Computer Lab for Rent
Meeting Room Rental
Training Facility Rental
Exam Testing Center
Purchase Exam Vouchers
Custom Course Development
Who We Are
Work With Us
CISM Exam Prep Assessment
Take this free CISM Exam Prep quiz to find out if you’re ready for CISM Exam Prep training:
CISM Practice Exam
Step 1 of 11
What should be determined in order to eradicate a particular incident?
Intent of the attacker
What is the result when a specific threat tends to affect a large number of vulnerabilities which in effect constitutes to a significant impact?
Over reaction of established security controls and countermeasures
Company wide security issue
Spike in risk criticality
Who must have an important involvement on the security program and should sign off on acceptable risk levels?
Information Security Management
Incident Response Management
This senior management branch ensures that all impacted stakeholders are involved in the information security process.
Incident response team
Board of directors
What is considered as the basis for the Information Security Program action plan?
Business Impact Analysis
What is the importance on management oversight in an Information Security Program?
Ensures that personnel adhere to the policies
Ensures fulfillment of the requirements and consistency with strategic direction
Ensures that the company is protected by the program
Ensures that the program is well communicated throughout the company
Which of the following is NOT true?
Risk can be totally eradicated through resolving all vulnerabilities and setting up layered security defenses
Every organization has a level of risk it will accept
All of the answers are not true
Risk is an inherent part of the business
Which of the following shows that senior management understands the importance of security governance into the overall enterprise governance framework?
End users are scared to violate company security policies and standards
The company has a Chief Information Security Officer
Employees related to information security are well paid
Information security has its own section on the employee manual
How can the risk management process ensure that changing threats and vulnerabilities are addressed in a timely manner?
Incorporating of a change management system to the process
Personnel should always be briefed regarding the established process
The process should be continuous and dynamic
Consistent log monitoring and analysis
Which of the following is not a part or does not affect information security?
Clients' personal information
None of the selection
Print outs on a printing/copier machine
Company's books of accounts
Confirm Your Email to See Your Score!