Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 145)

Question 716

The effectiveness of an information security governance framework will BEST be enhanced if:

A.IS auditors are empowered to evaluate governance activities,

B.a culture of legal and regulatory compliance is promoted by management.

C.risk management is built into operational and strategic activities.

D.consultants review the information security governance framework

Question 717

Which of the following is the MOST important outcome of testing incident response plans?

A.Internal procedures are improved.

B.An action plan is available for senior management.

C.Areas requiring investment are identified.

D.Staff is educated about current threats.

Question 718

Senior management has approved employees working off-site by using a virtual private network (VPN) connection. It is MOST important for the information security manager to periodically:

A.perform a cost-benefit analysis

B.review firewall configuration

C.review the security policy

D.perform a risk assessment

Question 719

Which of the following is the MOST important reason for performing a risk analysis?

A.Assigning the appropriate level of protection

B.Promoting increased security awareness in the organization

C.Identifying critical information assets

D.Identifying and eliminating threats

Question 720

What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization's critical data?

A.Conduct a controls audit of the provider.

B.Initiate contract renegotiations.

C.Assess the impact of the control gap.

D.Purchase additional insurance.

Other Version: 1068ISACA.CISM.v2025-02-21.q785; 630ISACA.CISM.v2024-12-21.q371; 12771ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 157Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 716

Question 717

Question 718

Question 719

Question 720

Download PDF File