Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 26)

Question 121

A data-hosting organization's data center houses servers, applications, and data for a large number of geographically dispersed customers. Which of the following strategies would be the BEST approach for developing a physical access control policy for the organization?

A.Design single sign-on or federated access

B.Review customers' security policies

C.Develop access control requirements for each system and application

D.Conduct a risk assessment to determine security risks and mitigating controls

Question 122

Of the following, who should have responsibility for assessing the security risk associated with an outsourced cloud provider contract?

A.Information security manager

B.Service delivery manager

C.Compliance manager

D.Chief information officer

Question 123

An intrusion detection system should be placed:

A.outside the firewall.

B.on the firewall server.

C.on a screened subnet.

D.on the external router.

Question 124

When developing a new application, which of the following is the BEST approach to ensure compliance with security requirements?

A.Perform a security gap analysis.

B.Adhere to change management processes.

C.Prepare detailed acceptance criteria

D.Provide security training for developers.

Question 125

Data owners must provide a safe and secure environment to ensure confidentiality, integrity and availability of the transaction. This is an example of an information security:

A.baseline.

B.strategy.

C.procedure.

D.policy.

Other Version: 1042ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15491ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 173PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 147Adobe.AD0-E605.v2025-09-05.q50

Question 121

Question 122

Question 123

Question 124

Question 125

Download PDF File