CISM Question #833: Real Exam Question with Answer & Explanation

The correct answer is C: Perform a vulnerably assessment. A vulnerability assessment is the best way to verify that identified weaknesses have been addressed because it systematically re-scans and validates whether the specific vulnerabilities and related exposures are no longer present after remediation or mitigation.

Submitted by kavita_s· Apr 18, 2026Information Security Risk Management

Question

An organization has implemented controls to mitigate risks resulting from identified vulnerabilities in an application. Which of the following is the BEST way to very all weaknesses have been addressed?

Options

APrepare compensating controls.
BConduit an internal audit.
CPerform a vulnerably assessment
DConduct penetration testing

Explanation

A vulnerability assessment is the best way to verify that identified weaknesses have been addressed because it systematically re-scans and validates whether the specific vulnerabilities and related exposures are no longer present after remediation or mitigation.

Topics

#Vulnerability Assessment#Security Testing#Control Validation#Risk Mitigation

Community Discussion

No community discussion yet for this question.

Full CISM Practice Browse All CISM Questions