Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← CISM Practice Hub

CISM • Practice Test 34

CISM Practice Test 34 — 15 Questions

Free CISM practice test — 15 questions with explanations. Set 34. No signup required.

15
Questions
Free
No signup
Certifications/CISM/Practice Test/Set 34
Question 1 of 150 answered
hard

You are the CISM for a mid-sized e-commerce company that processes credit card transactions. The company recently experienced a security incident where an attacker exploited a vulnerability in the web application to gain access to the customer database containing payment card information. The incident response team contained the breach, but the root cause analysis revealed that the vulnerability had been identified in a penetration test six months ago but was not remediated due to competing priorities. The company's risk management framework defines risk appetite as 'moderate' for information security risks. The board is concerned and has asked you to recommend improvements to prevent recurrence. The company has a limited budget and cannot implement all possible controls. Current environment: web application developed in-house, hosted on-premises, with a mix of virtual and physical servers. The security team consists of three people responsible for monitoring, incident response, and vulnerability management. The development team follows an agile methodology with bi-weekly sprints. The company has cyber liability insurance that covers breach response costs up to $2 million. Based on this scenario, what is the most effective course of action?

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CISM Practice Test 1 — 10 Questions→CISM Practice Test 2 — 10 Questions→CISM Practice Test 3 — 10 Questions→CISM Practice Test 4 — 10 Questions→CISM Practice Test 5 — 10 Questions→CISM Practice Exam 1 — 20 Questions→CISM Practice Exam 2 — 20 Questions→CISM Practice Exam 3 — 20 Questions→CISM Practice Exam 4 — 20 Questions→Free CISM Practice Test 1 — 30 Questions→Free CISM Practice Test 2 — 30 Questions→Free CISM Practice Test 3 — 30 Questions→CISM Practice Questions 1 — 50 Questions→CISM Practice Questions 2 — 50 Questions→CISM Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Information Security ProgramInformation Security Risk ManagementInformation Security GovernanceIncident Management

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

CISM Practice HubInformation Security ProgramInformation Security Risk ManagementInformation Security GovernanceIncident Management