CSM Cheat Sheet 2026

The 30 highest-yield CSM facts, distilled from real exam questions. Print it, save it as a PDF, or study it here — free, no sign-up.

100 questions
120 min time limit
70% to pass
  1. How can a software company mitigate risks associated with data breaches? By implementing strong security measures and regular updates
  2. Which SDLC phase involves making the software available for use by the end-users? Deployment
  3. What is the difference between manual and automated testing? Manual testing is more flexible, while automated testing is faster for repetitive tasks
  4. Which of the following BEST describes a version control branching strategy that uses short-lived feature branches merged frequently into the main branch? Trunk-based development
  5. Which configuration management activity involves recording the current state and history of all configuration items? Configuration status accounting
  6. In CSM practice, what is the purpose of a standard operating procedure (SOP)? To document step-by-step instructions for routine tasks to ensure consistency and quality
  7. What is the primary legal risk of software underlicensing? Legal liability for using more software copies than licensed
  8. Which of the following is a key advantage of automated testing? It can be executed repeatedly, saving time in the long run
  9. What is the primary purpose of software security? To protect the software from security breaches
  10. Which SDLC methodology is most commonly used for projects that require frequent changes and adaptations? Agile
  11. What is the primary purpose of a Configuration Management Database (CMDB) in software management? To track and manage all configuration items and their relationships
  12. In CSM practice, what is the purpose of a standard operating procedure (SOP)? To document step-by-step instructions for routine tasks to ensure consistency and quality
  13. Why is it important to prioritize resources in a project? It ensures that the most important tasks are completed first
  14. In CSM practice, what is the purpose of a standard operating procedure (SOP)? To document step-by-step instructions for routine tasks to ensure consistency and quality
  15. When implementing strategic planning & analysis changes in Certified Service Manager, what factor is MOST critical? Stakeholder buy-in and a clear change management plan
  16. Which artifact management practice helps prevent 'dependency confusion' attacks in software builds? Pinning dependencies to specific verified versions and using a private artifact proxy
  17. Which of the following is the first phase of the Software Development Lifecycle? Requirement gathering
  18. What is acceptance testing? Testing to check if the software meets business requirements
  19. In CSM practice, what is a needs assessment? A systematic process to identify gaps between current conditions and desired outcomes
  20. In CSM practice, what is a needs assessment? A systematic process to identify gaps between current conditions and desired outcomes
  21. In software asset management, 'End of Life' (EOL) means: The date after which a vendor provides no further updates, patches, or support
  22. What is the main difference between Waterfall and Agile methodologies? Waterfall is linear, while Agile is iterative
  23. What is a baseline in the context of software configuration management? A formally reviewed and agreed-upon specification or product used as a reference point
  24. What is a security vulnerability in software? A flaw that could potentially be exploited by attackers
  25. What is the primary role of a project manager in resource allocation? To ensure that the right resources are available and utilized effectively
  26. In CSM practice, what is a needs assessment? A systematic process to identify gaps between current conditions and desired outcomes
  27. Which license type grants users the freedom to use, modify, and distribute software and its source code? Open source license
  28. In software asset management, 'license entitlement' refers to: The rights to use software as granted by the license agreement
  29. What is the main risk of NOT having a formal software change control process? Unauthorized or poorly planned changes may destabilize production systems
  30. In Certified Service Manager, which strategic planning & analysis approach is MOST effective for achieving long-term goals? Strategic planning with measurable objectives and regular progress reviews
Turn these facts into recall: