CISM 8ed Domain 1 Exam Questions &
Answers (Grade A+)
The MOST important component of a privacy policy is: - correct
answer ✅notifications
Which of the following is MOST appropriate for inclusion in an
information security strategy? - correct answer ✅security
processes, methods and techniques
Which of the following requirements would have the LOWEST level
of priority in information security? - correct answer ✅technical
Which of the following is MOST likely to be discretionary? - correct
answer ✅guidelines
Security technologies should be selected PRIMARILY on the basic of
their - correct answer ✅benefits in comparison of their cost
Which of the following is the MOST appropriate position to sponsor
and design implementation of a new security infrastructure in a
large global enterprise? - correct answer ✅chief operating officer
(COO)
,CISM 8ed Domain 1 Exam Questions &
Answers (Grade A+)
Acceptance levels of information security risks should be
determined by - correct answer ✅the steering committee
Senior management commitment and support for information
security can BEST be enhanced through: - correct answer
✅periodic review of alignment with business management goals
Who should be responsible for enforcing access rights to
application data? - correct answer ✅security administrators
Which of the following would BEST prepare an information security
manager for regulatory reviews? - correct answer ✅perform self-
assessment using regulatory guidelines and reports.
Which of the following roles is responsible for legal and regulatory
liability? - correct answer ✅board of directors and senior
management
An information security manager at a global organization has to
ensure that the local information security program will initially be in
compliance with the: - correct answer ✅data privacy policy where
data are collected
, CISM 8ed Domain 1 Exam Questions &
Answers (Grade A+)
Information security frameworks can be MOST useful for the
information security manager because they: (*) - correct answer
✅provide structure and guidelines
Business goals define the strategic direction of the organization.
Functional goals define the tactical direction of a business function.
Security goals define the security direction of the organization.
What is the MOST important relationship between these concepts?
- correct answer ✅security goals should be derived from business
goals
Which of the following is MOST important in developing a security
strategy? - correct answer ✅understanding key business objectives
Who is ultimately responsible for an organization's information?(*)
- correct answer ✅board of directors
In order to highlight to management the importance of integrating
information security in the business processes, a newly hired
information security officer should FIRST: - correct answer
✅conduct a risk assessment
Answers (Grade A+)
The MOST important component of a privacy policy is: - correct
answer ✅notifications
Which of the following is MOST appropriate for inclusion in an
information security strategy? - correct answer ✅security
processes, methods and techniques
Which of the following requirements would have the LOWEST level
of priority in information security? - correct answer ✅technical
Which of the following is MOST likely to be discretionary? - correct
answer ✅guidelines
Security technologies should be selected PRIMARILY on the basic of
their - correct answer ✅benefits in comparison of their cost
Which of the following is the MOST appropriate position to sponsor
and design implementation of a new security infrastructure in a
large global enterprise? - correct answer ✅chief operating officer
(COO)
,CISM 8ed Domain 1 Exam Questions &
Answers (Grade A+)
Acceptance levels of information security risks should be
determined by - correct answer ✅the steering committee
Senior management commitment and support for information
security can BEST be enhanced through: - correct answer
✅periodic review of alignment with business management goals
Who should be responsible for enforcing access rights to
application data? - correct answer ✅security administrators
Which of the following would BEST prepare an information security
manager for regulatory reviews? - correct answer ✅perform self-
assessment using regulatory guidelines and reports.
Which of the following roles is responsible for legal and regulatory
liability? - correct answer ✅board of directors and senior
management
An information security manager at a global organization has to
ensure that the local information security program will initially be in
compliance with the: - correct answer ✅data privacy policy where
data are collected
, CISM 8ed Domain 1 Exam Questions &
Answers (Grade A+)
Information security frameworks can be MOST useful for the
information security manager because they: (*) - correct answer
✅provide structure and guidelines
Business goals define the strategic direction of the organization.
Functional goals define the tactical direction of a business function.
Security goals define the security direction of the organization.
What is the MOST important relationship between these concepts?
- correct answer ✅security goals should be derived from business
goals
Which of the following is MOST important in developing a security
strategy? - correct answer ✅understanding key business objectives
Who is ultimately responsible for an organization's information?(*)
- correct answer ✅board of directors
In order to highlight to management the importance of integrating
information security in the business processes, a newly hired
information security officer should FIRST: - correct answer
✅conduct a risk assessment
