Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 145)

Question 716

A validated patch to address a new vulnerability that may affect a mission-critical server has been released.
What should be done immediately?

A.Add mitigating controls.

B.Take the server off-line and install the patch.

C.Check the server's security and install the patch.

D.Conduct an impact analysis.

Question 717

An organization has learned of a security breach at another company that utilizes similar technology. The FIRST thing the information security manager should do is:

A.assess the likelihood of incidents from the reported cause.

B.discontinue the use of the vulnerable technology.

C.report to senior management that the organization is not affected.

D.remind staff that no similar security breaches have taken place.

Question 718

Which of the following should be the PRIMARY outcome of an information security program'?

A.Threat reduction

B.Cost reduction

C.Strategic alignment

D.Risk elimination

Question 719

When a business-critical web server is compromised, the IT security department should FIRST:

A.attempt to repair any damage in order to keep the server running.

B.notify the legal department and/or regulatory officials as required.

C.advise management of the incident.

D.archive the logs as evidence.

Question 720

What is an appropriate frequency for updating operating system (OS) patches on production servers?

A.During scheduled rollouts of new applications

B.According to a fixed security patch management schedule

C.Concurrently with quarterly hardware maintenance

D.Whenever important security patches are released

Other Version: 1025ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15469ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 102OCEG.GRCP.v2025-09-11.q211; 102HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 716

Question 717

Question 718

Question 719

Question 720

Download PDF File