Online Access Free ISACA.CISM.v2023-09-14.q160 Practice Test (Page 2)

CISM Exam Question 1

An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:

A.service level agreements (SLAs)

B.security requirements for the process being outsourced.

C.risk-reporting methodologies.

D.security metrics

CISM Exam Question 2

Which of the following would BEST ensure that security is integrated during application development?

A.Performing application security testing during acceptance testing

B.Providing training on secure development practices to programmers

C.Introducing security requirements during the initiation phase

D.Employing global security standards during development processes

CISM Exam Question 3

Which of the following is MOST important to have in place as a basis for developing an effective information security program that supports the organization's business goals?

A.A defined security organizational structure

B.An information security strategy

C.Metrics to drive the information security program

D.Information security policies

CISM Exam Question 4

In a business proposal, a potential vendor promotes being certified for international security standards as a measure of its security capability.
Before relying on this certification, it is MOST important that the information security manager confirms that the:

A.certification can be extended to cover the client's business.

B.certification scope is relevant to the service being offered.

C.certification will remain current through the life of the contract.

D.current international standard was used to assess security processes.

CISM Exam Question 5

Which of the following is MOST important to convey to employees in building a security risk-aware culture?

A.Personal information requires different security controls than sensitive information.

B.Employee access should be based on the principle of least privilege.

C.Understanding an information asset's value is critical to risk management.

D.The responsibility for security rests with all employees.

Other Version: 1853ISACA.CISM.v2024-10-14.q528; 570ISACA.CISM.v2024-07-14.q167; 678ISACA.CISM.v2024-04-24.q336; 1202ISACA.CISM.v2023-09-09.q151; 1199ISACA.CISM.v2023-08-22.q180; 976ISACA.CISM.v2023-07-28.q152; 1023ISACA.CISM.v2023-05-16.q111; 1067ISACA.CISM.v2023-05-10.q114; 1008ISACA.CISM.v2023-03-07.q88; 4352ISACA.CISM.v2022-09-16.q374; 8237ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11749ISACA.CISM.v2022-04-15.q999; 14797ISACA.CISM.v2021-10-30.q999

Latest Upload: 218ISACA.CGEIT.v2025-09-19.q537; 152Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 153Scrum.SAFe-Practitioner.v2025-09-18.q63; 141Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 234Nutanix.NCP-US-6.5.v2025-09-16.q73; 256Oracle.1z0-071.v2025-09-16.q232; 195Oracle.1Z1-922.v2025-09-16.q125; 314CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 1

CISM Exam Question 2

CISM Exam Question 3

CISM Exam Question 4

CISM Exam Question 5

Download PDF File