Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 135)

Question 666

Which of the following is an example of a corrective control?

A.Diverting incoming traffic upon responding to the denial of service (DoS) attack

B.Filtering network traffic before entering an internal network from outside

C.Examining inbound network traffic for viruses

D.Logging inbound network traffic

Question 667

When configuring a biometric access control system that protects a high-security data center, the system's sensitivity level should be set:

A.to a higher false reject rate (FRR).

B.to a lower crossover error rate.

C.to a higher false acceptance rate (FAR).

D.exactly to the crossover error rate.

Question 668

Which of the following practices BEST supports the achievement of information security program objectives in the IT function?

A.Review and approval of IT projects by the information security manager

B.Continuous security auditing of IT service processes

C.Participation of IT stakeholders in the security program steering committee

D.IT management sign-off on information security policies

Question 669

What should an information security manager do FIRST upon learning of a significant regulatory change that impacts how the organization should safeguard critical data?

A.Report the regulatory change to senior management

B.Perform a gap analysis.

C.Assess impact to industry peers.

D.Implement needed control changes.

Question 670

An information security manager is analyzing a risk that is believed to be severe, but lacks numerical evidence to determine the impact the risk could have on the organization. In this case the information security manager should:

A.use a qualitative method to assess the risk.

B.use a quantitative method to assess the risk.

C.put it in the priority list in order to gain time to collect more data.

D.ask management to increase staff in order to collect more evidence on severity.

Other Version: 1087ISACA.CISM.v2025-02-21.q785; 650ISACA.CISM.v2024-12-21.q371; 12787ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 103Oracle.1z0-1196-25.v2025-09-12.q18; 102NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 253CFAInstitute.ESG-Investing.v2025-09-08.q173; 238PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 666

Question 667

Question 668

Question 669

Question 670

Download PDF File