Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 119)

Question 586

An organization is concerned with the risk of information leakage caused by incorrect use of personally owned smart devices by employees. What is the BEST way for the information security manager to mitigate the associated risk?

A.Document a bong-your-own-device (BYODJ policy.

B.implement a multi-factor authentication solution.

C.Implement a mobile device management solution.

D.Require employees to sign a nondisclosure agreement

Question 587

Which of the following processes can be used to remediate identified technical vulnerabilities?

A.Performing a business impact analysis (BIA)

B.Running automated scanners

C.Conducting a risk assessment

D.Running baseline configurations

Question 588

Which of the following MUST be established before implementing a data loss prevention (DLP) system?

A.Privacy impact assessment

B.A data backup policy

C.Data classification

D.A data recovery policy

Question 589

Which of the following is MOST appropriate for inclusion in an information security strategy?

A.Business controls designated as key controls

B.Security processes, methods, tools and techniques

C.Firewall rule sets, network defaults and intrusion detection system (IDS) settings

D.Budget estimates to acquire specific security tools

Question 590

A large number of exceptions to an organization's information security standards have been granted after senior management approved a bring your own device (BYOD) program. To address this situation, it is MOST important for the information security manager to:

A.require authorization to wipe lost devices.

B.update the information security policy.

C.reject new exception requests.

D.introduce strong authentication on devices.

Other Version: 1107ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12805ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 108Oracle.1z0-1196-25.v2025-09-12.q18; 109NetworkAppliance.NS0-162.v2025-09-12.q86; 149OCEG.GRCP.v2025-09-11.q211; 109HP.HPE0-V27.v2025-09-11.q78; 125Oracle.1Z0-1057-23.v2025-09-10.q47; 161Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 139SAP.C-S4EWM-2023.v2025-09-08.q83; 183TheSecOpsGroup.CNSP.v2025-09-08.q20; 267CFAInstitute.ESG-Investing.v2025-09-08.q173; 257PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 586

Question 587

Question 588

Question 589

Question 590

Download PDF File