CISM
Question Dumps
,Contents
Section 1 - Questions ............................................................................................. 3
Domain 1 - Information Security Governance ..................................................... 3
Domain 2 - Information Security Risk Management .......................................... 12
Domain 3 - Information Security Program ......................................................... 23
Domain 4 - Incident Management .................................................................... 34
Section 2 - Answers and Explanations .................................................................. 43
Domain 1 - Information Security Governance ................................................... 43
Domain 2 - Information Security Risk Management .......................................... 47
Domain 3 - Information Security Program ......................................................... 52
Domain 4 - Incident Management .................................................................... 56
,Section 1 - Questions
Domain 1 - Information Security Governance
1. What is the primary responsibility of the Information Security Governance committee?
A. Develop security policies
B. Implement security controls
C. Oversee the management of information security
D. Perform risk assessments
2. In the context of information security governance what is the role of the Chief Information Security
Officer (CISO)?
A. Develop business strategies
B. Oversee the implementation of security controls
C. Manage financial transactions
D. Conduct internal audits
3. What is the primary purpose of an Information Security Steering Committee?
A. Develop technical solutions
B. Set strategic direction for information security
C. Implement security controls
D. Conduct penetration testing
4. What is the purpose of a Security Steering Committee in the context of information security
governance?
A. Develop encryption algorithms
B. Set strategic direction for information security
C. Manage user access permissions
D. Conduct regular security audits
5. What is the role of the Chief Information Officer (CIO) in information security governance?
, A. Oversee physical security controls
B. Develop business strategies
C. Ensure compliance with legal requirements
D. Manage the organization's information security program
6. What is the primary responsibility of the Information Security Steering Committee?
A. Develop technical solutions
B. Set strategic direction for information security
C. Implement security controls
D. Conduct risk assessments
7. What is the role of the Information Security Policy Framework in governance?
A. Define organizational goals
B. Establish a framework for risk management
C. Enforce security controls
D. Communicate security policies
8. What is the primary focus of the Chief Information Security Officer (CISO) in information security
governance?
A. Develop marketing strategies
B. Oversee the implementation of security controls
C. Manage organizational finances
D. Provide technical support
9. What is the primary objective of the Information Security Steering Committee?
A. Develop security policies
B. Ensure regulatory compliance
C. Set strategic direction for information security
D. Conduct vulnerability assessments
4
Question Dumps
,Contents
Section 1 - Questions ............................................................................................. 3
Domain 1 - Information Security Governance ..................................................... 3
Domain 2 - Information Security Risk Management .......................................... 12
Domain 3 - Information Security Program ......................................................... 23
Domain 4 - Incident Management .................................................................... 34
Section 2 - Answers and Explanations .................................................................. 43
Domain 1 - Information Security Governance ................................................... 43
Domain 2 - Information Security Risk Management .......................................... 47
Domain 3 - Information Security Program ......................................................... 52
Domain 4 - Incident Management .................................................................... 56
,Section 1 - Questions
Domain 1 - Information Security Governance
1. What is the primary responsibility of the Information Security Governance committee?
A. Develop security policies
B. Implement security controls
C. Oversee the management of information security
D. Perform risk assessments
2. In the context of information security governance what is the role of the Chief Information Security
Officer (CISO)?
A. Develop business strategies
B. Oversee the implementation of security controls
C. Manage financial transactions
D. Conduct internal audits
3. What is the primary purpose of an Information Security Steering Committee?
A. Develop technical solutions
B. Set strategic direction for information security
C. Implement security controls
D. Conduct penetration testing
4. What is the purpose of a Security Steering Committee in the context of information security
governance?
A. Develop encryption algorithms
B. Set strategic direction for information security
C. Manage user access permissions
D. Conduct regular security audits
5. What is the role of the Chief Information Officer (CIO) in information security governance?
, A. Oversee physical security controls
B. Develop business strategies
C. Ensure compliance with legal requirements
D. Manage the organization's information security program
6. What is the primary responsibility of the Information Security Steering Committee?
A. Develop technical solutions
B. Set strategic direction for information security
C. Implement security controls
D. Conduct risk assessments
7. What is the role of the Information Security Policy Framework in governance?
A. Define organizational goals
B. Establish a framework for risk management
C. Enforce security controls
D. Communicate security policies
8. What is the primary focus of the Chief Information Security Officer (CISO) in information security
governance?
A. Develop marketing strategies
B. Oversee the implementation of security controls
C. Manage organizational finances
D. Provide technical support
9. What is the primary objective of the Information Security Steering Committee?
A. Develop security policies
B. Ensure regulatory compliance
C. Set strategic direction for information security
D. Conduct vulnerability assessments
4
