Online Access Free ISACA.CISM.v2023-09-09.q151 Practice Test (Page 30)

CISM Exam Question 141

Which of the following is the MOST important criterion when deciding whether to accept residual risk?

A.Annual rate of occurrence

B.Cost of additional mitigation

C.Cost of replacing the asset

D.Annual loss expectancy (ALE)

CISM Exam Question 142

The PRIMARY objective of a post-incident review of an information security incident is to:

A.update the risk profile

B.minimize impact

C.prevent recurrence.

D.determine the impact

CISM Exam Question 143

Which of the following BEST indicates that information assets are classified accurately?

A.Appropriate prioritization of information risk treatment

B.An accurate and complete information asset catalog

C.Appropriate assignment of information asset owners

D.Increased compliance with information security policy

CISM Exam Question 144

Reviewing which of the following would be MOST helpful when a new information security manager is developing an information security strategy for a non-regulated organization?

A.Management's business goals and objectives

B.Strategies of other non-regulated companies

C.Risk assessment results

D.Industry best practices and control recommendations

CISM Exam Question 145

A cloud application used by an organization is found to have a serious vulnerability. After assessing the risk, which of the following would be the information security manager's BEST course of action?

A.Instruct the vendor to conduct penetration testing.

B.Initiate the organization's incident response process.

C.Suspend the connection to the application in the firewall

D.Report the situation to the business owner of the application.

Other Version: 1862ISACA.CISM.v2024-10-14.q528; 597ISACA.CISM.v2024-07-14.q167; 702ISACA.CISM.v2024-04-24.q336; 1236ISACA.CISM.v2023-09-14.q160; 1215ISACA.CISM.v2023-08-22.q180; 979ISACA.CISM.v2023-07-28.q152; 1043ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1023ISACA.CISM.v2023-03-07.q88; 4373ISACA.CISM.v2022-09-16.q374; 8259ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11771ISACA.CISM.v2022-04-15.q999; 14818ISACA.CISM.v2021-10-30.q999

Latest Upload: 257ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 243Nutanix.NCP-US-6.5.v2025-09-16.q73; 264Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 323CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 141

CISM Exam Question 142

CISM Exam Question 143

CISM Exam Question 144

CISM Exam Question 145

Download PDF File