Download Certified Information Security Manager.CISM.ExamTopics.2026-03-17.243q.tqb

Vendor: ISACA
Exam Code: CISM
Exam Name: Certified Information Security Manager
Date: Mar 17, 2026
File Size: 790 KB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
Who is BEST suited to determine how the information in a database should be classified?
  1. Information security analyst
  2. Database analyst
  3. Database administrator (DBA)
  4. Data owner
Correct answer: D
Question 2
Which of the following is the BEST way to demonstrate the alignment of the information security strategy with the business strategy?
  1. Show the relationship between information security goals and corporate goals.
  2. Compare the allocated budget for business with the information security budget.
  3. Present senior management's approval of information security policies.
  4. Provide evidence that information security is included in the change management process.
Correct answer: A
Question 3
Which of the following should be an information security manager's FIRST course of action when a newly introduced privacy regulation affects the business?
  1. Identify and assess the risk in the context of business objectives
  2. Consult with IT staff and assess the risk based on their recommendations
  3. Update the security policy based on the regulatory requirements
  4. Propose relevant controls to ensure the business complies with the regulation
Correct answer: A
Question 4
What is the PRIMARY goal of an incident management program?
  1. Contain the incident
  2. Communicate to external entities
  3. Minimize impact to the organization
  4. Identify root cause
Correct answer: C
Question 5
To support effective risk decision making, which of the following is MOST important to have in place?
  1. An audit committee consisting of mid-level management
  2. Risk reporting procedures
  3. Well-defined and approved controls
  4. Established risk domains
Correct answer: B
Question 6
When deciding to move to a cloud-based model, the FIRST consideration should be:
  1. data classification
  2. physical location of the data
  3. storage in a shared environment
  4. availability of the data
Correct answer: A
Question 7
When establishing classifications of security incidents for the development of an incident response plan, which of the following provides the MOST valuable input?
  1. Business impact analysis (BIA) results
  2. Recommendations from senior management
  3. The business continuity plan (BCP)
  4. Vulnerability assessment results
Correct answer: A
Question 8
Which of the following is the MOST effective method of determining security priorities?
  1. Vulnerability assessment
  2. Gap analysis
  3. Threat assessment
  4. Impact analysis
Correct answer: D
Question 9
The MAIN benefit of implementing a data loss prevention (DLP) solution is to:
  1. enhance the organization's antivirus controls.
  2. reduce the need for a security awareness program.
  3. complement the organization's detective controls.
  4. eliminate the risk of data loss.
Correct answer: C
Question 10
Which of the following should be of MOST concern to an information security manager reviewing an organization's data classification program?
  1. The classifications do not follow industry best practices.
  2. Labeling is not consistent throughout the organization.
  3. The program allows exceptions to be granted.
  4. Data retention requirements are not defined.
Correct answer: B
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!