Online Access Free ISACA.CISM.v2024-04-24.q336 Practice Test (Page 63)

CISM Exam Question 306

A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?

A.Balanced scorecard

B.Vulnerability analysis

C.Impact analysis

D.Cost-benefit analysis

CISM Exam Question 307

Which of the following is the MOST important reason for logging firewall activity?

A.Incident investigation

B.Auditing purposes

C.Intrusion detection

D.Firewall tuning

CISM Exam Question 308

An organization's HR department requires that employee account privileges be removed from all corporate IT systems within three days of termination to comply with a government regulation However, the systems all have different user directories, and it currently takes up to four weeks to remove the privileges Which of the following would BEST enable regulatory compliance?

A.Multi-factor authentication (MFA) system

B.Identity and access management (IAM) system

C.Privileged access management (PAM) system

D.Governance, risk, and compliance (GRC) system

CISM Exam Question 309

An information security manager uses security metrics to measure the:

A.performance of the information security program.

B.performance of the security baseline.

C.effectiveness of the security risk analysis.

D.effectiveness of the incident response team.

CISM Exam Question 310

When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:

A.the information security steering committee.

B.customers who may be impacted.

C.data owners who may be impacted.

D.regulatory- agencies overseeing privacy.

Other Version: 1860ISACA.CISM.v2024-10-14.q528; 585ISACA.CISM.v2024-07-14.q167; 1234ISACA.CISM.v2023-09-14.q160; 1212ISACA.CISM.v2023-09-09.q151; 1208ISACA.CISM.v2023-08-22.q180; 977ISACA.CISM.v2023-07-28.q152; 1033ISACA.CISM.v2023-05-16.q111; 1072ISACA.CISM.v2023-05-10.q114; 1017ISACA.CISM.v2023-03-07.q88; 4361ISACA.CISM.v2022-09-16.q374; 8250ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11762ISACA.CISM.v2022-04-15.q999; 14807ISACA.CISM.v2021-10-30.q999

Latest Upload: 238ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 153Scrum.SAFe-Practitioner.v2025-09-18.q63; 142Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 128Oracle.1Z1-182.v2025-09-17.q32; 239Nutanix.NCP-US-6.5.v2025-09-16.q73; 263Oracle.1z0-071.v2025-09-16.q232; 202Oracle.1Z1-922.v2025-09-16.q125; 318CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 306

CISM Exam Question 307

CISM Exam Question 308

CISM Exam Question 309

CISM Exam Question 310

Download PDF File