Online Access Free ISACA.CISM.v2021-10-30.q999 Practice Test (Page 97)

CISM Exam Question 476

An internal control audit has revealed a control deficiency related to a legacy system where the compensating controls no longer appear to be effective. Which of the following would BEST help the information security manager determine the security requirements to resolve the control deficiency?

A.Business case

B.Risk assessment

C.Cost-benefit analysis

D.Gap analysis

CISM Exam Question 477

Which of the following is the GREATEST benefit of a centralized approach to coordinating information security?

A.Optimal use of security resources

B.Business user buy-in

C.Integration with business functions

D.Reduction in the number of policies

CISM Exam Question 478

An organization has a process in place that involves the use of a vendor. A risk assessment was completed during the development of the process. A year after the implementation a monetary decision has been made to use a different vendor. What, if anything, should occur?

A.Nothing, since a risk assessment was completed during development.

B.A vulnerability assessment should be conducted.

C.A new risk assessment should be performed.

D.The new vendor's SAS 70 type II report should be reviewed.

CISM Exam Question 479

Which of the following will BEST facilitate the development of appropriate incident response procedures?

A.Conducting scenario testing

B.Assessing capability maturity

C.Performing vulnerability assessments

D.Analyzing key risk indicators (KRIs)

CISM Exam Question 480

Conducting a cost-benefit analysis for a security investment is important because it

A.supports justification for expenditure.

B.quantifies residual risk

C.supports asset classification.

D.quantifies return on security investment

Other Version: 1977ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1233ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4425ISACA.CISM.v2022-09-16.q374; 8334ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11939ISACA.CISM.v2022-04-15.q999

Latest Upload: 180Microsoft.SC-400.v2025-09-20.q290; 408ISACA.CGEIT.v2025-09-19.q537; 164Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 165Scrum.SAFe-Practitioner.v2025-09-18.q63; 163Workday.Workday-Prism-Analytics.v2025-09-17.q17; 145Oracle.1Z0-1055-24.v2025-09-17.q28; 141Oracle.1Z1-182.v2025-09-17.q32; 278Nutanix.NCP-US-6.5.v2025-09-16.q73; 293Oracle.1z0-071.v2025-09-16.q232; 220Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 476

CISM Exam Question 477

CISM Exam Question 478

CISM Exam Question 479

CISM Exam Question 480

Download PDF File