ISACA Certified Information Security Manager CISM Dumps in PDF

Free ISACA CISM Real Questions (page: 44)

A legacy application does not comply with new regulatory requirements to encrypt sensitive data at rest, and remediating this issue would require significant investment. What should the information security manager do FIRST?

  1. Investigate alternative options to remediate the noncompliance.
  2. Assess the business impact to the organization.
  3. Present the noncompliance risk to senior management.
  4. Determine the cost to remediate the noncompliance.

Answer(s): B



During the establishment of a service level agreement (SLA) with a cloud service provider, it is MOST
important for the information security manager to:

  1. update the security policy to reflect the provider's terms of service.
  2. ensure security requirements are contractually enforceable.
  3. set up proper communication paths with the provider.
  4. understand the cloud storage architecture in use to determine security risk.

Answer(s): B



An outsourced vendor handles an organization's business-critical data.

Which of the following is the MOST effective way for the client organization to obtain assurance of the vendor's security practices?

  1. Verifying security certifications held by the vendor
  2. Reviewing the vendor's security audit reports
  3. Requiring periodic independent third-party reviews
  4. Requiring business continuity plans (BCPs) from the vendor

Answer(s): C



Which of the following is MOST important when carrying out a forensic examination of a laptop to determine an employee's involvement in a fraud?

  1. The employee's network access should be suspended.
  2. The laptop should not be removed from the company premises.
  3. An HR representative should be present during the laptop examination.
  4. The investigation should be conducted on an image of the original disk drive.

Answer(s): D



Which of the following is a PRIMARY responsibility of an information security steering committee?

  1. Reviewing the information security strategy
  2. Approving the information security awareness training strategy
  3. Analyzing information security policy compliance reviews
  4. Approving the purchase of information security technologies

Answer(s): A



Share your comments for ISACA CISM exam with other users:

W
Whizzle
7/24/2023 6:19:00 AM

q26 should be b

S
sarra
1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.

D
DBS
5/14/2023 12:56:00 PM

need to attend this

D
Da_costa
8/1/2023 5:28:00 PM

these are free brain dumps i understand, how can one get free pdf

V
vikas
10/28/2023 6:57:00 AM

provide access

A
Abdullah
9/29/2023 2:06:00 AM

good morning

R
Raj
6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys

M
Miguel
10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5

H
Hiren Ladva
7/8/2023 10:34:00 PM

yes i m prepared exam

O
oliverjames
10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!

B
Bhuddhiman
7/20/2023 11:52:00 AM

great course

A
Anuj
1/14/2024 4:07:00 PM

very good question

S
Saravana Kumar TS
12/8/2023 9:49:00 AM

question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.

L
Lue
3/30/2023 11:43:00 PM

highly recommend just passed my exam.

D
DC
1/7/2024 10:17:00 AM

great practice! thanks

A
Anonymus
11/9/2023 5:41:00 AM

anyone who wrote this exam recently?

K
Khalid Javid
11/17/2023 3:46:00 PM

kindly share the dump

N
Na
8/9/2023 8:39:00 AM

could you please upload cfe fraud prevention and deterrence questions? it will be very much helpful.

S
shime
10/23/2023 10:03:00 AM

this is really very very helpful for mcd level 1

V
Vnu
6/3/2023 2:39:00 AM

very helpful!

S
Steve
8/17/2023 2:19:00 PM

question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod

R
RITEISH
12/24/2023 4:33:00 AM

thanks for the exact solution

S
SB
10/15/2023 7:58:00 AM

need to refer the questions and have to give the exam

M
Mike Derfalem
7/16/2023 7:59:00 PM

i need it right now if it was possible please

I
Isak
7/6/2023 3:21:00 AM

i need it very much please share it in the fastest time.

M
Maria
6/23/2023 11:40:00 AM

correct answer is d for student.java program

N
Nagendra Pedipina
7/12/2023 9:10:00 AM

q:37 c is correct

J
John
9/16/2023 9:37:00 PM

q6 exam topic: terramearth, c: correct answer: copy 1petabyte to encrypted usb device ???

S
SAM
12/4/2023 12:56:00 AM

explained answers

A
Andy
12/26/2023 9:35:00 PM

plan to take theaws certified developer - associate dva-c02 in the next few weeks

S
siva
5/17/2023 12:32:00 AM

very helpfull

M
mouna
9/27/2023 8:53:00 AM

good questions

B
Bhavya
9/12/2023 7:18:00 AM

help to practice csa exam

M
Malik
9/28/2023 1:09:00 PM

nice tip and well documented

AI Tutor 👋 I’m here to help!