Online Access Free ISACA.CISM.v2022-08-01.q522 Practice Test (Page 2)

CISM Exam Question 1

An information security manager needs to ensure security testing is conducted on a new system. Which of the following would provide the HIGHEST level of assurance?

A.The security team conducts a self-assessment against a recognized industry framework.

B.The vendor provides the results of a penetration test and code review.

C.An independent party is directly engaged to conduct testing.

D.The internal audit team is enlisted to run a vulnerability assessment against the system.

CISM Exam Question 2

Several significant risks have been identified after a centralized risk register was compiled and prioritized. The information security manager's MOST important action is to:

A.design and implement controls to reduce the risk.

B.consult external third parties on how to treat the risk

C.ensure that employees are aware of the risk.

D.provide senior management with risk treatment options.

CISM Exam Question 3

Which of the following should an information security manager do FIRST to address complaints that a newly implemented security control has slowed business operations?

A.Remove the control and identify alternatives.

B.Validate whether the control is operating as intended.

C.Discuss the issue with senior management for direction.

D.Conduct user awareness training.

CISM Exam Question 4

An organization s HR department would like to outsource its employee management system to a cloud-hosted solution due to features and cost savings offered. Management has identified this solution as a business need and wants to move forward. What should be the PRIMARY role of information security in this effort?

A.Ensure the service provider has the appropriate certifications.

B.Explain security issues associated with the solution to management.

C.Ensure a security audit is performed of the service provider.

D.Determine how to securely implement the solution.

CISM Exam Question 5

Which of the following is the MAIN objective of a risk management program?

A.Reduce risk to the maximum extent possible.

B.Reduce risk to the level of the organization's risk appetite.

C.Reduce corporate liability for information security incidents.

D.Reduce costs associated with incident response.

Other Version: 1852ISACA.CISM.v2024-10-14.q528; 569ISACA.CISM.v2024-07-14.q167; 677ISACA.CISM.v2024-04-24.q336; 1232ISACA.CISM.v2023-09-14.q160; 1201ISACA.CISM.v2023-09-09.q151; 1197ISACA.CISM.v2023-08-22.q180; 975ISACA.CISM.v2023-07-28.q152; 1022ISACA.CISM.v2023-05-16.q111; 1058ISACA.CISM.v2023-05-10.q114; 1006ISACA.CISM.v2023-03-07.q88; 4350ISACA.CISM.v2022-09-16.q374; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11739ISACA.CISM.v2022-04-15.q999; 14796ISACA.CISM.v2021-10-30.q999

Latest Upload: 196ISACA.CGEIT.v2025-09-19.q537; 149Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 150Scrum.SAFe-Practitioner.v2025-09-18.q63; 141Workday.Workday-Prism-Analytics.v2025-09-17.q17; 130Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 226Nutanix.NCP-US-6.5.v2025-09-16.q73; 245Oracle.1z0-071.v2025-09-16.q232; 193Oracle.1Z1-922.v2025-09-16.q125; 309CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 1

CISM Exam Question 2

CISM Exam Question 3

CISM Exam Question 4

CISM Exam Question 5

Download PDF File