Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 175)

Question 866

When outsourcing application development to a third party, which of the following is the BEST way to ensure the organization's security requirements are met?

A.Require the third-party provider to document its security methodology.

B.Perform independent security testing of the developed applications

C.Provide training in secure application coding to the third-party staff.

D.Include a right to audit the system development lifecycle in the contract.

Question 867

The BEST time to ensure that a corporation acquires secure software products when outsourcing software development is during:

A.corporate security reviews.

B.contract performance audits.

C.contract negotiation.

D.security policy development.

Question 868

Who should drive the risk analysis for an organization?

A.Senior management

B.Security manager

C.Quality manager

D.Legal department

Question 869

The BEST approach in managing a security incident involving a successful penetration should be to:

A.allow business processes to continue during the response.

B.allow the security team to assess the attack profile.

C.permit the incident to continue to trace the source.

D.examine the incident response process for deficiencies.

Question 870

The MAIN reason for continuous monitoring of a security strategy is to:

A.allocate funds for information security

B.confirm benefits are being realized.

C.evaluate the implementation of the strategy.

D.optimize resource allocation.

Other Version: 1012ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 12706ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 866

Question 867

Question 868

Question 869

Question 870

Download PDF File