Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISM

Free ISACA CISM Exam Braindumps (page: 112)

Page 86 of 430
PDF with 1716 Questions

Which of the following is the BEST reason to initiate a reassessment of current risk?

  1. Follow-up to an audit report
  2. A recent security incident
  3. Certification requirements
  4. Changes to security personnel

Answer(s): B



Before final acceptance of residual risk, what is the BEST way for an information security manager to address risk factors determined to be lower than acceptable risk levels?

  1. Evaluate whether an excessive level of control is being applied.
  2. Ask senior management to increase the acceptable risk levels.
  3. Implement more stringent countermeasures.
  4. Ask senior management to lower the acceptable risk levels.

Answer(s): A



When selecting risk response options to manage risk, an information security manager’s MAIN focus should be on reducing:

  1. exposure to meet risk tolerance levels.
  2. the likelihood of threat.
  3. financial loss by transferring risk.
  4. the number of security vulnerabilities.

Answer(s): A



Which of the following should an information security manager perform FIRST when an organization’s residual risk has increased?

  1. Implement security measures to reduce the risk.
  2. Communicate the information to senior management.
  3. Transfer the risk to third parties.
  4. Assess the business impact.

Answer(s): D






Post your Comments and Discuss ISACA CISM exam prep with other Community members:

CISM Exam Discussions & Posts