Free Access ISACA.CISM.v2022-03-24.q890 Practice Test (Page 64)

Question 311

An online banking institution is concerned that the breach of customer personal information will have a significant financial impact due to the need to notify and compensate customers whose personal information may have been compromised. The institution determines that residual risk will always be too high and decides to:

A.mitigate the impact by purchasing insurance.

B.implement a circuit-level firewall to protect the network.

C.increase the resiliency of security measures in place.

D.implement a real-time intrusion detection system.

Question 312

The PRIMARY purpose of implementing information security governance metrics is to:

A.measure alignment with best practices.

B.assess operational and program metrics.

C.refine control operations,

D.guide security towards the desired state.

Question 313

Which of the following is the BEST method to protect against emerging advanced persistent threat (APT) actors?

A.Updating information security awareness materials

B.Implementing a honeypot environment

C.Providing ongoing training to the incident response team

D.Implementing proactive systems monitoring

Question 314

A semi-annual disaster recovery test has been completed. Which of the following issues discussed during the lessons learned phase should be of GREATEST concern?

A.Some restored systems were not listed in the DNS table of the DR subnet

B.Poor network performance was reported during recovery

C.A server used in recovery did not have the latest security patches

D.Application testing was completed by system administrators

Question 315

Which of the following is the BEST way to align security and business strategies?

A.Integrate information security governance into corporate governance.

B.Develop a balanced scorecard for security.

C.Include security risk as part of corporate risk management.

D.Establish key performance indicators (KPIs) for business through security processes.

Other Version: 1113ISACA.CISM.v2025-02-21.q785; 659ISACA.CISM.v2024-12-21.q371; 12811ISACA.CISM.v2022-06-26.q752; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 111Oracle.1z0-1196-25.v2025-09-12.q18; 110NetworkAppliance.NS0-162.v2025-09-12.q86; 151OCEG.GRCP.v2025-09-11.q211; 110HP.HPE0-V27.v2025-09-11.q78; 126Oracle.1Z0-1057-23.v2025-09-10.q47; 169Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 140SAP.C-S4EWM-2023.v2025-09-08.q83; 186TheSecOpsGroup.CNSP.v2025-09-08.q20; 282CFAInstitute.ESG-Investing.v2025-09-08.q173; 264PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 311

Question 312

Question 313

Question 314

Question 315

Download PDF File