Free Access ISACA.CISA.v2021-09-11.q201 Practice Test (Page 6)

Question 21

A senior auditor is reviewing work papers prepared by a junior auditor indicating that a finding was removed after the auditee said they corrected the problem. Which of the following is the senior auditor's MOST appropriate course of action?

A.Refer the issue to the audit director

B.Have the finding reinstated

C.Approve the work papers as written

D.Ask the auditee to retest

Question 22

An IS auditor is assessing an organization's data loss prevention (DLP) solution for protecting intellectual property from insider theft. Which of the following would the auditor consider MOST important for effective data protection?

A.Encryption of data copied to flash drives

B.Creation of DLP policies and procedures

C.Identification and classification of sensitive data

D.Employee training on information handling

Question 23

An IS auditor is reviewing the implementation of an international quality management standard Which of the following provides the BEST evidence that quality management objectives have been achieved?

A.Reduction in risk profile

B.Measurable processes

C.Enhanced compliance with laws and regulations

D.Quality assurance (QA) documentation

Question 24

An IS auditor notes that help desk personnel are required to make critical decisions during major service disruptions. Which of the following is the auditor's BEST recommendation to address this situation?

A.Establish shared responsibility among business peers.

B.Provide historical incident response information for the help desk

C.Implement an incident response plan

D.Introduce classification of disruptions by risk category.

Question 25

Which of the following issues identified during a postmortem analysis of the IT security incident response process should be of GREATEST concern?

A.The incident response team did not initiate actions to limit the impact of the incident

B.The root cause of the incident was not properly identified and documented

C.The incident was caused by an attacker that exploited a zero-day vulnerability.

D.Incident response team members' contact details were not up to date.

Other Version: 4516ISACA.CISA.v2025-05-24.q773; 1564ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3714ISACA.CISA.v2023-03-29.q119; 2375ISACA.CISA.v2023-02-09.q181; 1485ISACA.CISA.v2023-02-06.q107; 3032ISACA.CISA.v2022-08-28.q129; 4197ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5590ISACA.CISA.v2021-11-11.q194; 8785ISACA.CISA.v2021-10-08.q198; 9762ISACA.CISA.v2021-09-28.q199

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 155TheSecOpsGroup.CNSP.v2025-09-08.q20; 204CFAInstitute.ESG-Investing.v2025-09-08.q173; 152PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 140Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 176Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File