Free Access ISACA.CISA.v2021-09-11.q201 Practice Test (Page 2)

Question 1

Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (IDSs)?

A.An increase in the number of detected incidents not previously identified

B.An increase in the number of unfamiliar sources of intruders

C.An increase in the number of identified false positives

D.An increase in the number of internally reported critical incidents

Question 2

Which of the following factors constitutes a strength in regard to the use of a disaster recovery planning reciprocal agreement?

A.The two companies might share a need for a specialized piece of equipment

B.A disaster could occur that would affect both companies.

C.Changes to the hardware or software environment by one company could make the agreement ineffective or obsolete.

D.Reciprocal agreements may not be formally established in a contract.

Question 3

An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing.
Which of the following is the auditor's BEST course of action?

A.Notify the service provider of the discrepancies.

B.Recommend replacement of the service provider

C.Report the risk to internal management

D.Recommend the service provider update their policy

Question 4

In a situation where the recovery point objective (RPO) is 0 for an online transaction processing system, which of the following is MOST important for an IS auditor to verify?

A.Synchronous data mirroring is implemented between the data centers

B.Daily backups are created and backup media are verified

C.IT is able to recover system functionality in the shortest possible time frame

D.The application has a clustered architecture to ensure high availability

Question 5

An IS auditor is reviewing an industrial control system (ICS) that uses older unsupported technology in the scope of an upcoming audit. What should the auditor consider the MOST significant concern?

A.There is a greater risk of system exploitation.

B.Attack vectors are evolving for industrial control systems.

C.Disaster recovery plans (DRPs) are not in place.

D.Technical specifications are not documented.

Other Version: 4514ISACA.CISA.v2025-05-24.q773; 1564ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3713ISACA.CISA.v2023-03-29.q119; 2364ISACA.CISA.v2023-02-09.q181; 1473ISACA.CISA.v2023-02-06.q107; 3024ISACA.CISA.v2022-08-28.q129; 4186ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5584ISACA.CISA.v2021-11-11.q194; 8785ISACA.CISA.v2021-10-08.q198; 9762ISACA.CISA.v2021-09-28.q199

Latest Upload: 105Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 130SAP.C-S4EWM-2023.v2025-09-08.q83; 148TheSecOpsGroup.CNSP.v2025-09-08.q20; 190CFAInstitute.ESG-Investing.v2025-09-08.q173; 148PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 139Salesforce.Data-Architect.v2025-09-05.q216; 133Adobe.AD0-E605.v2025-09-05.q50; 173Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 113Oracle.1z0-591.v2025-09-05.q104

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File