Free Access ISACA.CISM.v2024-12-21.q371 Practice Test (Page 53)

Question 256

An executive's personal mobile device used for business purposes is reported lost. The information security manager should respond based on:

A.the business impact analysis (BIA),

B.incident classification.

C.the acceptable use policy.

D.asset management guidelines.

Question 257

An organization engages 4 third-party vendor to monitor and support a financial application under scrutiny by regulators. Maintaining strict data integrity and confidentiality for this application is critical to the business. Which of the following controls would MOST effectively manage risk to the organization?

A.Activating access and data logging

B.Disabling vendor access and only re-enabling when access is needed

C.Implementing periodic access reviews of vendor employees

D.Implementing segregation of duties between systems and data

Question 258

Which of the following is MOST important to include in an incident response plan to ensure incidents are responded to by the appropriate individuals?

A.Skills required for the incident response team

B.A detailed incident notification process

C.Service level agreements (SLAs)

D.A list of external resources to assist with incidents

Question 259

Which of the following controls would BEST prevent accidental system shutdown from the console or operations area?

A.Redundant power supplies

B.Protective switch covers

C.Shutdown alarms

D.Biometric readers

Question 260

The MOST important reason for conducting periodic risk assessments is because:

A.risk assessments are not always precise.

B.security risks are subject to frequent change.

C.reviewers can optimize and reduce the cost of controls.

D.it demonstrates to senior management that the security function can add value.

Other Version: 8745ISACA.CISM.v2025-02-21.q785; 14216ISACA.CISM.v2022-06-26.q752; 17396ISACA.CISM.v2022-03-24.q890; 83ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 282PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 412Nokia.4A0-113.v2026-05-01.q69; 439EC-COUNCIL.312-49v11.v2026-04-30.q214; 403Microsoft.MB-820.v2026-04-30.q101; 274Salesforce.MC-202.v2026-04-30.q57; 322BICSI.INSTC_V8.v2026-04-29.q53; 457NMLS.MLO.v2026-04-28.q82; 299NCARB.Project-Management.v2026-04-28.q27; 546EMC.D-AV-DY-23.v2026-04-27.q184; 1388ServiceNow.CSA.v2026-04-27.q483

Question 256

Question 257

Question 258

Question 259

Question 260

Download PDF File