ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISM All Questions

View all questions & answers for the CISM exam
Go to Exam

Exam CISM topic 1 question 1050 discussion

Actual exam question from Isaca's CISM
Question #: 1050
Topic #: 1
[All CISM Questions]

A situation where an organization has unpatched IT systems in violation of the patching policy should be treated as:

  • A. an increased threat profile.
  • B. a vulnerability management failure.
  • C. an increased risk profile.
  • D. a security control failure.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ssdny at March 22, 2024, 3:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SHERLOCKAWS
1 month ago
Selected Answer: D
D seems best answer here because the patching policy is a control >> It was not followed or enforced >> so the control failed. Yes yes, the risk has increased. But this is a result of the problem, not the core issue itself.
upvoted 2 times
...
oluchecpoint
6 months, 1 week ago
Selected Answer: C
C. an increased risk profile An unpatched server increases the risk in the environment
upvoted 2 times
...
bronay
6 months, 1 week ago
Selected Answer: B
B. Vulnerability management failure
upvoted 2 times
...
ssdny
7 months, 2 weeks ago
Selected Answer: C
Rist Profile = type and amount of risk
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago