CISM Certified Information Security Manager Practice Exam

What is the GREATEST risk when there is an excessive number of firewall rules?

Options are :

  • The firewall may show abnormal behavior and may crash or automatically shut down
  • Performance degradation of the whole network
  • One rule may override another rule in the chain and create a loophole (Correct)
  • The firewall may not support the increasing number of rules due to limitations

Answer : One rule may override another rule in the chain and create a loophole

What is the MOST important element to include when developing user security awareness
material?

Options are :

  • Easy-to-read and compelling information (Correct)
  • Senior management endorsement
  • Detailed security policies
  • Information regarding social engineering

Answer : Easy-to-read and compelling information

In organizations where availability is a primary concern, the MOST critical success factor of the
patch management procedure would be the: 

Options are :

  • technical skills of the team responsible
  • automated deployment to all the servers
  • certification of validity for deployment.
  • testing time window prior to deployment. (Correct)

Answer : testing time window prior to deployment.

What is the MOST appropriate change management procedure for the handling of emergency program changes?

Options are :

  • Business management approval must be obtained prior to the change
  • Formal documentation does not need to be completed before the change
  • All changes must follow the same process
  • Documentation is completed with approval soon after the change (Correct)

Answer : Documentation is completed with approval soon after the change

Which of the following would be the MOST significant security risk in a pharmaceutical institution?

Options are :

  • Theft of a Research and Development laptop (Correct)
  • Theft of security tokens
  • Unavailability of online transactions
  • Compromised customer information

Answer : Theft of a Research and Development laptop

CISM Information Security Program Management Practice

Which of the following is the MOST immediate consequence of failing to tune a newly installed
intrusion detection system (IDS) with the threshold set to a low value? 

Options are :

  • Active probing is missed
  • The number of false positives increases (Correct)
  • The number of false negatives increases
  • Attack profiles are ignored

Answer : The number of false positives increases

Documented standards/procedures for the use of cryptography across the enterprise should
PRIMARILY:

Options are :

  • define cryp,0£raphic algorithms and key lengths.
  • establish the use of cryptographic solutions.
  • define the circumstances where cryptography should be used. (Correct)
  • describe handling procedures of cryptographic keys.

Answer : define the circumstances where cryptography should be used.

A critical device is delivered with a single user and password that is required to be shared for
multiple users to access the device. An information security manager has been tasked with
ensuring all access to the device is authorized. Which of the following would be the MOST efficient
means to accomplish this? 

Options are :

  • Request the vendor to add multiple user IDs
  • Implement manual procedures that require password change after each use
  • Enable access through a separate device that requires adequate authentication (Correct)
  • Analyze the logs to detect unauthorized access

Answer : Enable access through a separate device that requires adequate authentication

CISM Information Risk Management Certification

What is the GREATEST advantage of documented guidelines and operating procedures from a
security perspective? 

Options are :

  • Ensure compliance to security standards and regulatory requirements
  • Ensure consistency of activities to provide a more stable environment (Correct)
  • Provide detailed instructions on how to carry out different types of tasks
  • Ensure reusability to meet compliance to quality requirements

Answer : Ensure consistency of activities to provide a more stable environment

An information security manager has been asked to develop a change control process. What is
the FIRST thing the information security manager should do?

Options are :

  • Establish change control procedures
  • Identify critical systems
  • Meet with stakeholders (Correct)
  • Research best practices

Answer : Meet with stakeholders

The configuration management plan should PRIMARILY be based upon input from: 

Options are :

  • business process owners.
  • the information security manager.
  • IT senior management (Correct)
  • the security steering committee.

Answer : IT senior management

CISM Information Risk Management Certification

When security policies are strictly enforced, the initial impact is that: 

Options are :

  • the need for compliance reviews is decreased.
  • they may have to be modified more frequently.
  • they will be less subject to challenge.
  • None
  • the total cost of security is increased. (Correct)

Answer : the total cost of security is increased.

he MOST important reason for formally documenting security procedures is to ensure: 

Options are :

  • auditability by regulatory agencies.
  • processes are repeatable and sustainable. (Correct)
  • objective criteria for the application of metrics.
  • alignment with business objectives.

Answer : processes are repeatable and sustainable.

Which of the following is the BEST indicator that an effective security control is built into an
organization?

Options are :

  • The audit reports do not reflect any significant findings on security.
  • The percentage of systems that is compliant with security standards.
  • The monthly service level statistics indicate a minimal impact from security issues. (Correct)
  • The cost of implementing a security control is less than the value of the assets.

