Certified Information Security Manager (CISM) Free Practice Exam Questions

1249 real Certified Information Security Manager (CISM) exam questions with answers and AI explanations. ISACA certification prep — page 121 of 125.

  1. Question 1201: Which of the following is the MOST important consideration for reporting risk assessment results to senior management?
  2. Question 1202: An information security manager has completed a risk assessment and has determined the residual risk. Which of the following should be the NEXT step?
  3. Question 1203: Which of the following roles is PRIMARILY responsible for developing an information classification framework based on business needs?
  4. Question 1204: A penetration test against an organization's external web application shows several vulnerabilities. Which of the following presents the GREATEST concern?
  5. Question 1205: Which of the following is the MOST important success factor for maintaining an organizational security-aware culture?
  6. Question 1206: The MOST useful technique for maintaining management support for the information security program is:
  7. Question 1207: Which of the following is MOST effective in monitoring an organization's existing risk?
  8. Question 1208: Senior management has just accepted the risk of noncompliance with a new regulation. What should the information security manager do NEXT?
  9. Question 1209: An information security risk analysis BEST assists an organization in ensuring that:
  10. Question 1210: In a multinational organization, local security regulations should be implemented over global security policy because: