Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 45)

CISM Exam Question 216

Calculation of the recovery time objective (RTO) is necessary to determine the:

A.priority of restoration.

B.annual loss expectancy (ALE)

C.time required to restore files.

D.point of synchronization

CISM Exam Question 217

When reviewing the security controls of an application service provider, an information security manager discovers the provider's change management controls are insufficient. Changes to the provided application often occur spontaneously with no notification to clients. Which of the following would BEST facilitate a decision to continue or discontinue services with this provider?

A.Comparing the client organization's risk appetite to the vendor's change control policy.

B.Comparing the client organization's risk appetite to the frequency of application downtimes.

C.Comparing the client organization's risk appetite to the criticality of the supplied application.

D.Comparing the client organization's risk appetite to the disaster recovery plan of the service provider.

CISM Exam Question 218

It is suspected that key emails have been viewed by unauthorized parties The email administrator conducted an investigation but it has not returned any information relating to the incident, and leaks are continuing. Which of the following is the BEST recommended course of action to senior management?

A.Restrict the distribution of confidential emails.

B.Rebuild the email application

C.Arrange for an independent review.

D.Commence security training for staff at the organization.

CISM Exam Question 219

The MAIN reason for having the Information Security Steering Committee review a new security controls implementation plan is to ensure that:

A.the plan aligns with the organization's business plan.

B.departmental budgets are allocated appropriately to pay for the plan.

C.regulatory oversight requirements are met.

D.the impact of the plan on the business units is reduced.

CISM Exam Question 220

Which of the following would be the MOST important goal of an information security governance program?

A.Review of internal control mechanisms

B.Effective involvement in business decision making

C.Total elimination of risk factors

D.Ensuring trust in data

Other Version: 1933ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4425ISACA.CISM.v2022-09-16.q374; 8323ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11833ISACA.CISM.v2022-04-15.q999

Latest Upload: 104Microsoft.SC-400.v2025-09-20.q290; 363ISACA.CGEIT.v2025-09-19.q537; 156Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 157Scrum.SAFe-Practitioner.v2025-09-18.q63; 154Workday.Workday-Prism-Analytics.v2025-09-17.q17; 133Oracle.1Z0-1055-24.v2025-09-17.q28; 131Oracle.1Z1-182.v2025-09-17.q32; 254Nutanix.NCP-US-6.5.v2025-09-16.q73; 271Oracle.1z0-071.v2025-09-16.q232; 205Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 216

CISM Exam Question 217

CISM Exam Question 218

CISM Exam Question 219

CISM Exam Question 220

Download PDF File