CISM Test Question Bank (2023/2024) with Certified Solutions
CISM Test Question Bank (2023/2024) with Certified Solutions Which of the following tools is MOST appropriate for determining how long a security project will take to implement? Critical path When speaking to an organization's human resources department about information security, an information security manager should focus on the need for: security awareness training for employees. Good information security standards should: define precise and unambiguous allowable limits. Which of the following should be the FIRST step in developing an information security plan? Analyze the current business strategy Senior management commitment and support for information security can BEST be obtained through presentations that: tie security risks to key business objectives The MOST appropriate role for senior management in supporting information security is the: approval of policy statements and funding Which of the following would BEST ensure the success of information security governance within an organization? Steering committees approve security projects Information security governance is PRIMARILY driven by: business strategy Which of the following represents the MAJOR focus of privacy regulations? Identifiable personal data Investments in information security technologies should be based on: value analysis Retention of business records should PRIMARILY be based on regulatory and legal requirements Which of the following is characteristic of centralized information security management? Better adherence to policies Successful implementation of information security governance will FIRST require: updated security policies Which of the following individuals would be in the BEST position to sponsor the creation of an information security steering group? Chief operating officer (COO) The MOST important component of a privacy policy is: notifications The cost of implementing a security control should not exceed the: asset value When a security standard conflicts with a business objective, the situation should be resolved by: performing a risk analysis Minimum standards for securing the technical infrastructure should be defined in a security: architecture Which of the following is MOST appropriate for inclusion in an information security strategy? Security processes, methods, tools and techniques Senior management commitment and support for information security will BEST be attained by an information security manager by emphasizing: organizational risk Which of the following roles would represent a conflict of interest for an information security manager? Final approval of information security policies Which of the following situations must be corrected FIRST to ensure successful information security governance within an organization? The data center manager has final signoff on all security projects Which of the following requirements would have the lowest level of priority in information security? Technical When an organization hires a new information security manager, which of the following goals should this individual pursue FIRST? Establish good communication with steering committee members It is MOST important that information security architecture be aligned with which of the following? Business goals and objectives Which
Written for
- Institution
- CISM - Certified Information Security Manager
- Course
- CISM - Certified Information Security Manager
Document information
- Uploaded on
- October 7, 2023
- Number of pages
- 107
- Written in
- 2023/2024
- Type
- Exam (elaborations)
- Contains
- Questions & answers
Subjects
-
cism test question bank with certified
Also available in package deal
