CERTIFIED INFORMATION SECURITY MANAGER CISM TEST
2025 “ 2026 ACTUAL EXAM 80 QUESTIONS AND CORRECT
ANSWEERS GUARANTEE OVER 85% PASSMARK
The best method for identifying third-party service organization is to:
A. Inventory all legal agreements
B. Examine firewall access logs
C. Consult with legal, procurement, and IT.
D. Consult with accounting and legal - correct answer -C. Consult with legal, procurement, and IT
The purpose of event monitoring to is:
A. Identify anomalous behavior on the part of employees.
B. Confirm that all systems and devices are performing adequately
C. Confirm that all systems and devices are in compliance with policy
D. Identify unwanted events that could be a sign of a security breach - correct answer -D. Identify
unwanted events that could be a sign of a security breach
The purpose of vulnerability management is to:
A. Identify and re-mediate vulnerabilities in all systems
B. Transfer vulnerabilities to low risk systems
C. Identify exploitable vulnerabilities in all systems
D. Transfer vulnerabilities to third parties - correct answer -A. Identify and re-mediate vulnerabilities in
all systems
Intrusion prevention systems are different from firewalls because:
A. Their rules can be changed automatically
B. They examine the contents of headers instead of the entire payload
C. They examine the contents of headers instead of the entire payload
D. They alert personnel about threats but do not stop them - correct answer -C. They examine the
contents of headers instead of the entire payload
, The purpose of web content filters is to:
A. Permit management to track who visits which web sites
B. Block user access to web sites that pose a threat
C. Block user access to web sites that are a waste of time
D. Scan content for malware - correct answer -B. Block user access to web sites that pose a threat
The purpose of a SIEM is:
A. centrally log event data
B. correlate events and generate alerts
C. track remediation of known vulnerabilities
D. scan systems and devices for new vulnerabilities - correct answer -B. correlate events and generate
alerts
An organization lacks personnel and tools to conduct forensic analysis. What is the best way for the
organization to acquire this capability?
A. Purchase advanced anti-malware tools
B. Purchase a security information and event management system (SIEM)
C. Purchase an incident response retainer
D. Post a position for a computer forensics specialist - correct answer -C. Purchase an incident
response retainer
A large organization operates hundreds of business applications. How should the security manager
prioritize applications for protection from a disaster?
A. Conduct a business impact analysis
B. Conduct a risk assessment
C. Conduct a business process analysis
D. Rank the applications in order of criticality - correct answer -A. Conduct a business impact analysis
2025 “ 2026 ACTUAL EXAM 80 QUESTIONS AND CORRECT
ANSWEERS GUARANTEE OVER 85% PASSMARK
The best method for identifying third-party service organization is to:
A. Inventory all legal agreements
B. Examine firewall access logs
C. Consult with legal, procurement, and IT.
D. Consult with accounting and legal - correct answer -C. Consult with legal, procurement, and IT
The purpose of event monitoring to is:
A. Identify anomalous behavior on the part of employees.
B. Confirm that all systems and devices are performing adequately
C. Confirm that all systems and devices are in compliance with policy
D. Identify unwanted events that could be a sign of a security breach - correct answer -D. Identify
unwanted events that could be a sign of a security breach
The purpose of vulnerability management is to:
A. Identify and re-mediate vulnerabilities in all systems
B. Transfer vulnerabilities to low risk systems
C. Identify exploitable vulnerabilities in all systems
D. Transfer vulnerabilities to third parties - correct answer -A. Identify and re-mediate vulnerabilities in
all systems
Intrusion prevention systems are different from firewalls because:
A. Their rules can be changed automatically
B. They examine the contents of headers instead of the entire payload
C. They examine the contents of headers instead of the entire payload
D. They alert personnel about threats but do not stop them - correct answer -C. They examine the
contents of headers instead of the entire payload
, The purpose of web content filters is to:
A. Permit management to track who visits which web sites
B. Block user access to web sites that pose a threat
C. Block user access to web sites that are a waste of time
D. Scan content for malware - correct answer -B. Block user access to web sites that pose a threat
The purpose of a SIEM is:
A. centrally log event data
B. correlate events and generate alerts
C. track remediation of known vulnerabilities
D. scan systems and devices for new vulnerabilities - correct answer -B. correlate events and generate
alerts
An organization lacks personnel and tools to conduct forensic analysis. What is the best way for the
organization to acquire this capability?
A. Purchase advanced anti-malware tools
B. Purchase a security information and event management system (SIEM)
C. Purchase an incident response retainer
D. Post a position for a computer forensics specialist - correct answer -C. Purchase an incident
response retainer
A large organization operates hundreds of business applications. How should the security manager
prioritize applications for protection from a disaster?
A. Conduct a business impact analysis
B. Conduct a risk assessment
C. Conduct a business process analysis
D. Rank the applications in order of criticality - correct answer -A. Conduct a business impact analysis