Answer : The monthly service level statistics indicate a minimal impact from security issues.

Cism Information Security Program Development

Which of the following should be in place before a black box penetration test begins?

Options are :

  • A clearly stated definition of scope (Correct)
  • IT management approval
  • An incident response plan
  • Proper communication and awareness training

Answer : A clearly stated definition of scope

Which of the following would be the MOST appropriate physical security solution for the main
entrance to a data center"?

Options are :

  • Security guard
  • Closed-circuit television (CCTV)
  • Biometric lock (Correct)
  • Mantrap

Answer : Biometric lock

A major trading partner with access to the internal network is unwilling or unable to remediate
serious information security exposures within its environment. Which of the following is the BEST
recommendation?

Options are :

  • Send periodic reminders advising them of their noncompliance (Correct)
  • Remove all trading partner access until the situation improves
  • Set up firewall rules restricting network traffic from that location
  • Sign a legal agreement assigning them all liability for any breach

Answer : Send periodic reminders advising them of their noncompliance

CISM Information Security Governance Certified Test

What is the MOST important success factor in launching a corporate information security
awareness program? 

Options are :

  • Centralized program management
  • Adequate budgetary support
  • Experience of the awareness trainers
  • Top-down approach (Correct)

Answer : Top-down approach

Which of the following is the BEST approach for an organization desiring to protect its intellectual
property?

Options are :

  • Conduct awareness sessions on intellectual property policy
  • Require all employees to sign a nondisclosure agreement
  • Promptly remove all access when an employee leaves the organization
  • Restrict access to a need-to-know basis (Correct)

Answer : Restrict access to a need-to-know basis

Who should determine the appropriate classification of accounting ledger data located on a
database server and maintained by a database administrator in the IT department? 

Options are :

  • Finance department management (Correct)
  • Information security manager
  • IT department management
  • Database administrator (DBA )

Answer : Finance department management

CISM Information Security Program Management Practice

Change management procedures to ensure that disaster recovery/business continuity plans are
kept up-to- date can be BEST achieved through which of the following?

Options are :

  • Comprehensive walk-through testing
  • Inclusion as a required step in the system life cycle process (Correct)
  • Reconciliation of the annual systems inventory to the disaster recovery, business continuity plans
  • Periodic audits of the disaster recovery/business continuity plans

Answer : Inclusion as a required step in the system life cycle process

Which of the following events generally has the highest information security impact?

Options are :

  • Relocating the data center
  • Merging with another organization (Correct)
  • Opening a new office
  • Rewiring the network

Answer : Merging with another organization

The "separation of duties" principle is violated if which of the following individuals has update
rights to the database access control list (ACL)? 

Options are :

  • Data owner
  • Security administrator
  • Data custodian
  • Systems programmer (Correct)

Answer : Systems programmer

Cism Information Security Program Development Practice

To ensure that all information security procedures are functional and accurate, they should be
designed with the involvement of:

Options are :

  • audit management.
  • operational units. (Correct)
  • end users.
  • legal counsel.

Answer : operational units.

Managing the life cycle of a digital certificate is a role of a(n):

Options are :

  • system developer
  • system administrator
  • independent trusted source. (Correct)
  • security administrator.

Answer : independent trusted source.

Which of the following documents would be the BES T reference to determine whether access
control mechanisms are appropriate for a critical application? 

Options are :

  • IT security policy (Correct)
  • User security procedures
  • Regulatory requirements
  • Business process flow

Answer : IT security policy

CISM Information Security Program Management Test

What is the BEST way to ensure data protection upon termination of employment?

Options are :

  • Retrieve identification badge and card keys
  • Ensure all logical access is removed (Correct)
  • Retrieve all personal computer equipment
  • Erase all of the employee's folders

Answer : Ensure all logical access is removed

An information security program should focus on: 

Options are :

  • key controls identified in risk assessments. (Correct)
  • solutions codified in international standards.
  • continued process improvement.
  • best practices also in place at peer companies.

Answer : key controls identified in risk assessments.

Which of the following is the BEST tool to maintain the currency and coverage of an information
security program within an organization?

Options are :

  • The program's security architecture and design
  • Information security periodicals and manuals
  • Training and certification of the information security team
  • The program's governance oversight mechanisms (Correct)

Answer : The program's governance oversight mechanisms

CISM Information Risk Management Certification Practice

In business-critical applications, user access should be approved by the:

Options are :

  • information security manager
  • data owner. (Correct)
  • business management.
  • data custodian.

Answer : data owner.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now