Online Access Free ISACA.CISM.v2022-08-01.q522 Practice Test (Page 84)

CISM Exam Question 411

Which of the following BEST describes a buffer overflow?

A.Malicious code designed to interfere with normal operations.

B.A function is carried out with more data than the function can handle.

C.A type of covert channel that captures data.

D.A program contains a hidden and unintended function that presents a security risk.

CISM Exam Question 412

An organization engages 4 third-party vendor to monitor and support a financial application under scrutiny by regulators. Maintaining strict data integrity and confidentiality for this application is critical to the business. Which of the following controls would MOST effectively manage risk to the organization?

A.Activating access and data logging

B.Disabling vendor access and only re-enabling when access is needed

C.Implementing periodic access reviews of vendor employees

D.Implementing segregation of duties between systems and data

CISM Exam Question 413

An online trading company discovers that a network attack has penetrated the firewall What should be the information security manager's FIRST response?

A.Evaluate the impact to the business.

B.Notify the regulatory agency of the incident

C.Examine firewall logs to identity the attacker

D.Implement mitigating controls

CISM Exam Question 414

Senior management is concerned a security solution may not adequately protect its multiple global data centers following recent industry breaches. What should be done NEXT?

A.Perform a risk assessment.

B.Conduct a business impact analysis (BIA).

C.Require an internal audit review.

D.Perform a gap analysis.

CISM Exam Question 415

When is the BEST time to identify the potential regulatory risk a new service provider presents to the organization?

A.During integration planning

B.During business case analysis

C.During contract negotiations

D.During due diligence

Other Version: 1888ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 717ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1228ISACA.CISM.v2023-08-22.q180; 1006ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4388ISACA.CISM.v2022-09-16.q374; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11787ISACA.CISM.v2022-04-15.q999; 14835ISACA.CISM.v2021-10-30.q999

Latest Upload: 287ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 244Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 411

CISM Exam Question 412

CISM Exam Question 413

CISM Exam Question 414

CISM Exam Question 415

Download PDF File