©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM Exam Practice Questions and Answers (100% Pass)
Which of the following is an indicator of effective governance - Answer✔️✔️-A
defined information security architecture
What is the primary factor that should be taken into consideration when designing
the technical solution for a DR site? - Answer✔️✔️-Allowable interruption window
Which of the following is the most cost-effective approach to achieve strategic
alignment? - Answer✔️✔️-Periodically survey management
Recovery point objectives can be used to determine which of the following? -
Answer✔️✔️-Maximum tolerable period of data loss
An information security manager has implemented procedures for monitoring
specific activities on the network. The sysadmin has been trained to analyze the
network events, take appropriate action and provide reports to the infosec manager.
What additional monitoring should be implemented to give a more accurate, risk
based view of network activity? - Answer✔️✔️-The system administrator should be
monitored by a separate reviewer
What is the primary objective of a post incident review in incident response? -
Answer✔️✔️-To the motive the response process.
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
What should documented standards/procedures for cryptography across the
enterprise achieve? - Answer✔️✔️-They should define the circumstances where
cryptography should be used
A certificate authority is required for a public key infrastructure: - Answer✔️✔️-
Except where users attest to each other's identity
An organization's board of directors is concerned about recent fraud attempts that
originated over the internet. What action should the board take to address this
concern? - Answer✔️✔️-Direct management to assess the risk and to report the
results to the board.
Which of the following is most responsible naively for ensure no that information
protection policies are consistent with applicable laws and regulations ? -
Answer✔️✔️-The board of directors
An information security manager mapping a job description to types of data access
is most likely to adhere the which of the following information Security principles?
- Answer✔️✔️-Proportionality
When creating a forensic image of a hard drive, which of the following should be
the first step? - Answer✔️✔️-Establish a chain of custody log
2
CISM Exam Practice Questions and Answers (100% Pass)
Which of the following is an indicator of effective governance - Answer✔️✔️-A
defined information security architecture
What is the primary factor that should be taken into consideration when designing
the technical solution for a DR site? - Answer✔️✔️-Allowable interruption window
Which of the following is the most cost-effective approach to achieve strategic
alignment? - Answer✔️✔️-Periodically survey management
Recovery point objectives can be used to determine which of the following? -
Answer✔️✔️-Maximum tolerable period of data loss
An information security manager has implemented procedures for monitoring
specific activities on the network. The sysadmin has been trained to analyze the
network events, take appropriate action and provide reports to the infosec manager.
What additional monitoring should be implemented to give a more accurate, risk
based view of network activity? - Answer✔️✔️-The system administrator should be
monitored by a separate reviewer
What is the primary objective of a post incident review in incident response? -
Answer✔️✔️-To the motive the response process.
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
What should documented standards/procedures for cryptography across the
enterprise achieve? - Answer✔️✔️-They should define the circumstances where
cryptography should be used
A certificate authority is required for a public key infrastructure: - Answer✔️✔️-
Except where users attest to each other's identity
An organization's board of directors is concerned about recent fraud attempts that
originated over the internet. What action should the board take to address this
concern? - Answer✔️✔️-Direct management to assess the risk and to report the
results to the board.
Which of the following is most responsible naively for ensure no that information
protection policies are consistent with applicable laws and regulations ? -
Answer✔️✔️-The board of directors
An information security manager mapping a job description to types of data access
is most likely to adhere the which of the following information Security principles?
- Answer✔️✔️-Proportionality
When creating a forensic image of a hard drive, which of the following should be
the first step? - Answer✔️✔️-Establish a chain of custody log
2
