CISM Practice Test

Which of the following is the MOST effective way to protect the authenticity of data in
transit?

A.

Hash value

B.

Public key

C.

Digital signature

D.

Private key

The PRIMARY goal of conducting a business impact analysis (BIA) as part of an overall
continuity planning process is to:

A.

obtain the support of executive management

B.

document the disaster recovery process

C.

map the business process to supporting IT and other corporate resources

D.

identify critical processes and the degree of reliance on support
services.

Which of the following is the MOST relevant information to include in an information
security risk report to facilitate senior management's understanding of impact to the
organization?

A.

Detailed assessment of the security risk profile

B.

Risks inherent in new security technologies

C.

Status of identified key security risks

D.

Findings from recent penetration testing

When supporting an organization's privacy officer, which of the following is the information
security manager’s PRIMARY role regarding privacy requirements?

A.

Conducting privacy awareness programs

B.

Monitoring the transfer of private data

C.

Ensuring appropriate controls are in place

D.

Determining data classification

Which of the following is the MOST effective way for an information security manager to
ensure that security is incorporated into an organization’s project development processes?

A.

Conduct security reviews during design, testing, and implementation.

B.

Develop good communications with the project management office (PMO).

C.

Participate in project initiation, approval, and funding.

D.

Integrate organization's security requirements into project