Free Access ISACA.CISA.v2021-09-28.q199 Practice Test (Page 17)

Question 76

An organization's IT security policy requires annual security awareness training for all employees. Which of the following would provide the BEST evidence of the training's effectiveness?

A.Results of a social engineering lest

B.Surveys completed by randomly selected employees

C.Interviews with employees

D.Decreased calls to the incident response team

Question 77

A financial institution has a system interface that is used by its branches to obtain applicable currency exchange rates when processing transactions Which of the following should be the PRIMARY control objective for maintaining the security of the system interface?

A.Preventing unauthorized access to the data via interception

B.Ensuring the availability of the data being transferred

C.Ensuring the integrity of the data being transferred

D.Preventing unauthorized access to the data via malicious activity

Question 78

Which of the following is the MOST effective control to ensure electronic records beyond their retention periods are deleted from IT systems?

A.Build in system logic to trigger data deletion at predefined times.

B.Review the record retention register regularly to initiate data deletion.

C.Perform a sample check of current data against the retention schedule.

D.Execute all data deletions at a predefined month during the year.

Question 79

During a review of the IT strategic plan, an IS auditor finds several IT initiatives focused on delivering new systems and technology are not aligned with the organization's strategy. Which of the following would be the IS auditor's BEST recommendation?

A.Utilize a balanced scorecard to align IT initiatives to business strategies.

B.Reassess IT initiatives that do not map to business strategies.

C.Reassess the return on investment (ROI) for the IT initiatives.

D.Modify IT initiatives that do not map to business strategies.

Question 80

Which of the following should an IS auditor validate FIRST when reviewing the security of an organization's IT infrastructure as it relates to Internet of Things (loT) devices?

A.Identification and inventory of loT devices

B.Strong password protection for loT devices

C.Physical security of loT devices

D.Access control and network segmentation for loT devices

Other Version: 4551ISACA.CISA.v2025-05-24.q773; 1601ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3737ISACA.CISA.v2023-03-29.q119; 2386ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8809ISACA.CISA.v2021-10-08.q198; 12254ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 76

Question 77

Question 78

Question 79

Question 80

Download PDF File