Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 27)

Question 126

The security responsibility of data custodians in an organization will include:

A.assuming overall protection of information assets.

B.determining data classification levels.

C.implementing security controls in products they install.

D.ensuring security measures are consistent with policy.

Question 127

A data loss prevention (DLP) tool has flagged personally identifiable information (Pll) during transmission.
Which of the following should the information security manager do FIRST?

A.Escalate the issue to senior management.

B.Notify authorities and the cyber insurance company

C.Disable the data loss prevention (DLP) policy.

D.Validate the scope and Impact with the business process owner.

Question 128

Risk assessment should be built into which of the following systems development phases to ensure that risks are addressed in a development project?

A.Programming

B.Specification

C.User testing

D.Feasibility

Question 129

Which of the following is the MOST effective mitigation strategy to protect confidential information from insider threats?

A.Performing an entitlement review process

B.Implementing authentication mechanism

C.Defining segregation of duties

D.Establishing authorization controls

Question 130

Which of the following is the BEST indication of information security strategy alignment with the business?

A.Percentage of corporate budget allocated to information security initiatives.

B.Number of business executives who have attended information security awareness sessions.

C.Percentage of information security incidents resolved within defined service level agreements.

D.Number of business objectives directly supported by information security initiatives.

Other Version: 1054ISACA.CISM.v2025-02-21.q785; 619ISACA.CISM.v2024-12-21.q371; 15499ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 119Oracle.1Z0-1057-23.v2025-09-10.q47; 153Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 166TheSecOpsGroup.CNSP.v2025-09-08.q20; 229CFAInstitute.ESG-Investing.v2025-09-08.q173; 176PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 152Salesforce.Data-Architect.v2025-09-05.q216; 148Adobe.AD0-E605.v2025-09-05.q50

Question 126

Question 127

Question 128

Question 129

Question 130

Download PDF File