Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 151)

Question 746

An organization has contracted with an outsourcing company to address a security gap. Which of the following is the BEST way to determine if the security gap has been addressed?

A.Service level agreement (SLA)

B.Security audit

C.Vulnerability scan

D.Security risk assessment

Question 747

An information security manager suspects that the organization has suffered a ransomware attack. What should be done FIRST

A.Confirm the infection.

B.Isolate the affected systems.

C.Alert employees to the attack.

D.Notify senior management

Question 748

Which of the following threats is prevented by using token-based authentication?

A.Password sniffing attack on the network

B.Denial of service attack over the network

C.Main-in-the middle attack on the client

D.Session eavesdropping attack on the network

Question 749

The MAIN reason for an information security manager to monitor industry level changes in the business and IT is to:

A.evaluate the effect of the changes on the levels of residual risk.

B.identify changes in the risk environment.

C.update information security policies in accordance with the changes.

D.change business objectives based on potential impact.

Question 750

An information security manager learns of a new international standard related to information security. Which of the following would be the BEST course of action?

A.Consult with legal counsel on the standard's applicability to regulations

B.Perform a gap analysis between the new standard and existing practices.

C.Determine whether the organization can benefit from adopting the new standard.

D.Review industry peers responses to the new standard.

Other Version: 1059ISACA.CISM.v2025-02-21.q785; 620ISACA.CISM.v2024-12-21.q371; 12757ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 120Oracle.1Z0-1057-23.v2025-09-10.q47; 156Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 170TheSecOpsGroup.CNSP.v2025-09-08.q20; 237CFAInstitute.ESG-Investing.v2025-09-08.q173; 220PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 155Salesforce.Data-Architect.v2025-09-05.q216; 149Adobe.AD0-E605.v2025-09-05.q50

Question 746

Question 747

Question 748

Question 749

Question 750

Download PDF File