Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 123)

Question 606

Which of the following is the MOST important consideration when designing information security architecture?

A.The information security architecture is aligned with industry standards.

B.Risk management parameters for the organization are defined.

C.The level of security supported is based on business decisions.

D.The existing threat landscape is monitored.

Question 607

A new organization has been hit with a ransomware attack that is critically impacting its business operations. The organization does not yet have a proper incident response plan, but it does have a backup procedure for restoration of dat a. Which of the following should be the FIRST course of action?

A.Contact the legal department.

B.Isolate the affected system.

C.Establish an incident response plan.

D.Recommend that management pay the ransom.

Question 608

A business partner of a factory has remote read-only access to material inventory to forecast future acquisition orders. An information security manager should PRIMARILY ensure that there is:

A.an effective control over connectivity and continuity.

B.a service level agreement (SLA) including code escrow.

C.a business impact analysis (BIA).

D.a third-party certification.

Question 609

What is the BEST policy for securing data on mobile universal serial bus (USB) drives?

A.Authentication

B.Encryption

C.Prohibit employees from copying data to USB devices

D.Limit the use of USB devices

Question 610

An information security manager has observed multiple exceptions for a number of different security controls.
Which of the following should be the information security manager's FIRST course of action?

A.Report the noncompliance to the board of directors.

B.Inform respective risk owners of the impact of exceptions.

C.Design mitigating controls for the exceptions.

D.Prioritize the risk and implement treatment options.

Other Version: 1107ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12799ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 108Oracle.1z0-1196-25.v2025-09-12.q18; 107NetworkAppliance.NS0-162.v2025-09-12.q86; 147OCEG.GRCP.v2025-09-11.q211; 108HP.HPE0-V27.v2025-09-11.q78; 124Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 138SAP.C-S4EWM-2023.v2025-09-08.q83; 183TheSecOpsGroup.CNSP.v2025-09-08.q20; 263CFAInstitute.ESG-Investing.v2025-09-08.q173; 252PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 606

Question 607

Question 608

Question 609

Question 610

Download PDF File