Free Access ISACA.CISM.v2025-02-21.q785 Practice Test (Page 115)

Question 566

Which of the following characteristics is MOST important when looking at prospective candidates for the role of chief information security officer (CISO)?

A.Knowledge of information technology platforms, networks and development methodologies

B.Ability to understand and map organizational needs to security technologies

C.Knowledge of the regulatory environment and project management techniques

D.Ability to manage a diverse group of individuals and resources across an organization

Question 567

Which of the following is the MOST important risk associated with middleware in a client-server environment?

A.Server patching may be prevented

B.System backups may be incomplete

C.System integrity may be affected

D.End-user sessions may be hijacked

Question 568

Following a recent acquisition, an information security manager has been requested to address the outstanding risk reported early in the acquisition process. Which of the following would be the manager's BEST course of action?

A.Re-assess the outstanding risk of the acquired company.

B.Perform a vulnerability assessment of the acquired company's infrastructure.

C.Re-evaluate the risk treatment plan for the outstanding risk.

D.Add the outstanding risk to the acquiring organization's risk registry.

Question 569

Shortly after installation, an intrusion detection system (IDS) reports a violation. Which of the following is the MOST likely explanation?

A.A routine IDS log file upload has occurred,

B.An intrusion has occurred-

C.A routine IDS signature file download has occurred.

D.The violation is a false positive.

Question 570

Deciding the level of protection a particular asset should be given in BEST determined by:

A.a threat assessment.

B.a vulnerability assessment.

C.a risk analysis.

D.the corporate risk appetite.

Other Version: 650ISACA.CISM.v2024-12-21.q371; 12789ISACA.CISM.v2022-06-26.q752; 15535ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 103Oracle.1z0-1196-25.v2025-09-12.q18; 103NetworkAppliance.NS0-162.v2025-09-12.q86; 144OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 180TheSecOpsGroup.CNSP.v2025-09-08.q20; 254CFAInstitute.ESG-Investing.v2025-09-08.q173; 238PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 566

Question 567

Question 568

Question 569

Question 570

Download PDF File