Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 39)

CISM Exam Question 186

What should the information security manager do FIRST when end users express that new security controls are too restrictive?

A.Conduct a business impact analysis (BIA)

B.Obtain process owner buy-in to remove the controls

C.Perform a risk assessment on modifying the control environment

D.Perform a cost-benefit analysis on modifying the control environment

CISM Exam Question 187

Which of the following is the BEST way for an information security manager to protect against a zero-day attack?

A.Perform a business impact analysis (BIA).

B.Configure daily runs of the virus protection software.

C.Conduct vulnerability scans on a daily basis.

D.Implement heuristic-based monitoring tools

CISM Exam Question 188

The BEST strategy for risk management is to:

A.achieve a balance between risk and organizational goals.

B.reduce risk to an acceptable level.

C.ensure that policy development properly considers organizational risks.

D.ensure that all unmitigated risks are accepted by management.

CISM Exam Question 189

An information security manager is reviewing the impact of a regulation on the organization's human resources system. The NEXT course of action should be to:

A.perform a gap analysis of compliance requirements.

B.assess the penalties for non-compliance.

C.review the organization's most recent audit report.

D.determine the cost of compliance.

CISM Exam Question 190

Because of its importance to the business, an organization wants to quickly implement a technical solution which deviates from the company's policies. An information security manager should:

A.conduct a risk assessment and allow or disallow based on the outcome.

B.recommend a risk assessment and implementation only if the residual risks are accepted.

C.recommend against implementation because it violates the company's policies.

D.recommend revision of current policy.

Other Version: 1924ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4424ISACA.CISM.v2022-09-16.q374; 8313ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11825ISACA.CISM.v2022-04-15.q999

Latest Upload: 102Microsoft.SC-400.v2025-09-20.q290; 356ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 132Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 250Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 204Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 186

CISM Exam Question 187

CISM Exam Question 188

CISM Exam Question 189

CISM Exam Question 190

Download PDF File