Free Access ISACA.CISM.v2024-12-21.q371 Practice Test (Page 32)

Question 151

When is the BEST time to identify the potential regulatory risk a new service provider presents to the organization?

A.During due diligence

B.During contract negotiations

C.During integration planning

D.During business case analysis

Question 152

Which of the following BEST demonstrates alignment between information security governance and corporate governance?

A.Average number of security incidents across business units

B.Security project justifications provided in terms of business value

C.Number of vulnerabilities identified for high-risk information assets

D.Mean time to resolution for enterprise-wide security incidents

Question 153

Which of the following is MOST important to have in place for an organization's information security program to be effective?

A.Documented information security processes

B.Senior management support

C.Defined and allocated budget

D.A comprehensive IT strategy

Question 154

An IS manager has decided to implement a security system to monitor access to the Internet and prevent access to numerous sites. Immediately upon installation, employees Hood the IT helpdesk with complaints of being unable to perform business functions on Internet sites. This is an example of:

A.conflicting security controls with organizational needs.

B.strong protection of information resources.

C.implementing appropriate controls to reduce risk.

D.proving information security's protective abilities.

Question 155

Which of the following metrics would provide management with the MOST useful information about the effectiveness of a security awareness program?

A.Decreased number of phishing attacks

B.Decreased number of security incidents

C.Increased number of downloads of the organization's security policy

D.Increased number of reported security incidents

Other Version: 8724ISACA.CISM.v2025-02-21.q785; 14204ISACA.CISM.v2022-06-26.q752; 17332ISACA.CISM.v2022-03-24.q890; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 277PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 389Nokia.4A0-113.v2026-05-01.q69; 423EC-COUNCIL.312-49v11.v2026-04-30.q214; 341Microsoft.MB-820.v2026-04-30.q101; 262Salesforce.MC-202.v2026-04-30.q57; 306BICSI.INSTC_V8.v2026-04-29.q53; 433NMLS.MLO.v2026-04-28.q82; 291NCARB.Project-Management.v2026-04-28.q27; 521EMC.D-AV-DY-23.v2026-04-27.q184; 1359ServiceNow.CSA.v2026-04-27.q483

Question 151

Question 152

Question 153

Question 154

Question 155

Download PDF File