Practice Test 4 - PACKT CISM

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Question 1 of 30

What is the primary reason for the alignment of information security governance with corporate governance?

CISM Exam Study Guide

The prioritization of an information security project is primarily the responsibility of:

CISM Exam Study Guide

Which among the following is the most significant key risk indicator of the security team for an organization?

CISM Exam Study Guide

An information security manager has been asked to evaluate the effectiveness of a particular security process. Which is the best method to measure this?

CISM Exam Study Guide

Which among the following options is considered the most significant from a strategy perspective?

CISM Exam Study Guide

An information security manager is currently evaluating the level of risk associated with the implementation of a new business process. Which of the following should be calculated first to determine the level of risk?

CISM Exam Study Guide

What is a reduction in the risk posed to business processes most likely the result of?

CISM Exam Study Guide

Upon determination of the risk level, what should the information security manager’s next step be?

CISM Exam Study Guide

What is the most important goal of a risk management program?

CISM Exam Study Guide

What is the best indicator of an effective risk management program?

CISM Exam Study Guide

An information security manager has been asked to develop an information security risk management program for the organization. What should their first step be?

CISM Exam Study Guide

What is the primary goal of a risk treatment?

CISM Exam Study Guide

What is the most important consideration for an information security manager when trying to achieve an effective risk management program?

CISM Exam Study Guide

What is a risk management process best suited to?

CISM Exam Study Guide

A business unit is unwilling to mitigate a high risk that is above the acceptable level but is willing to accept it. What is the information security manager’s first step?

CISM Exam Study Guide

What is the best method to improve the accuracy of the outputs of risk assessments?

CISM Exam Study Guide

What is the best time to carry out a risk assessment in a project?

CISM Exam Study Guide

What is the most important factor that an information security manager should take into account when conducting a risk assessment?

CISM Exam Study Guide

Risk is an output of:

CISM Exam Study Guide

What is the most important activity that an information security manager should perform after being notified about a business process being outsourced to an offshore vendor?

CISM Exam Study Guide

An information security manager is concerned about the lack of periodic risk assessments performed for a critical business process. What is the most important reason for this concern?

CISM Exam Study Guide

An information security manager observes that a legacy system with known vulnerabilities is still in operation for a business process. What action should be taken to determine the need for mitigation?

CISM Exam Study Guide

What is the most important use of a risk register?

CISM Exam Study Guide

What is the primary concern for a security manager dealing with an organization’s homogeneous network?

CISM Exam Study Guide

Which of the following is the best case in which to use a qualitative risk analysis?

CISM Exam Study Guide

What would be the best approach for an information security manager to evaluate the reputational risk associated with data leakage?

CISM Exam Study Guide

The audit team of an organization has raised a few findings related to the information security posture for a business process. What is the best approach for the information security manager to take to mitigate the findings?

CISM Exam Study Guide

What is the most important factor to achieve an effective information security program?

CISM Exam Study Guide

What is the first phase for carrying out the risk assessment of a new application?

CISM Exam Study Guide

What should an information security manager best recommend to a business unit planning to acquire new IT resources for ensuring effective risk management?

CISM Exam Study Guide