CISM: Change Management
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 53% Most missed: “What is production risk primarily addressed by?”
CISM: Change Management
Time left 00:00
13 Questions

1. Which type of control is a change management process?
2. An organization's change management process includes threat and vulnerability assessment. What is the primary reason for this?
3. Who will be in the best position to determine that a new vulnerability has not been introduced during the change management process?
4. What is the most effective method to ensure that modifications made to software do not introduce new security exposures?
5. What is production risk primarily addressed by?
6. Disruptions to the production system can be most effectively prevented by which of the following?
7. For an emergency change, which of the following steps can be bypassed?
8. What is the most effective method to evaluate the security risk while modifying applications?
9. Why it is important to get approval from the security manager to implement any major change?
10. What is an area of major concern with respect to the security risk for an organization having multiple locations?
11. What is the most important aspect of a change management process?
12. What is the best method to determine whether all patch updates have gone through the proper change control process?
13. What is the most effective way to prevent weakness being introduced into the existing system?