CSM Cheat Sheet 2026
The 30 highest-yield CSM facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.
100 questions
120 min time limit
70% to pass
- How can a software company mitigate risks associated with data breaches? → By implementing strong security measures and regular updates
- Which SDLC phase involves making the software available for use by the end-users? → Deployment
- What is the difference between manual and automated testing? → Manual testing is more flexible, while automated testing is faster for repetitive tasks
- Which of the following BEST describes a version control branching strategy that uses short-lived feature branches merged frequently into the main branch? → Trunk-based development
- Which configuration management activity involves recording the current state and history of all configuration items? → Configuration status accounting
- In CSM practice, what is the purpose of a standard operating procedure (SOP)? → To document step-by-step instructions for routine tasks to ensure consistency and quality
- What is the primary legal risk of software underlicensing? → Legal liability for using more software copies than licensed
- Which of the following is a key advantage of automated testing? → It can be executed repeatedly, saving time in the long run
- What is the primary purpose of software security? → To protect the software from security breaches
- Which SDLC methodology is most commonly used for projects that require frequent changes and adaptations? → Agile
- What is the primary purpose of a Configuration Management Database (CMDB) in software management? → To track and manage all configuration items and their relationships
- In CSM practice, what is the purpose of a standard operating procedure (SOP)? → To document step-by-step instructions for routine tasks to ensure consistency and quality
- Why is it important to prioritize resources in a project? → It ensures that the most important tasks are completed first
- In CSM practice, what is the purpose of a standard operating procedure (SOP)? → To document step-by-step instructions for routine tasks to ensure consistency and quality
- When implementing strategic planning & analysis changes in Certified Service Manager, what factor is MOST critical? → Stakeholder buy-in and a clear change management plan
- Which artifact management practice helps prevent 'dependency confusion' attacks in software builds? → Pinning dependencies to specific verified versions and using a private artifact proxy
- Which of the following is the first phase of the Software Development Lifecycle? → Requirement gathering
- What is acceptance testing? → Testing to check if the software meets business requirements
- In CSM practice, what is a needs assessment? → A systematic process to identify gaps between current conditions and desired outcomes
- In CSM practice, what is a needs assessment? → A systematic process to identify gaps between current conditions and desired outcomes
- In software asset management, 'End of Life' (EOL) means: → The date after which a vendor provides no further updates, patches, or support
- What is the main difference between Waterfall and Agile methodologies? → Waterfall is linear, while Agile is iterative
- What is a baseline in the context of software configuration management? → A formally reviewed and agreed-upon specification or product used as a reference point
- What is a security vulnerability in software? → A flaw that could potentially be exploited by attackers
- What is the primary role of a project manager in resource allocation? → To ensure that the right resources are available and utilized effectively
- In CSM practice, what is a needs assessment? → A systematic process to identify gaps between current conditions and desired outcomes
- Which license type grants users the freedom to use, modify, and distribute software and its source code? → Open source license
- In software asset management, 'license entitlement' refers to: → The rights to use software as granted by the license agreement
- What is the main risk of NOT having a formal software change control process? → Unauthorized or poorly planned changes may destabilize production systems
- In Certified Service Manager, which strategic planning & analysis approach is MOST effective for achieving long-term goals? → Strategic planning with measurable objectives and regular progress reviews
Turn these facts into recall: