Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 33)

Question 156

Which of the following is a MAIN security challenge when conducting a post-incident review related to bring your own device (BYOD) in a mature, diverse organization?

A.Ability to obtain possession of device

B.Lack of mobile forensics expertise

C.Diversity of operating systems

D.Ability to access device remotely

Question 157

When developing an information security strategy, the MOST important requirement is that:

A.a schedule is developed to achieve objectives.

B.the desired outcome is known.

C.critical success factors (CSFs) are developed.

D.standards capture the intent of management.

Question 158

Good information security procedures should:

A.define the allowable limits of behavior.

B.underline the importance of security governance.

C.describe security baselines for each platform.

D.be updated frequently as new software is released.

Question 159

An operating system (OS) noncritical patch to enhance system security cannot be applied because a critical application is not compatible with the change. Which of the following is the BEST solution?

A.Rewrite the application to conform to the upgraded operating system

B.Compensate for not installing the patch with mitigating controls

C.Alter the patch to allow the application to run in a privileged state

D.Run the application on a test platform; tune production to allow patch and application

Question 160

An organization determines that an end-user has clicked on a malicious link. Which of the following would MOST effectively prevent similar situations from recurring?

A.End-user training

B.Virus protection

C.End-user access control

D.Updated security policies

Other Version: 1068ISACA.CISM.v2025-02-21.q785; 630ISACA.CISM.v2024-12-21.q371; 12770ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 157Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 156

Question 157

Question 158

Question 159

Question 160

Download PDF File