Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 6)

Question 21

Which of the following has the highest priority when defining an emergency response plan?

A.Critical data

B.Critical infrastructure

C.Safety of personnel

D.Vital records

Question 22

What is the BEST course of action when an information security manager finds an external service provider has not implemented adequate controls for safeguarding the organization's critical data?

A.Assess the impact of the control gap.

B.Initiate contract renegotiations.

C.Purchase additional insurance.

D.Conduct a controls audit of the provider.

Question 23

Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?

A.Integration of assurance efforts

B.Documentation of control procedures

C.Automation of controls

D.Standardization of compliance requirements

Question 24

The chief information security officer (ClSO) has developed an information security strategy, but is struggling to obtain senior management commitment for funds to implement the strategy Which of the following is the MOST likely reason?

A.The C1SO reports to the CIO.

B.There was a lack of engagement with the business during development.

C.The strategy does not include a cost-benefit analysis

D.The strategy does not comply with security standards

Question 25

Which of the following BEST ensures that modifications made to in-house developed business applications do not introduce new security exposures?

A.Stress testing

B.Patch management

C.Change management

D.Security baselines

Other Version: 1009ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 12706ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 162TheSecOpsGroup.CNSP.v2025-09-08.q20; 220CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 183Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File