Quiz CISM

Quiz CISM, Certified Information Security Manager

As a FIRST step, the security manager should:

The FIRST thing the information security manager should do is:

Which of the following is the BEST approach for improving information security management processes?

When developing metrics to measure and monitor information security programs, the information security manager should ensure that the metrics reflect the:

Which of the following is the MOST appropriate method of ensuring password strength in a large organization?

What is the MOST cost-effective method of identifying new vendor vulnerabilities?

Which of the following should be the FIRST step before initiating any changes?

Which of the following should the organization do FIRST?

Which of the following would raise security awareness among an organization’s employees?

Which of the following is the MAIN objective in contracting with an external company to perform penetration testing?