Free Access ISACA.CISM.v2022-06-26.q752 Practice Test (Page 31)

Question 146

Reevaluation of risk is MOST critical when there is:

A.resistance to the implementation of mitigating controls.

B.a change in the threat landscape.

C.a change in security policy.

D.a management request for updated security reports.

Question 147

An information security manager is assisting in the development of the request for proposal (RFP) for a new outsourced service. This will require the third party to have access to critical business information. The security manager should focus PRIMARILY on defining:

A.risk-reporting methodologies

B.service level agreements (SLAs)

C.security metrics

D.security requirements for the process being outsourced

Question 148

Which of the following is the MOST effective solution for preventing internal users from modifying sensitive and classified information?

A.Baseline security standards

B.System access violation logs

C.Role-based access controls

D.Exit routines

Question 149

In the course of examining a computer system for forensic evidence, data on the suspect media were inadvertently altered. Which of the following should have been the FIRST course of action in the investigative process?

A.Perform a backup of the suspect media to new media.

B.Perform a bit-by-bit image of the original media source onto new media.

C.Make a copy of all files that are relevant to the investigation.

D.Run an error-checking program on all logical drives to ensure that there are no disk errors.

Question 150

For a business operating in a competitive and evolving online market, it is MOST important for a security policy to focus on:

A.defining policies for new technologies.

B.enabling adoption of new technologies.

C.requiring accreditation for new technologies.

D.managing risks of new technologies.

Other Version: 1064ISACA.CISM.v2025-02-21.q785; 620ISACA.CISM.v2024-12-21.q371; 15508ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 120Oracle.1Z0-1057-23.v2025-09-10.q47; 156Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 237CFAInstitute.ESG-Investing.v2025-09-08.q173; 220PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 155Salesforce.Data-Architect.v2025-09-05.q216; 149Adobe.AD0-E605.v2025-09-05.q50

Question 146

Question 147

Question 148

Question 149

Question 150

Download PDF File