Home > Certified Information Security Manager (CISM) > Quizzes > CISM: Security Program Metrics And Monitoring
CISM: Security Program Metrics And Monitoring
Fast practice, instant feedback. Timer auto-submits when time’s up.
Avg score: 68% Most missed: “What is the best way to determine whether a security program is achieving its ob…”
CISM: Security Program Metrics And Monitoring
Time left 00:00
19 Questions

1. Metrics for measuring the effectiveness of anti-virus software are primarily relevant to which of the following?
2. For measuring and monitoring an information security program, what should metrics be based on?
3. What is the main objective in developing security-related metrics?
4. What is the most important consideration for the development of an effective information security metric?
5. During which phase of system development should information security metrics be developed?
6. What is the most important characteristic of an effective information security metric?
7. What is the best method to resolve non-compliance with information security standards?
8. What is the most effective metric to be conveyed to senior management for security funding?
9. What is the prime goal of defining the information security objectives?
10. What is the most important aspect to improve the effectiveness of a continuous improvement program?
11. To determine the effectiveness of security controls, a review of which of the following should be conducted?
12. The effectiveness of the incident response process is best indicated by which of the following?
13. What is the most important consideration for the development of an effective information security metric?
14. What is the most important characteristic of an effective information security metric?
15. What is the best way to determine whether a security program is achieving its objectives?
16. The effectiveness of the incident response process is best indicated by which of the following?
17. What is the most accurate method to determine the return on investment (ROI) for security investment?
18. What is the most useful metric to determine the effectiveness of the log monitoring process?
19. What is the most effective metric to be conveyed to senior management for security funding?