Exam (elaborations)
CISM - Test Practice Questions and Answers (latest Update 2024) Verified Answers
- Course
- Institution
CISM - Test Practice Questions and Answers (latest Update 2024) Verified Answers
[Show more]
Content preview
CISM - Test Practice Questions andAnswers (latest Update 2024) Verified
Answers
Security governance is most concerned with:
A. Security policy
B. IT policy
C. Security strategy
D. Security executive - Correct Answer ✅ C. Security
Strategy
A gaming software startup company does not employ
penetration testing of its software. This is an example of:
A. High tolerance of risk
B. Noncompliance
C. Irresponsibility
D. Outsourcing - Correct Answer ✅ A. High tolerance of risk
An organization's board of directors wants to see quarterly
metrics on risk reduction. What would be the best metric for
this purpose?
A. Number of firewall rules triggered
B. Viruses blocked by the firewall
,CISM - Test Practice Questions and
Answers (latest Update 2024) Verified
Answers
C. Packets dropped by the firewall
D. Time to patch vulnerabilities on critical servers - Correct
Answer ✅ D. Time to patch vulnerabilities on critical servers
Which of the following metrics is the best example of a
leading indicator?
A. Average time to mitigate security incidents
B. Increase in the number of attacks blocked by the intrusion
prevention system (IPS)
C. Increase in the number of attacks blocked by the firewall
D. Percentage of critical servers being patched within service
level agreements (SLAs) - Correct Answer ✅ D. Percentage
of critical servers being patched within service level
agreements (SLAs)
What are the elements of the business model for information
security (BMIS)?
A. Culture, governing, architecture, emergence, enabling and
support, human factors
B. People, process, technology
, CISM - Test Practice Questions and
Answers (latest Update 2024) Verified
Answers
C. Organization, people, process, technology
D. Financial, customer, internal processes, innovation, and
learning - Correct Answer ✅ C. Organization, people,
process, technology
The best definition of a strategy is:
A. The objective to achieve a plan
B. The plan to achieve an objective
C. The plan to achieve business alignment
D. The plan to reduce risk - Correct Answer ✅ B. The plan
to achieve an objective
The primary factor related to the selection of a control
framework is:
A. Industry vertical
B. Current process maturity level
C. Size of the organization
D. Compliance level - Correct Answer ✅ A. Industry vertical
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Allivia. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75632 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now