Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 63)

CISM Exam Question 306

The organization has decided to outsource the majority of the IT department with a vendor that is hosting servers in a foreign country. Of the following, which is the MOST critical security consideration?

A.Laws and regulations of the country of origin may not be enforceable in the foreign country.

B.A security breach notification might get delayed due to the time difference.

C.Additional network intrusion detection sensors should be installed, resulting in an additional cost.

D.The company could lose physical control over the server and be unable to monitor the physical security posture of the servers.

CISM Exam Question 307

An information security manager that is utilizing a public cloud is performing a root cause investigation of an incident that took place in that environment. Which of the following should be the security manager's MAIN concern?

A.Lack of security log filtering

B.Limited access to information

C.Shared infrastructure with other subscribers

D.Transaction records split into multiple cloud locations

CISM Exam Question 308

An incident response team has determined there is a need to isolate a system that is communicating with a known malicious host on the Internet.
Which of the following stakeholders should be contacted FIRST?

A.System administrator

B.Executive management

C.The business owner

D.Key customers

CISM Exam Question 309

A business previously accepted the risk associated with a zero-day vulnerability The same vulnerability was recently exploited in a high-profile attack on another organization m the same Industry Which of the following should be the information security manager's FIRST course of action?

A.Evaluate the cost of remediating the vulnerability

B.Develop best and worst case scenarios

C.Reassess the risk in terms of likelihood and impact

D.Report the breach of the other organization to senior management

CISM Exam Question 310

To justify the establishment of an incident management team, an information security manager would find which of the following to be the MOST effective?

A.Assessment of business impact of past incidents

B.Need of an independent review of incident causes

C.Need for constant improvement on the security level

D.Possible business benefits from incident impact reduction

Other Version: 1968ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1233ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4425ISACA.CISM.v2022-09-16.q374; 8333ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11876ISACA.CISM.v2022-04-15.q999

Latest Upload: 147Microsoft.SC-400.v2025-09-20.q290; 375ISACA.CGEIT.v2025-09-19.q537; 160Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 161Scrum.SAFe-Practitioner.v2025-09-18.q63; 155Workday.Workday-Prism-Analytics.v2025-09-17.q17; 135Oracle.1Z0-1055-24.v2025-09-17.q28; 131Oracle.1Z1-182.v2025-09-17.q32; 261Nutanix.NCP-US-6.5.v2025-09-16.q73; 282Oracle.1z0-071.v2025-09-16.q232; 205Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 306

CISM Exam Question 307

CISM Exam Question 308

CISM Exam Question 309

CISM Exam Question 310

Download PDF File