer
Correct Answer: A
Question #43
There is a time lag between the time when a security vulnerability is first published, and the time when a patch is delivered. Which of the following should be carried out FIRST to mitigate the risk during this time period?
A. Identify the vulnerable systems and apply compensating controls
B. Minimize the use of vulnerable systems
C. Communicate the vulnerability to system users
D. Update the signatures database of the intrusion detection system (IDS)
View answer
Correct Answer: D
Question #44
Topic 5Which of the following is MOST likely to affect an organizations ability to respond to security incidents in a timely manner?
A. Lack of senior management buy-in
B. Inadequate detective control performance
C. Complexity of network segmentation
D. Misconfiguration of security information and event management (SIEM) tool
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: