Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 32)

CISM Exam Question 151

The MOST important element in achieving executive commitment to an information security governance program is:

A.a process improvement model

B.a defined security framework

C.identified business drivers

D.established security strategies

CISM Exam Question 152

An information security manager has researched several options for handling ongoing security concerns and will be presenting these solutions to business managers. Which of the following with BEST enable business managers to make an informed decision?

A.Cost-benefit analysis

B.Business impact analysts (BIA)

C.Risk analysis

D.Gap analysis

CISM Exam Question 153

An organization's operations staff places payment files in a shared network folder and then the disbursement staff picks up the files for payment processing. This manual intervention will be automated some months later, thus cost-efficient controls are sought to protect against file alterations. Which of the following would be the BEST solution?

A.Design a training program for the staff involved to heighten information security awareness

B.Set role-based access permissions on the shared folder

C.The end user develops a PC macro program to compare sender and recipient file contents

D.Shared folder operators sign an agreement to pledge not to commit fraudulent activities

CISM Exam Question 154

Which of the following is the MOST appropriate method of ensuring password strength in a large organization?

A.Attempt to reset several passwords to weaker values

B.Install code to capture passwords for periodic audit

C.Sample a subset of users and request their passwords for review

D.Review general security settings on each platform

CISM Exam Question 155

Which of the following is the MOST important consideration in a bring your own device (BYOD) program to protect company data in the event of a loss?

A.The ability to restrict unapproved applications

B.The ability to centrally manage devices

C.The ability to remotely locate devices

D.The ability to classify types of devices

Other Version: 1906ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 735ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4406ISACA.CISM.v2022-09-16.q374; 8295ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11807ISACA.CISM.v2022-04-15.q999

Latest Upload: 322ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 246Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 204Oracle.1Z1-922.v2025-09-16.q125; 327CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 151

CISM Exam Question 152

CISM Exam Question 153

CISM Exam Question 154

CISM Exam Question 155

Download PDF File