Online Access Free ISACA.CISM.v2024-10-14.q528 Practice Test (Page 83)

CISM Exam Question 406

An organization is close to going live with the implementation of a cloud-based application.
Independent penetration test results have been received that show a high-rated vulnerability.
Which of the following would be the BEST way to proceed?

A.Assess whether the vulnerability is within the organization's risk tolerance levels.

B.Postpone the implementation until the vulnerability has been fixed.

C.Commission further penetration tests to validate initial test results.

D.Implement the application and request the cloud service provider to fix the vulnerability.

CISM Exam Question 407

Which of the following BEST enables the detection of advanced persistent threats (APTs)?

A.Internet gateway filtering

B.Security information and event management system (SIEM)

C.Vulnerability scanning

D.Periodic reviews of intrusion prevention system (IPS)

CISM Exam Question 408

The BEST way to identify the risk associated with a social engineering attack is to:

A.test user knowledge of information security practices.

B.monitor the intrusion detection system (IDS).

C.review single sign-on (SSO) authentication logs.

D.perform a business risk assessment of the email filtering system.

CISM Exam Question 409

An information security manager was informed that a planned penetration test could potentially disrupt some services. Which of the following should be the FIRST course of action?

A.Ensure the service owner is available during the penetration test.

B.Reschedule the activity during an approved maintenance window.

C.Accept the risk and document it in the risk register.

D.Estimate the impact and inform the business owner.

CISM Exam Question 410

Which of the following factors has the GREATEST influence on the successful implementation of information security strategy goals?

A.Compliance acceptance

B.Budgetary approval

C.Regulatory requirements

D.Management support

Other Version: 606ISACA.CISM.v2024-07-14.q167; 733ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4405ISACA.CISM.v2022-09-16.q374; 8287ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11798ISACA.CISM.v2022-04-15.q999; 14852ISACA.CISM.v2021-10-30.q999

Latest Upload: 307ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 246Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 326CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 406

CISM Exam Question 407

CISM Exam Question 408

CISM Exam Question 409

CISM Exam Question 410

Download PDF File