Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 148)

Question 731

Information security managers should use risk assessment techniques to:

A.justify selection of risk mitigation strategies.

B.maximize the return on investment (ROD.

C.provide documentation for auditors and regulators.

D.quantify risks that would otherwise be subjective.

Question 732

Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

A.Ask senior management to increase the acceptable risk levels.

B.Ask senior management to lower the acceptable risk levels.

C.Implement more stringent countermeasures.

D.Evaluate whether an excessive level of control is being applied.

Question 733

Which of the following is the MOST important reason to have documented security procedures and guidelines?

A.To meet regulatory compliance requirements

B.To allocate security responsibilities to staff

C.To facilitate collection of security metrics

D.To enable standard security practices

Question 734

Which of the following devices should be placed within a demilitarized zone (DMZ )?

A.Network switch

B.Web server

C.Database server

D.File/print server

Question 735

The MOST effective way to communicate the level of impact of information security risks on organizational objectives is to present

A.a risk heat map.

B.business impact analysis (BIA) results.

C.risk treatment options.

D.detailed threat analysis results.

Other Version: 1025ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15469ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 102OCEG.GRCP.v2025-09-11.q211; 102HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 731

Question 732

Question 733

Question 734

Question 735

Download PDF File