Online Access Free ISACA.CISM.v2023-09-09.q151 Practice Test (Page 9)

CISM Exam Question 36

An information security manager learns that IT personnel are not adhering to the information security policy because it creates process inefficiencies. What should the information security manager do FIRST?

A.Conduct user awareness training within the IT function.

B.Determine the risk related to noncompliance with the policy.

C.Request that internal audit conduct a review of the policy development process,

D.Propose that IT update information security policies and procedures.

CISM Exam Question 37

When collecting admissible evidence, which of the following is the MOST important requirement?

A.Need to know

B.Preserving audit logs

C.Due diligence

D.Chain of custody

CISM Exam Question 38

Which of the following BEST enables an organization to provide ongoing assurance that legal and regulatory compliance requirements can be met?

A.Embedding compliance requirements within operational processes

B.Engaging external experts to provide guidance on changes in compliance requirements

C.Performing periodic audits for compliance with legal and regulatory requirements

D.Assigning the operations manager accountability for meeting compliance requirements

CISM Exam Question 39

Which of the following activities MUST be performed by an information security manager for change requests?

A.Assess impact on information security risk.

B.Perform penetration testing on affected systems.

C.Scan IT systems for operating system vulnerabilities.

D.Review change in business requirements for information security.

CISM Exam Question 40

An organization is close to going live with the implementation of a cloud-based application. Independent penetration test results have been received that show a high-rated vulnerability. Which of the following would be the BEST way to proceed?

A.Assess whether the vulnerability is within the organization's risk tolerance levels.

B.Commission further penetration tests to validate initial test results,

C.Postpone the implementation until the vulnerability has been fixed.

D.Implement the application and request the cloud service provider to fix the vulnerability.

Premium Bundle

Newest CISM Exam PDF Dumps shared by Actual4test.com for Helping Passing CISM Exam! Actual4test.com now offer the updated CISM exam dumps, the Actual4test.com CISM exam questions have been updated and answers have been corrected get the latest Actual4test.com CISM pdf dumps with Exam Engine here:

Access CISM Premium Version

(964 Q&As Dumps, 30%OFF Special Discount: Freepdfdumps)

Other Version: 1853ISACA.CISM.v2024-10-14.q528; 571ISACA.CISM.v2024-07-14.q167; 679ISACA.CISM.v2024-04-24.q336; 1234ISACA.CISM.v2023-09-14.q160; 1201ISACA.CISM.v2023-08-22.q180; 976ISACA.CISM.v2023-07-28.q152; 1023ISACA.CISM.v2023-05-16.q111; 1067ISACA.CISM.v2023-05-10.q114; 1009ISACA.CISM.v2023-03-07.q88; 4352ISACA.CISM.v2022-09-16.q374; 8237ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11749ISACA.CISM.v2022-04-15.q999; 14799ISACA.CISM.v2021-10-30.q999

Latest Upload: 218ISACA.CGEIT.v2025-09-19.q537; 152Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 153Scrum.SAFe-Practitioner.v2025-09-18.q63; 141Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 234Nutanix.NCP-US-6.5.v2025-09-16.q73; 256Oracle.1z0-071.v2025-09-16.q232; 195Oracle.1Z1-922.v2025-09-16.q125; 314CyberArk.PAM-CDE-RECERT.v2025-09-15.q100