Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 129)

Question 636

During a security assessment, an information security manager finds a number of security patches were not installed on a server hosting a critical business application. The application owner did not approve the patch installation to avoid interrupting the application. Which of the following should be the information security manager's FIRST course of action?

A.Report the risk to the information security steering committee.

B.Communicate the potential impact to the application owner.

C.Determine mitigation options with IT management

D.Escalate the risk to senior management.

Question 637

Which of the following is MOST important when carrying out a forensic examination of a laptop to determine an employee s involvement in a fraud?

A.The laptop should not be removed from the company premises.

B.An HR representative should be present during the laptop examination.

C.The employee's network access should be suspended.

D.The investigation should be conducted on an image of the original disk drive.

Question 638

Which of the following is MOST essential for a risk management program to be effective?

A.Flexible security budget

B.Sound risk baseline

C.New risks detection

D.Accurate risk reporting

Question 639

Which of the following is a PRIMARY responsibility of an information security governance committee?

A.Analyzing information security policy compliance reviews

B.Approving the purchase of information security technologies

C.Reviewing the information security strategy

D.Approving the information security awareness training strategy

Question 640

Which of the following is the BEST

A.Provisioning users to access the operating system

B.Managing user profiles for accessing the operating system

C.Logging unauthorized access to the operating system

D.Approving standards for accessing the operating system

Other Version: 1042ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15491ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 173PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 147Adobe.AD0-E605.v2025-09-05.q50

Question 636

Question 637

Question 638

Question 639

Question 640

Download PDF File