Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Incident Management practice sets

CISM Incident Management • Set 4

CISM Incident Management Practice Test 4 — 15 Questions

CISM Incident Management Practice Test 4 — 15 questions with explanations. Free, no signup.

15
Questions
Free
No signup
Certifications/CISM/Practice Test/Incident Management/Set 4
Question 1 of 150 answered
hard

You are the incident response manager for a multinational corporation that processes sensitive financial data. The company has a mature security operations center (SOC) that monitors network traffic, endpoints, and cloud services. At 2:00 AM local time, the SOC alerts you to a critical incident: an internal server (IP 10.10.10.50) is communicating with an external IP address (198.51.100.23) known to be associated with a ransomware group. The server hosts a financial database that is replicated to a secondary site every 6 hours. The last successful replication was at 1:00 AM. The SOC has already isolated the server from the network by blocking its outbound traffic at the firewall. However, the server is still running. The initial investigation suggests that the communication started 30 minutes ago. The database contains customer PII and transactional data. Your incident response plan includes steps for containment, eradication, recovery, and post-incident review. The CEO is being notified and expects a recommendation on the best course of action. The company has a cyber insurance policy that requires timely notification and preservation of evidence. The legal department advises that any action that could destroy evidence must be carefully considered. Which of the following is the BEST course of action?

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

CISM Practice Test 1 — 10 Questions→CISM Practice Test 2 — 10 Questions→CISM Practice Test 3 — 10 Questions→CISM Practice Test 4 — 10 Questions→CISM Practice Test 5 — 10 Questions→CISM Practice Exam 1 — 20 Questions→CISM Practice Exam 2 — 20 Questions→CISM Practice Exam 3 — 20 Questions→CISM Practice Exam 4 — 20 Questions→Free CISM Practice Test 1 — 30 Questions→Free CISM Practice Test 2 — 30 Questions→Free CISM Practice Test 3 — 30 Questions→CISM Practice Questions 1 — 50 Questions→CISM Practice Questions 2 — 50 Questions→CISM Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Information Security ProgramInformation Security Risk ManagementInformation Security GovernanceIncident Management

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Incident Management setsAll Incident Management questionsCISM Practice Hub