Online Access Free ISACA.CISM.v2022-04-15.q999 Practice Test (Page 192)

CISM Exam Question 951

An organization's information security manager has learned that similar organizations have become increasingly susceptible to spear phishing attacks. What is the BEST way to address this concern?

A.Update data loss prevention (DLP) rules for email.

B.Conduct a business impact analysis (BIA) of the threat.

C.Include tips to identify threats in awareness training.

D.Create a new security policy that staff must read and sign.

CISM Exam Question 952

What of the following is MOST important to include in an information security policy?

A.Management objectives

B.Baselines

C.Best practices

D.Maturity levels

CISM Exam Question 953

When a user employs a client-side digital certificate to authenticate to a web server through Secure Socket Layer (SSL), confidentiality is MOST vulnerable to which of the following?

A.IP spoofing

B.Man-in-the-middle attack

C.Repudiation

D.Trojan

CISM Exam Question 954

The MOST effective approach to address issues that arise between IT management, business units and security management when implementing a new security strategy is for the information security manager to:

A.escalate issues to an external third party for resolution.

B.ensure that senior management provides authority for security to address the issues.

C.insist that managers or units not in agreement with the security solution accept the risk.

D.refer the issues to senior management along with any security recommendations.

CISM Exam Question 955

A company's mail server allows anonymous file transfer protocol (FTP) access which could be exploited.
What process should the information security manager deploy to determine the necessity for remedial action?

A.A penetration test

B.A security baseline review

C.A risk assessment

D.A business impact analysis (BIA)

Other Version: 1860ISACA.CISM.v2024-10-14.q528; 583ISACA.CISM.v2024-07-14.q167; 688ISACA.CISM.v2024-04-24.q336; 1234ISACA.CISM.v2023-09-14.q160; 1212ISACA.CISM.v2023-09-09.q151; 1207ISACA.CISM.v2023-08-22.q180; 977ISACA.CISM.v2023-07-28.q152; 1033ISACA.CISM.v2023-05-16.q111; 1071ISACA.CISM.v2023-05-10.q114; 1016ISACA.CISM.v2023-03-07.q88; 4361ISACA.CISM.v2022-09-16.q374; 8248ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 14807ISACA.CISM.v2021-10-30.q999

Latest Upload: 238ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 153Scrum.SAFe-Practitioner.v2025-09-18.q63; 142Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 239Nutanix.NCP-US-6.5.v2025-09-16.q73; 263Oracle.1z0-071.v2025-09-16.q232; 202Oracle.1Z1-922.v2025-09-16.q125; 318CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 951

CISM Exam Question 952

CISM Exam Question 953

CISM Exam Question 954

CISM Exam Question 955

Download PDF File