©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CISM Practice Questions and Answers (100% Pass)
1. Which of the following would BEST ensure the success of information security
governance within an organization?
A. The steering committee approves all security projects.
B. The security policy manual is distributed to all managers.
C. Security procedures are accessible on the company intranet.
D. The corporate network utilizes multiple screened subnets. - Answer✔️✔️-The
steering committee approves all security projects.
2. Which of the following should be developed FIRST?
A. Standards
B. Procedures
C. Policies
D. Guidelines - Answer✔️✔️-Policies
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
3. Which of the following individuals would be in the BEST position to sponsor
the creation of an information security steering group?
A. Chief security officer
B. Chief operating officer
C. Chief internal auditor
D. Chief legal counsel - Answer✔️✔️-Chief operating officer
4. Which of the following would normally be covered in an insurance policy for
computer
equipment coverage? Equipment:
A. leased to the insured by another company.
B. leased to another company by the insured.
C. under the direct control of another company.
D. located at and belonging to a service provider. - Answer✔️✔️-leased to the
insured by another company.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
5. The MOST appropriate reporting base for the information security management
function would be to report to the:
A. head of IT.
B. infrastructure director.
C. network manager.
D. chief information officer. - Answer✔️✔️-chief information officer
6. Which of the following is MOST indicative of the failure of information security
governance within an organization?
A. The information security department has had difficulty filling vacancies.
B. The chief information officer (CIO) approves changes to the security policy.
C. The information security oversight committee only meets quarterly.
D. The data center manager has final sign-off on all security projects. -
Answer✔️✔️-The data center manager has final sign-off on all security projects
7. When an organization hires a new information security manager, which of the
following goals should this individual pursue FIRST?
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
A. Develop a security architecture
B. Build senior management support
C. Assemble an experienced staff
D. Interview peer organizations - Answer✔️✔️-Build senior management support
8. Which of the following are seldom changed in response to technological
changes?
A. Standards
B. Procedures
C. Policies
D. Guidelines - Answer✔️✔️-Policies
9. Which of the following is characteristic of decentralized information security
management across a geographically dispersed organization?
A. More uniformity in quality of service
4
CISM Practice Questions and Answers (100% Pass)
1. Which of the following would BEST ensure the success of information security
governance within an organization?
A. The steering committee approves all security projects.
B. The security policy manual is distributed to all managers.
C. Security procedures are accessible on the company intranet.
D. The corporate network utilizes multiple screened subnets. - Answer✔️✔️-The
steering committee approves all security projects.
2. Which of the following should be developed FIRST?
A. Standards
B. Procedures
C. Policies
D. Guidelines - Answer✔️✔️-Policies
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
3. Which of the following individuals would be in the BEST position to sponsor
the creation of an information security steering group?
A. Chief security officer
B. Chief operating officer
C. Chief internal auditor
D. Chief legal counsel - Answer✔️✔️-Chief operating officer
4. Which of the following would normally be covered in an insurance policy for
computer
equipment coverage? Equipment:
A. leased to the insured by another company.
B. leased to another company by the insured.
C. under the direct control of another company.
D. located at and belonging to a service provider. - Answer✔️✔️-leased to the
insured by another company.
2
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
5. The MOST appropriate reporting base for the information security management
function would be to report to the:
A. head of IT.
B. infrastructure director.
C. network manager.
D. chief information officer. - Answer✔️✔️-chief information officer
6. Which of the following is MOST indicative of the failure of information security
governance within an organization?
A. The information security department has had difficulty filling vacancies.
B. The chief information officer (CIO) approves changes to the security policy.
C. The information security oversight committee only meets quarterly.
D. The data center manager has final sign-off on all security projects. -
Answer✔️✔️-The data center manager has final sign-off on all security projects
7. When an organization hires a new information security manager, which of the
following goals should this individual pursue FIRST?
3
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
A. Develop a security architecture
B. Build senior management support
C. Assemble an experienced staff
D. Interview peer organizations - Answer✔️✔️-Build senior management support
8. Which of the following are seldom changed in response to technological
changes?
A. Standards
B. Procedures
C. Policies
D. Guidelines - Answer✔️✔️-Policies
9. Which of the following is characteristic of decentralized information security
management across a geographically dispersed organization?
A. More uniformity in quality of service
4
