Online Access Free ISACA.CISM.v2024-10-14.q528 Practice Test (Page 96)

CISM Exam Question 471

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

A.translates information security policies and standards into business requirements.

B.relates the investment to the organization's strategic plan.

C.realigns information security objectives to organizational strategy.

D.articulates management's intent and information security directives in clear language.

CISM Exam Question 472

What is the PRIMARY purpose of an unannounced disaster recovery exercise?

A.To evaluate how personnel react to the situation

B.To assess service level agreements (SLAs)

C.To provide metrics to senior management

D.To estimate the recovery time objective (RTO)

CISM Exam Question 473

An organization has identified a risk scenario that has low impact to the organization but is very costly to mitigate. Which risk treatment option is MOST appropriate in this situation?

A.Acceptance

B.Avoidance

C.Transfer

D.Mitigation

CISM Exam Question 474

Which of the following is MOST important to complete during the recovery phase of an incident response process before bringing affected systems back online?

A.Document recovery steps for senior management reporting.

B.Test and verify that compromised systems are clean.

C.Capture and preserve forensic images of affected systems.

D.Record and close security incident tickets.

CISM Exam Question 475

A new law requires an organization to implement specific security controls. Which of the following should the information security manager do FIRST?

A.Perform a gap analysis on the new requirements.

B.Integrate the new requirements into the security policy.

C.Develop a control implementation plan.

D.Assess the risk of noncompliance with the new requirements.

Other Version: 606ISACA.CISM.v2024-07-14.q167; 716ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1228ISACA.CISM.v2023-08-22.q180; 1005ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4388ISACA.CISM.v2022-09-16.q374; 8269ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11780ISACA.CISM.v2022-04-15.q999; 14835ISACA.CISM.v2021-10-30.q999

Latest Upload: 274ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 243Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 471

CISM Exam Question 472

CISM Exam Question 473

CISM Exam Question 474

CISM Exam Question 475

Download PDF File