Back to Certified Information Security Manager CISM questions

Scenario-based practice

Drag and Drop Matching Questions

Practise Certified Information Security Manager CISM practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

10
scenario questions
CISM
exam code
ISACA
vendor

Scenario guide

How to approach drag and drop matching questions

Matching questions give you two columns — concepts, commands, or protocols on the left, and their definitions or use-cases on the right. You drag each left item to its correct match. These appear on most certification exams and punish superficial memorisation.

Quick answer

Drag and Drop Matching Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related CISM topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1mediummatching
Full question →

Match each CISM domain to its focus area.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Establish and maintain a framework to align security with business objectives

Identify and manage information risk to achieve business objectives

Design and implement a security program to manage risk

Plan and manage the incident response process

Oversee and improve the security program's performance

Question 2mediummatching
Full question →

Match each business continuity term to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Maximum time to restore a process after disruption

Maximum age of data that must be recovered

Plan to maintain business functions during disruption

Plan to restore IT infrastructure after disaster

Process to identify critical functions and dependencies

Question 3mediummatching
Full question →

Match each risk management term to its definition.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Risk level before controls are applied

Risk remaining after controls are implemented

Amount of risk the organization is willing to accept

Acceptable variation around the risk appetite

Process of modifying risk by applying controls

Question 4mediummatching
Full question →

Match each security metric to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Average time to detect an incident

Average time to remediate an incident

Average time between system failures

Contractual commitment for service levels

Indicator of risk level change

Question 5mediummatching
Full question →

Match each security framework to its primary purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Specify requirements for an ISMS

Provide risk-based guidance for critical infrastructure

Govern and manage enterprise IT

Align IT services with business needs

Protect cardholder data

Question 6mediummatching
Full question →

Match each cryptographic term to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Uses same key for encryption and decryption

Uses public/private key pair

One-way transformation producing fixed-size digest

Provides authenticity and non-repudiation

Framework managing digital certificates and keys

Question 7mediummatching
Full question →

Match each incident management phase to its activity.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Develop incident response plan and train team

Identify and validate security incidents

Isolate threat, remove malware, restore operations

Conduct lessons learned and update procedures

Notify stakeholders and regulatory bodies

Question 8mediummatching
Full question →

Match each security role to its primary responsibility.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Senior executive responsible for security strategy

Oversees daily security operations and team

Designs security infrastructure and controls

Evaluates compliance and effectiveness of controls

Executes incident response procedures

Question 9mediummatching
Full question →

Match each security control type to its example.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Firewall blocking unauthorized traffic

Intrusion detection system alerting on anomalies

Restoring system from backup after breach

Security warning banners on login

Additional authentication for legacy systems

Question 10mediummatching
Full question →

Match each data classification level to its handling requirement.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

No restrictions; can be freely distributed

Access limited to employees; no external sharing

Access on need-to-know basis; encryption required

Highly sensitive; strict access control and logging

Subject to legal/compliance requirements (e.g., PII)

These CISM practice questions are part of Courseiva's free ISACA certification practice question bank. Courseiva provides original exam-style CISM questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.