Question 1 of 15

0%

An information security manager has been tasked with the implementation of a security program. What is the first step that they should perform?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

What should be the primary concern of the information security manager while implementing a retention policy?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

An information security manager has been notified about a new regulation that impacts the organization’s business. From the following, what should be the first step that the information security manager takes?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

A business process was shut down as part of a long-term strategy. What is the best approach to handle information related to this process?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

What is the best approach for an information security manager to take while developing a risk management framework for their organization?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

Which of the following would have the primary accountability for information security within an organization?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

The primary responsibility for implementing data classification within an information system lies with:

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

An information security manager intends to implement a firewall for an organization’s cloud applications. Which of the following should the information security manager reach out to for sponsorship?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

Who has the primary responsibility for handling restricted access to data?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

An organization decides to use an offshore vendor to manage customer biometric data for a business application. What is the primary concern for the information security manager?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

What is the best approach to gain management support for information security projects?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

The business unit head rejects implementing the suggested remediation for a critical security issue. What is the information security manager’s best approach?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

Senior management has approved the business case to replace legacy antivirus solutions with a next-gen antivirus. What is the most important factor that the information security manager should take into account to gain assurance about the vendor’s capability?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

A business process has attained maturity when it operates within the defined parameters and is able to achieve the desired targets. Which CMMI level is most suitable for this process?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousNextDon't Know

A relatively small team is unable to provide segregation of duties, and the application programmer has access to the logs. What is the best recommendation the information security manager can offer?

CISM Exam Study Guide

By Hemang Doshi

Buy now
PreviousSubmitDon't Know