Online Access Free ISACA.CISM.v2024-10-14.q528 Practice Test (Page 85)

CISM Exam Question 416

A business unit handles sensitive personally identifiable information (PII), which presents a significant financial liability to the organization should a breach occur.
Which of the following is the BEST way to mitigate the risk to the organization?

A.Implementing audit logging on systems

B.Contracting the process to a third party

C.Purchasing insurance

D.Including indemnification into customer contracts

CISM Exam Question 417

Which of the following is the MOST important consideration when establishing an organization's information security governance committee?

A.Members represent functions across the organization

B.Members are rotated periodically

C.Members are business risk owners

D.Members have knowledge of information security controls

CISM Exam Question 418

An attacker was able to gain access to an organization's perimeter firewall and made changes to allow wider external access and to steal data. Which of the following would have BEST provided timely identification of this incident?

A.Deploying an intrusion prevention system (IPS)

B.Conducting regular system administrator awareness training

C.Deploying a security information and event management system (SIEM)

D.Implementing a data loss prevention (DLP) suite

CISM Exam Question 419

An information security manager has completed a risk assessment and has determined the residual risk. Which of the following should be the NEXT step?

A.Determine if the risk is within the risk appetite.

B.Conduct an evaluation of controls.

C.Classify all identified risks.

D.Implement countermeasures to mitigate risk.

CISM Exam Question 420

Prior to implementing a bring your own device (BYOD) program, it is MOST important to:

A.develop an acceptable use policy.

B.select mobile device management (MDM) software.

C.survey employees for requested applications.

D.review currently utilized applications.

Other Version: 606ISACA.CISM.v2024-07-14.q167; 731ISACA.CISM.v2024-04-24.q336; 1266ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1232ISACA.CISM.v2023-08-22.q180; 1009ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4405ISACA.CISM.v2022-09-16.q374; 8287ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11798ISACA.CISM.v2022-04-15.q999; 14852ISACA.CISM.v2021-10-30.q999

Latest Upload: 307ISACA.CGEIT.v2025-09-19.q537; 155Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 156Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 246Nutanix.NCP-US-6.5.v2025-09-16.q73; 266Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 326CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 416

CISM Exam Question 417

CISM Exam Question 418

CISM Exam Question 419

CISM Exam Question 420

Download PDF File