Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 124)

Question 611

Which of the following is the MOST important consideration for designing an effective information security governance framework?

A.Continuous audit cycle

B.Security pokey provisions

C.Security controls automation

D.Defined metrics

Question 612

In the process of deploying a new e-mail system, an information security manager would like to ensure the confidentiality of messages while in transit. Which of the following is the MOST appropriate method to ensure data confidentiality in a new e-mail system implementation?

A.Encryption

B.Digital certificate

C.Digital signature

D.I lashing algorithm

Question 613

When aligning an organization's information security program with other risk and control activities, it is MOST important to:

A.have information security management report to the chief risk officer.

B.ensure adequate financial resources are available.

C.develop an information security governance framework.

D.integrate security within the system development life cycle.

Question 614

Which of the following metrics would BEST determine the effectiveness of an application security testing program?

A.Number of security defects discovered in development versus production

B.Number of detected security defects per thousand lines of code

C.Average time to release code into production

D.Average time to fix each discovered security defect

Question 615

Which of the following is the PRIMARY reason to conduct periodic business impact assessments?

A.Update recovery objectives based on new risks.

B.Improve the results of last business impact assessment (BIA).

C.Meet the needs of the business continuity policy.

D.Decrease the recovery times.

Other Version: 1054ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15499ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 229CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 611

Question 612

Question 613

Question 614

Question 615

Download PDF File