Online Access Free ISACA.CISM.v2022-08-01.q522 Practice Test (Page 82)

CISM Exam Question 401

Due lo budget constraints, an internal IT application does not include the necessary controls to meet a client service level agreement (SLA). Which of the following is the information security manager's BEST course of action?

A.Require the application owner to implement the controls.

B.Inform the legal department of the deficiency

C.Assess and present the risks to the application owner

D.Analyze and report the issue to server management

CISM Exam Question 402

A risk assessment report shows that phishing attacks are an emerging threat for an organization that supports online financial services. Which of the following is the information security manager's BEST course of action?

A.Transfer risk with insurance coverage.

B.Update antivirus software

C.Implement spam protection.

D.Conduct corporate awareness training.

CISM Exam Question 403

Which of the following provides the BEST opportunity to evaluate the capabilities of incident response team members?

A.Disaster recovery exercise

B.Breach simulation exercise

C.Tabletop test

D.Black box penetration test

CISM Exam Question 404

When implementing a new risk assessment methodology, which of the following is the MOST important requirement?

A.The methodology must be approved by the chief executive officer.

B.Risk assessments must be reviewed annually.

C.The methodology used must be consistent across the organization.

D.Risk assessments must be conducted by certified staff.

CISM Exam Question 405

Which of the following is the MOST effective way for senior management to support the integration of information security governance into corporate governance?

A.Establish a storing committee with representation from across the organization.

B.Appoint a business manager as head of information security

C.Develop the information security strategy based on the enterprise strategy

D.Promote organization-wide information security awareness campaigns.

Other Version: 1888ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 717ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1228ISACA.CISM.v2023-08-22.q180; 1006ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4388ISACA.CISM.v2022-09-16.q374; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11782ISACA.CISM.v2022-04-15.q999; 14835ISACA.CISM.v2021-10-30.q999

Latest Upload: 287ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 244Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 401

CISM Exam Question 402

CISM Exam Question 403

CISM Exam Question 404

CISM Exam Question 405

Download PDF File