Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 124)

Question 611

Which of the following is the MOST appropriate method of ensuring password strength in a large organization?

A.Attempt to reset several passwords to weaker values

B.Install code to capture passwords for periodic audit

C.Sample a subset of users and request their passwords for review

D.Review general security settings on each platform

Question 612

When the computer incident response team (CIRT) finds clear evidence that a hacker has penetrated the corporate network and modified customer information, an information security manager should FIRST notify:

A.the information security steering committee.

B.customers who may be impacted.

C.data owners who may be impacted.

D.regulatory- agencies overseeing privacy.

Question 613

An organization planning to contract with a cloud service provider is concerned about the risk of account hijacking at login. What is MOST important for the organization in its security requirements to address this concern?

A.Utilize encryption for account logins.

B.Rotate account passwords regularly.

C.Create unique login credentials for each user.

D.Utilize multi-factor authentication

Question 614

A digital signature using a public key infrastructure (PKI) will:

A.not ensure the integrity of a message.

B.rely on the extent to which the certificate authority (CA) is trusted.

C.require two parties to the message exchange.

D.provide a high level of confidentiality.

Question 615

An information security manager learns of a new international standard related to information security. Which of the following would be the BEST course of action?

A.Consult with legal counsel on the standard's applicability to regulations

B.Review industry peers responses to the new standard.

C.Perform a gap analysis between the new standard and existing practices.

D.Determine whether the organization can benefit from adopting the new standard.

Other Version: 1108ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12805ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 108Oracle.1z0-1196-25.v2025-09-12.q18; 109NetworkAppliance.NS0-162.v2025-09-12.q86; 149OCEG.GRCP.v2025-09-11.q211; 109HP.HPE0-V27.v2025-09-11.q78; 125Oracle.1Z0-1057-23.v2025-09-10.q47; 161Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 139SAP.C-S4EWM-2023.v2025-09-08.q83; 183TheSecOpsGroup.CNSP.v2025-09-08.q20; 267CFAInstitute.ESG-Investing.v2025-09-08.q173; 257PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 611

Question 612

Question 613

Question 614

Question 615

Download PDF File