Instant Access ISACA.CISM.v2022-07-24.q824 Actual Practice Test Engine for Free (Page 16)

Question 71

An information security manager is asked to provide evidence that the organization is fulfilling its legal obligation to protect personal identifiable information (Pll). Which of the f<

A.Risk assessments of privacy-related applications
B.Written policies and standards
C.Metrics related to program effectiveness
D.Privacy awareness training

Question 72

Which of the following is the BEST method to protect consumer private information for an online public website?

A.Encrypt consumer's data in transit and at rest.
B.Apply a masking policy to the consumer data.
C.Use secure encrypted transport layer.
D.Apply strong authentication to online accounts.

Question 73

One way to determine control effectiveness is by determining:

A.whether it is preventive, detective or compensatory.
B.the capability of providing notification of failure.
C.the test results of intended objectives.
D.the evaluation and analysis of reliability.

Question 74

Quantitative risk analysis is MOST appropriate when assessment data:

A.include customer perceptions.
B.contain percentage estimates.
C.do not contain specific details.
D.contain subjective information.

Question 75

After adopting an information security framework, an information security manager is working with senior management to change the organization-wide perception that information security is solely the responsibility of the information security department. To achieve this objective, what should be the information security manager's FIRST initiative?

A.Document and publish the responsibilities of the information security department
B.Implement a formal process to conduct periodic compliance reviews.
C.Develop an operational plan providing best practices for information security projects.
D.Develop an information security awareness campaign with senior managements support.

Question 71

Question 72

Question 73

Question 74

Question 75

Download PDF File