CertsMasters logo

info@certsmasters.com

Verified Content • 24/7 Access • Free Updates
CertsMasters logo

Exam overview

Isaca CISM Exam Questions

certs masters book
Vendor

Isaca

Exam Code

 CISM

Actual Exam Duration

 120 Minutes

TOTAL QUESTIONS

801

Exam Name

 Certified Information Security Manager

Purchase

$ 40

One-time payment • Instant access

  • Verified answers with explanations
  • Practice-friendly layout
  • Updated content focus
  • Support if you get stuck
Get More Questions
View all vendors

Frequently Ask Questions

Hot Exams

 NIST-COBIT-2019 PDF Dumps
 IT Risk Fundamentals PDF Dumps
 Cybersecurity-Audit-Certificate PDF Dumps
 CRISC PDF Dumps
 COBIT-Design-and-Implementation PDF Dumps
 COBIT5 PDF Dumps
 COBIT-2019 PDF Dumps
 CISA PDF Dumps
 CGEIT CGEIT®-ISACA PDF Dumps
 CDPSE PDF Dumps
 CCAK PDF Dumps

Exam practice

Exam Q&A

Select an option, then click Show Answer.

Q1: Which of the following is the BEST indication of an effective information security program?

A: Risk is treated to an acceptable level.

B: The number of security incidents reported by staff has increased.

C: Key risk indicators (KRIs) are established.

D: Policies are reviewed and approved by senior management.

Correct Answer: A

Q2: An information security manager has learned of an increasing trend in attacks that use phishing emails impersonating an organization's CEO in an attempt to commit wire transfer fraud. Which of the following is the BEST way to reduce the risk associated with this type of attack?

A: Temporarily suspend wire transfers for the organization.

B: Provide awareness training to the CEO for this type of phishing attack.

C: Provide awareness training to staff responsible for wire transfers.

D: Disable emails for staff responsible for wire transfers.

Correct Answer: C

Q3: When analyzing the emerging risk and threat landscape, an information security manager should FIRST:

A: determine the impact if threats materialize.

B: determine the sources of emerging threats.

C: review historical threats within the industry.

D: map threats to business assets.

Correct Answer: B

Q4: Which of the following is the BEST indication of an effective disaster recovery planning process?

A: Hot sites are required for any declared disaster.

B: Chain of custody is maintained throughout the disaster recovery process.

C: Post-incident reviews are conducted after each event.

D: Recovery time objectives (RTOs) are shorter than recovery point objectives (RPOs).

Correct Answer: C

- Testimonials -

Real Results From Real Students

John Doe
John Doe
This site has been a game-changer for my certification journey. The materials are current, reliable, and best of all—free! It's clear they're committed to supporting the IT community.
Emma
Emma
I passed my CompTIA Security+ exam on the first try thanks to this site. Their practice exams and study guides are top-notch. Highly recommend it to anyone serious about IT certifications.
Liam
Liam
I’ve passed three certifications using this site. Their materials are detailed and well-structured, and the fact that it’s free makes it even better.
Isabella
Isabella
If you're studying for any IT certification, this should be your first stop. It’s comprehensive, organized, and constantly updated.
Benjamin
Benjamin
This website helped me prepare for multiple certifications, and today I’m working in cybersecurity. Without their free resources, I wouldn’t be here.