Online Access Free ISACA.CISM.v2024-10-14.q528 Practice Test (Page 97)

CISM Exam Question 476

A business unit intends to deploy a new technology in a manner that places it in violation of existing information security standards. What immediate action should an information security manager take?

A.Enforce the existing security standard

B.Change the standard to permit the deployment

C.Perform a risk analysis to quantify the risk

D.Perform research to propose use of a better technology

CISM Exam Question 477

An employee who denies accusations of downloading inappropriate material to an organizational device has been discharged. In support of the disciplinary action the collection of legal evidence is required. Which of the following is the information security manager's BEST recommendation?

A.Create a forensic image of the original file system

B.Delete all inappropriate material after taking a local copy

C.Log in to the employee's device and create a local copy to USB drive

D.Rely on server backup allowing strict access control

CISM Exam Question 478

To confirm that a third-party provider complies with an organization's information security requirements, it is MOST important to ensure:

A.the information security policy of the third-party service provider is reviewed.

B.security metrics are included in the service level agreement (SLA).

C.contract clauses comply with the organization's information security policy.

D.right to audit is included in the service level agreement (SLA).

CISM Exam Question 479

Which of the following BEST enables an organization to provide ongoing assurance that legal and regulatory compliance requirements can be met?

A.Performing periodic audits for compliance with legal and regulatory requirements

B.Assigning the operations manager accountability for meeting compliance requirements

C.Engaging external experts to provide guidance on changes in compliance requirements

D.Embedding compliance requirements within operational processes

CISM Exam Question 480

Which of the following BEST enables an information security manager to determine the comprehensiveness of an organization's information security strategy?

A.Organizational risk appetite

B.Business impact analysis (BIA)

C.External security audit

D.Internal security audit

Other Version: 606ISACA.CISM.v2024-07-14.q167; 717ISACA.CISM.v2024-04-24.q336; 1262ISACA.CISM.v2023-09-14.q160; 1233ISACA.CISM.v2023-09-09.q151; 1228ISACA.CISM.v2023-08-22.q180; 1005ISACA.CISM.v2023-07-28.q152; 1045ISACA.CISM.v2023-05-16.q111; 1081ISACA.CISM.v2023-05-10.q114; 1025ISACA.CISM.v2023-03-07.q88; 4388ISACA.CISM.v2022-09-16.q374; 8269ISACA.CISM.v2022-08-01.q522; 56ISACA.Ipassleader.CISM.v2022-06-09.by.josephine.1215q.pdf; 11780ISACA.CISM.v2022-04-15.q999; 14835ISACA.CISM.v2021-10-30.q999

Latest Upload: 274ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 243Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISM Exam Question 476

CISM Exam Question 477

CISM Exam Question 478

CISM Exam Question 479

CISM Exam Question 480

Download PDF File