Online Access Free ISACA.CISM.v2023-08-22.q180 Practice Test (Page 29)

CISM Exam Question 136

An information security manager is reporting on open items from the risk register to senior management. Which of the following is MOST important to communicate with regard to these risks?

A.Key risk indicators (KRIS)

B.Potential business impact

C.Compensating controls

D.Responsible entities

CISM Exam Question 137

Regular vulnerability scanning on an organization's internal network has identified that many user workstations have unpatched versions of software. What is the BEST way for the information security manager to help senior management understand the related risk?

A.Include the impact of the risk as part of regular metrics.

B.Recommend the security steering committee conduct a review.

C.Update the risk assessment at regular intervals

D.Send regular notifications directly to senior managers

CISM Exam Question 138

Which of the following is MOST important to include in monthly information security reports to the board?

A.Risk assessment results

B.Trend analysis of security metrics

C.Threat intelligence

D.Root cause analysis of security incidents

CISM Exam Question 139

Which of the following is the BEST approach to incident response for an organization migrating to a cloud-based solution?

A.Adopt the cloud provider's incident response procedures.

B.Transfer responsibility for incident response to the cloud provider.

C.Continue using the existing incident response procedures.

D.Revise incident response procedures to encompass the cloud environment.

CISM Exam Question 140

Which of the following risk scenarios is MOST likely to emerge from a supply chain attack?

A.Compromise of critical assets via third-party resources

B.Unreliable delivery of hardware and software resources by a supplier

C.Unavailability of services provided by a supplier

D.Loss of customers due to unavailability of products

Other Version: 1862ISACA.CISM.v2024-10-14.q528; 592ISACA.CISM.v2024-07-14.q167; 698ISACA.CISM.v2024-04-24.q336; 1236ISACA.CISM.v2023-09-14.q160; 1216ISACA.CISM.v2023-09-09.q151; 979ISACA.CISM.v2023-07-28.q152; 1043ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1018ISACA.CISM.v2023-03-07.q88; 4368ISACA.CISM.v2022-09-16.q374; 8259ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11766ISACA.CISM.v2022-04-15.q999; 14812ISACA.CISM.v2021-10-30.q999

Latest Upload: 257ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 243Nutanix.NCP-US-6.5.v2025-09-16.q73; 263Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 323CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 136

CISM Exam Question 137

CISM Exam Question 138

CISM Exam Question 139

CISM Exam Question 140

Download PDF File