Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 169)

Question 836

An information security manager is advised by contacts in law enforcement that there is evidence that his/ her company is being targeted by a skilled gang of hackers known to use a variety of techniques, including social engineering and network penetration. The FIRST step that the security manager should take is to:

A.perform a comprehensive assessment of the organization's exposure to the hacker's techniques.

B.initiate awareness training to counter social engineering.

C.immediately advise senior management of the elevated risk.

D.increase monitoring activities to provide early detection of intrusion.

Question 837

Which of the following is the MOST important consideration when securing customer credit card data acquired by a point-of-sale (POS) cash register?

A.Authentication

B.Hardening

C.Encryption

D.Nonrepudiation

Question 838

The PRIMARY purpose of aligning information security with corporate governance objectives is to:

A.identity an organization s tolerance for risk

B.build capabilities to improve security processes

C.re-align roles and responsibilities.

D.consistently manage significant areas of risk.

Question 839

Which of the following would provide the BEST evidence to senior management that security control performance has improved?

A.Reduction in inherent risk

B.Demonstrated return on security investment

C.Review of security metrics trends

D.Results of an emerging threat analysis

Question 840

An internal audit has found that critical patches were not implemented within the timeline established by policy without a valid reason. Which of the following is the BEST course of action to address the audit findings?

A.Perform regular audits on the implementation of critical patches.

B.Evaluate patch management training.

C.Assess the patch management process.

D.Monitor and notify IT staff of critical patches.

Other Version: 1027ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 12720ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 836

Question 837

Question 838

Question 839

Question 840

Download PDF File