©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM Exam Study Guide with Complete Solutions
The foundation of an information security program is: - Answer✔️✔️-Alignment
with the goals and objectives of the organization
The core principles of an information security program are: - Answer✔️✔️-
Confidentiality, Integrity and Availability
The key factor in a successful information security program is: - Answer✔️✔️-
Senior Management support
A threat can be described as: - Answer✔️✔️-Any event or action that could cause
harm to the organization
True/False: Threats can be either intentional or accidental - Answer✔️✔️-True
Personnel Security requires trained personnel to manage systems and networks.
When does personnel security begin? - Answer✔️✔️-Through pre-employment
checks
Who plays the most important role in information security? - Answer✔️✔️-Upper
management
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
The advantage of an IPS (intrusion prevention system) over an IDS (intrusion
detection system) is that: - Answer✔️✔️-The IPS can block suspicious activity in
real time
True/False: Physical security is an important part of an Information Security
program - Answer✔️✔️-True
The Sherwood Applied Business Security Architecture (SABSA) is primarily
concerned with: - Answer✔️✔️-An enterprise=wide approach to security
architecture
A centralized approach to security has the primary advantage of: - Answer✔️✔️-
Uniform enforcement of security policies
The greatest advantage to a decentralized approach to security is: - Answer✔️✔️-
More adjustable to local laws and requirements
A primary objective of an information security strategy is to: - Answer✔️✔️-Identify
and protect information assets
The first step in an information security strategy is to: - Answer✔️✔️-Determine the
desired state of security
2
CISM Exam Study Guide with Complete Solutions
The foundation of an information security program is: - Answer✔️✔️-Alignment
with the goals and objectives of the organization
The core principles of an information security program are: - Answer✔️✔️-
Confidentiality, Integrity and Availability
The key factor in a successful information security program is: - Answer✔️✔️-
Senior Management support
A threat can be described as: - Answer✔️✔️-Any event or action that could cause
harm to the organization
True/False: Threats can be either intentional or accidental - Answer✔️✔️-True
Personnel Security requires trained personnel to manage systems and networks.
When does personnel security begin? - Answer✔️✔️-Through pre-employment
checks
Who plays the most important role in information security? - Answer✔️✔️-Upper
management
1
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
The advantage of an IPS (intrusion prevention system) over an IDS (intrusion
detection system) is that: - Answer✔️✔️-The IPS can block suspicious activity in
real time
True/False: Physical security is an important part of an Information Security
program - Answer✔️✔️-True
The Sherwood Applied Business Security Architecture (SABSA) is primarily
concerned with: - Answer✔️✔️-An enterprise=wide approach to security
architecture
A centralized approach to security has the primary advantage of: - Answer✔️✔️-
Uniform enforcement of security policies
The greatest advantage to a decentralized approach to security is: - Answer✔️✔️-
More adjustable to local laws and requirements
A primary objective of an information security strategy is to: - Answer✔️✔️-Identify
and protect information assets
The first step in an information security strategy is to: - Answer✔️✔️-Determine the
desired state of security
2
