Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 118)

Question 581

An organization has learned of a security breach at another company that utilizes similar technology. The FIRST thing the information security manager should do is:

A.assess the likelihood of incidents from the reported cause.

B.discontinue the use of the vulnerable technology.

C.report to senior management that the organization is not affected.

D.remind staff that no similar security breaches have taken place.

Question 582

Which of the following BEST reduces the likelihood of leakage of private information via email?

A.Strong user authentication protocols

B.Email encryption

C.User awareness training

D.Prohibition on the personal use of email

Question 583

An organization has decided to implement a security information and event management (SIEM) system. It is MOST important for the organization to consider:

A.industry best practices.

B.data ownership.

C.log sources.

D.threat assessments.

Question 584

When evaluating vendors for sensitive data processing, which of the following should be the FIRST step to ensure the correct level of information security is provided?

A.Include information security clauses in the vendor contract.

B.Review third-party reports of potential vendors.

C.Include information security criteria as part of vendor selection.

D.Develop metrics for vendor performance.

Question 585

Risk identification, analysis, and mitigation activities can BCST be integrated into business life cycle processes by linking them to:

A.continuity planning

B.compliance testing

C.change management

D.configuration management.

Other Version: 1064ISACA.CISM.v2025-02-21.q785; 620ISACA.CISM.v2024-12-21.q371; 15508ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 120Oracle.1Z0-1057-23.v2025-09-10.q47; 156Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 237CFAInstitute.ESG-Investing.v2025-09-08.q173; 220PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 155Salesforce.Data-Architect.v2025-09-05.q216; 149Adobe.AD0-E605.v2025-09-05.q50

Question 581

Question 582

Question 583

Question 584

Question 585

Download PDF File