Free Access ISACA.CISM.v2024-12-21.q371 Practice Test (Page 33)

Question 156

When a proposed system change violates an existing security standard, the conflict would be BEST resolved by:

A.calculating the residual risk.

B.enforcing the security standard.

C.implementing mitigating controls.

D.redesigning the system change.

Question 157

Which of the following would be a MAJOR consideration for an organization defining its business continuity plan (BCP) or disaster recovery program (DRP)?

A.Setting up a backup site

B.Maintaining redundant systems

C.Aligning with recovery time objectives (RTOs)

D.Data backup frequency

Question 158

An information security manager that is utilizing a public cloud is performing a root cause investigation of an incident that took place in that environment. Which of the following should be the security manager's MAIN concern?

A.Limited access to information

B.Shared infrastructure with other subscribers

C.Transaction records split into multiple cloud locations

D.Lack of security log filtering

Question 159

Which of the following is MOST important to determine before developing information security program metrics?

A.Who will own the metrics

B.How performance will be reported

C.How the data will be collected

D.Who will use the metrics

Question 160

Which of the following controls would BEST help to detect a targeted attack exploiting a zero-day vulnerability?

A.Vulnerability scanning

B.Endpoint detection and response (EDR)

C.Intrusion prevention system (IPS)

D.Extended detection and response (XDR)

Other Version: 8728ISACA.CISM.v2025-02-21.q785; 14206ISACA.CISM.v2022-06-26.q752; 17350ISACA.CISM.v2022-03-24.q890; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 277PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 389Nokia.4A0-113.v2026-05-01.q69; 423EC-COUNCIL.312-49v11.v2026-04-30.q214; 346Microsoft.MB-820.v2026-04-30.q101; 262Salesforce.MC-202.v2026-04-30.q57; 306BICSI.INSTC_V8.v2026-04-29.q53; 435NMLS.MLO.v2026-04-28.q82; 292NCARB.Project-Management.v2026-04-28.q27; 525EMC.D-AV-DY-23.v2026-04-27.q184; 1361ServiceNow.CSA.v2026-04-27.q483

Question 156

Question 157

Question 158

Question 159

Question 160

Download PDF File