Exam Code: CISM
Exam Name: Certified Information Security Manager
Updated: Apr 21, 2024
Q&As: 2764
At Passcerty.com, we pride ourselves on the comprehensive nature of our CISM exam dumps, designed meticulously to encompass all key topics and nuances you might encounter during the real examination. Regular updates are a cornerstone of our service, ensuring that our dedicated users always have their hands on the most recent and relevant Q&A dumps. Behind every meticulously curated question and answer lies the hard work of our seasoned team of experts, who bring years of experience and knowledge into crafting these premium materials. And while we are invested in offering top-notch content, we also believe in empowering our community. As a token of our commitment to your success, we're delighted to offer a substantial portion of our resources for free practice. We invite you to make the most of the following content, and wish you every success in your endeavors.
Experience Passcerty.com exam material in PDF version.
Simply submit your e-mail address below to get started with our PDF real exam demo of your Isaca CISM exam.
Instant download
Latest update demo according to real exam
Of the following, who should have PRIMARY responsibility for assessing the security risk associated with an outsourced cloud provider contract?
A. Information security manager
B. Compliance manager
C. Chief information officer
D. Service delivery manager
A penetration test was conducted by an accredited third party. Which of the following should be the information security manager's FIRST course of action?
A. Ensure vulnerabilities found are resolved within acceptable timeframes.
B. Request funding needed to resolve the top vulnerabilities.
C. Report findings to senior management.
D. Ensure a risk assessment is performed to evaluate the findings.
Which of the following is a PRIMARY security responsibility of an information owner?
A. Deciding what level of classification the information requires
B. Testing information classification controls
C. Maintaining the integrity of data in the information system
D. Determining the controls associated with information classification
To prevent ransomware attacks, it is MOST important to ensure:
A. adequate backup and restoration processes are in place.
B. regular security awareness training is conducted.
C. the latest security appliances are installed.
D. updated firewall software is installed.
An information security manager is concerned with continued security policy violations in a particular business unit despite recent efforts to rectify the situation. What is the BEST course of action?
A. Review the business unit's function against the policy
B. Revise the policy to accommodate the business unit
C. Report the business unit for policy noncompliance
D. Enforce sanctions on the business unit
Viewing Page 1 of 3 pages. Download PDF or Software version with 2764 questions