Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 103)

Question 506

Which of the following enables compliance with a nonrepudiation policy requirement for electronic transactions?

A.Digital certificates

B.Digital signatures

C.Encrypted passwords

D.One-time passwords

Question 507

Which of the following should be done FIRST when handling multiple confirmed incidents raised at the same time?

A.Activate the business continuity plan (BCP).

B.Update the business impact assessment.

C.Inform senior management.

D.Categorize incidents by the value of the affected asset.

Question 508

It is suspected that key e-mails have been viewed by unauthorized parties. The e-mail administrator conducted an investigation but it has not returned any information relating to the incident, and leaks are continuing.
Which of the following is the BEST recommended course of action to senior management?

A.Commence security training for staff at the organization.

B.Restrict the distribution of confidential e-mails.

C.Rebuild the e-mail application.

D.Arrange for an independent review.

Question 509

Which of the following metrics would be the MOST useful in measuring how well information security is monitoring violation logs?

A.Penetration attempts investigated

B.Violation log reports produced

C.Violation log entries

D.Frequency of corrective actions taken

Question 510

An information security manager has been informed of a new vulnerability in an online banking application, and a patch to resolve this issue is expected to be released in the next 72 hours. The information security manager s MOST important course of action is to:

A.identify and implement mitigating controls.

B.run the application system m offline mode.

C.assess the risk and advise senior management

D.perform a business impact analysis (BIA).

Other Version: 1113ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12811ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 111Oracle.1z0-1196-25.v2025-09-12.q18; 110NetworkAppliance.NS0-162.v2025-09-12.q86; 151OCEG.GRCP.v2025-09-11.q211; 110HP.HPE0-V27.v2025-09-11.q78; 126Oracle.1Z0-1057-23.v2025-09-10.q47; 169Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 140SAP.C-S4EWM-2023.v2025-09-08.q83; 186TheSecOpsGroup.CNSP.v2025-09-08.q20; 282CFAInstitute.ESG-Investing.v2025-09-08.q173; 264PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 506

Question 507

Question 508

Question 509

Question 510

Download PDF File