Online Access Free ISACA.CISM.v2022-08-01.q522 Practice Test (Page 73)

CISM Exam Question 356

An information security manager has recently been notified of potential security risks associated with a third-party service provider. What should be done NEXT to address this concern?

A.Determine compensating controls

B.Conduct a risk analysis

C.Escalate to the chief risk officer

D.Conduct a vulnerability analysis

CISM Exam Question 357

Which of the following is the MOST important consideration when reporting the effectiveness of an information security program to key business stakeholders''

A.Demonstrating cost savings of each control

B.Linking security metrics to the business impact analysis (BIA)

C.Linking security metrics to business objectives

D.Demonstrating a decrease in information security incidents

CISM Exam Question 358

An information security manager is preparing an incident response plan. Which of the following is the MOST important consideration when responding to an incident involving sensitive customer data?

A.The ability to recover from the incident in a timely manner

B.The assignment of a forensics team

C.The ability to obtain incident information in a timely manner

D.Following defined post-incident review procedures

CISM Exam Question 359

Which of the following is an information security manager's BEST course of action upon identification of a shadow IT application being used by a business unit?

A.Notify senior management of the application.

B.Perform a vendor due diligence review.

C.Determine the nature of information within the application.

D.Report the application to the IT department.

CISM Exam Question 360

A system administrator failed to report a security incident where the critical application server was not available to the business users. Which of the following is the BEST way to prevent a reoccurrence?

A.Communicate disciplinary procedures.

B.Conduct incident response plan testing.

C.Define communication processes

D.Document the incident response plan

Other Version: 1906ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 735ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4405ISACA.CISM.v2022-09-16.q374; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11799ISACA.CISM.v2022-04-15.q999; 14853ISACA.CISM.v2021-10-30.q999

Latest Upload: 320ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 246Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 204Oracle.1Z1-922.v2025-09-16.q125; 327CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 356

CISM Exam Question 357

CISM Exam Question 358

CISM Exam Question 359

CISM Exam Question 360

Download PDF File