Online Access Free ISACA.CISM.v2022-04-15.q999 Practice Test (Page 64)

CISM Exam Question 311

Which of the following roles should be PRIMARILY responsible for assigning sensitivity levels to an organization's financial and payroll databases?

A.Data owner

B.Database administrator

C.Systems administrator

D.Information security manager

CISM Exam Question 312

The MOST effective approach to address issues that arise between IT management, business units and security management when implementing a new security strategy is for the information security manager to:

A.escalate issues to an external third party for resolution.

B.ensure that senior management provides authority for security to address the issues.

C.insist that managers or units not in agreement with the security solution accept the risk.

D.refer the issues to senior management along with any security recommendations.

CISM Exam Question 313

The MOST important reason for conducting periodic risk assessments is because:

A.risk assessments are not always precise.

B.security risks are subject to frequent change.

C.reviewers can optimize and reduce the cost of controls.

D.it demonstrates to senior management that the security function can add value.

CISM Exam Question 314

Management has announced the acquisition of a new company. The information security manager of parent company is concerned that conflicting access rights may cause critical information to be exposed during the integration of the two companies.
To BEST address this concern, the information security manager should:

A.review access rights as the acquisition integration occurs.

B.perform a risk assessment of the access rights.

C.escalate concern for conflicting access rights to management.

D.implement consistent access control standards.

CISM Exam Question 315

An information security manager has noticed a large number of security policy exceptions have been approved by business unit leaders. Which of the following would be the BEST course of action to address this situation?

A.Provide security awareness training to business unit leaders more frequently.

B.Revise the security policy to accommodate the exceptions.

C.Report the exceptions as a security incident.

D.Ensure that business unit leaders are aware of the relevant risk.

Other Version: 1968ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 745ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1233ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4425ISACA.CISM.v2022-09-16.q374; 8333ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 14919ISACA.CISM.v2021-10-30.q999

Latest Upload: 147Microsoft.SC-400.v2025-09-20.q290; 375ISACA.CGEIT.v2025-09-19.q537; 160Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 161Scrum.SAFe-Practitioner.v2025-09-18.q63; 155Workday.Workday-Prism-Analytics.v2025-09-17.q17; 135Oracle.1Z0-1055-24.v2025-09-17.q28; 131Oracle.1Z1-182.v2025-09-17.q32; 261Nutanix.NCP-US-6.5.v2025-09-16.q73; 282Oracle.1z0-071.v2025-09-16.q232; 205Oracle.1Z1-922.v2025-09-16.q125

CISM Exam Question 311

CISM Exam Question 312

CISM Exam Question 313

CISM Exam Question 314

CISM Exam Question 315

Download PDF File