Online Access Free ISACA.CISM.v2022-04-15.q999 Practice Test (Page 160)

CISM Exam Question 791

The PRIMARY purpose of using risk analysis within a security program is to:

A.justify the security expenditure.

B.help businesses prioritize the assets to be protected.

C.inform executive management of residual risk value.

D.assess exposures and plan remediation.

CISM Exam Question 792

Which of the following is the BEST mechanism to prevent data loss in the event personal computing equipment is stolen or lost?

A.Personal firewall

B.Remote access to device

C.Data encryption

D.Data leakage prevention (DLP)

CISM Exam Question 793

An organization recently rolled out a new procurement program that does not include any security requirements. Which of the following should the information security manager do FIRST?

A.Escalate the procurement program gaps to the compliance department in case of noncompliance issues.

B.Conduct security assessments of vendors based on value of annual spend with each vendor.

C.Meet with the head of procurement to discuss aligning security with the organization's operational objectives.

D.Ask internal audit to conduct an assessment of the current state of third-party security controls.

CISM Exam Question 794

Which of the following BEST demonstrates return on investment (ROI) for an information security initiative?

A.Risk heat map

B.Information security program roadmap

C.Business case

D.Business impact analysis (BIA)

CISM Exam Question 795

Because of its importance to the business, an organization wants to quickly implement a technical solution which deviates from the company's policies. An information security manager should:

A.conduct a risk assessment and allow or disallow based on the outcome.

B.recommend a risk assessment and implementation only if the residual risks are accepted.

C.recommend against implementation because it violates the company's policies.

D.recommend revision of current policy.

Other Version: 1924ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4423ISACA.CISM.v2022-09-16.q374; 8311ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 14870ISACA.CISM.v2021-10-30.q999

Latest Upload: 102Microsoft.SC-400.v2025-09-20.q290; 355ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 132Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 250Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 204Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 791

CISM Exam Question 792

CISM Exam Question 793

CISM Exam Question 794

CISM Exam Question 795

Download PDF File