Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISM

Free ISACA CISM Exam Braindumps (page: 84)

Page 84 of 430
PDF with 1716 Questions

When the inherent risk of a business activity is lower than the acceptable risk level, the BEST course of action would be to:

  1. monitor for business changes
  2. review the residual risk level
  3. report compliance to management
  4. implement controls to mitigate the risk

Answer(s): B



Which of the following would be MOST useful in a report to senior management for evaluating changes in the organization’s information security risk position?

  1. Risk register
  2. Trend analysis
  3. Industry benchmarks
  4. Management action plan

Answer(s): A



An information security manager is preparing a presentation to obtain support for a security initiative. Which of the following would be the BEST way to obtain management’s commitment for the initiative?

  1. Include historical data of reported incidents
  2. Provide the estimated return on investment
  3. Provide an analysis of current risk exposures
  4. Include industry benchmarking comparisons

Answer(s): C



Which of the following is the MOST significant security risk in IT asset management?

  1. IT assets may be used by staff for private purposes
  2. Unregistered IT assets may not be supported
  3. Unregistered IT assets may not be included in security documentation
  4. Unregistered IT assets may not be configured properly

Answer(s): A






Post your Comments and Discuss ISACA CISM exam prep with other Community members:

CISM Exam Discussions & Posts