Free Access ISACA.CISM.v2025-02-21.q785 Practice Test (Page 2)

Question 1

Which of the following should be done FIRST when handling multiple confirmed incidents raised at the same time?

A.Activate the business continuity plan (BCP).

B.Update the business impact assessment.

C.Inform senior management.

D.Categorize incidents by the value of the affected asset.

Question 2

What is the PRIMARY objective of assigning classifications to information assets?

A.Maintain an accurate IT asset inventory.

B.Identify appropriate levels of protection.

C.Demonstrate compliance with regulatory requirements

D.Identify business owners and information custodians.

Question 3

Which of the following is MOST effective in preventing security weaknesses in operating systems?

A.Patch management

B.Change management

C.Security baselines

D.Configuration management

Question 4

Executive leadership becomes involved in decisions about information security governance.
Executive leadership views information security governance primarily as a concern of the information security management team. What should be an information security manager's MOST important consideration when reviewing a proposed upgrade to a business unit's production database?

A.Ensuring senior management is aware of associated risk

B.Ensuring a cost-benefit analysis is completed

C.Ensuring the application inventory is updated

D.Ensuring residual risk is within appetite

Question 5

For which of the following is it MOST important that system administrators be restricted to read- only access?

A.System logging options

B.User access log files

C.Administrator log files

D.Administrator user profiles

Other Version: 619ISACA.CISM.v2024-12-21.q371; 12695ISACA.CISM.v2022-06-26.q752; 15449ISACA.CISM.v2022-03-24.q890; 79ISACA.Prepawayete.CISM.v2021-09-22.by.maxine.303q.pdf

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 155TheSecOpsGroup.CNSP.v2025-09-08.q20; 204CFAInstitute.ESG-Investing.v2025-09-08.q173; 152PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 140Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 176Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File