Online Access Free ISACA.CISM.v2023-07-28.q152 Practice Test (Page 17)

CISM Exam Question 76

A PRIMARY purpose of creating security policies is to:

A.define allowable security boundaries.

B.establish the way security tasks should be executed.

C.communicate management's security expectations.

D.implement management's security governance strategy.

CISM Exam Question 77

An information security manager learns that IT personnel are not adhering to the information security policy because it creates process inefficiencies. What should the information security manager do FIRST?

A.Propose that IT update information security policies and procedures.

B.Conduct user awareness training within the IT function.

C.Request that internal audit conduct a review of the policy development process,

D.Determine the risk related to noncompliance with the policy.

CISM Exam Question 78

A cloud application used by an organization is found to have a serious vulnerability. After assessing the risk, which of the following would be the information security manager's BEST course of action?

A.Initiate the organization's incident response process.

B.Report the situation to the business owner of the application.

C.Suspend the connection to the application in the firewall

D.Instruct the vendor to conduct penetration testing.

CISM Exam Question 79

Which of the following should an information security manager do FIRST upon learning that some security hardening settings may negatively impact future business activity?

A.Reduce security hardening settings.

B.Inform business management of the risk.

C.Document a security exception.

D.Perform a risk assessment.

CISM Exam Question 80

Which of the following is MOST important to include in monthly information security reports to the board?

A.Trend analysis of security metrics

B.Root cause analysis of security incidents

C.Threat intelligence

D.Risk assessment results

Other Version: 1890ISACA.CISM.v2024-10-14.q528; 606ISACA.CISM.v2024-07-14.q167; 722ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4396ISACA.CISM.v2022-09-16.q374; 8278ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11789ISACA.CISM.v2022-04-15.q999; 14841ISACA.CISM.v2021-10-30.q999

Latest Upload: 290ISACA.CGEIT.v2025-09-19.q537; 154Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 245Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 326CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 76

CISM Exam Question 77

CISM Exam Question 78

CISM Exam Question 79

CISM Exam Question 80

Download PDF File