Free Access ISACA.CISA.v2021-09-28.q199 Practice Test (Page 23)

Question 106

When evaluating the recent implementation of an intrusion detection system (IDS), an IS auditor should be MOST concerned with inappropriate:

A.encryption

B.training

C.patching

D.tuning

Question 107

An IS auditor notes that help desk personnel are required to make critical decisions during major service disruptions. Which of the following is the auditor's BEST recommendation to address this situation?

A.Implement an incident response plan

B.Provide historical incident response information for the help desk

C.Introduce classification of disruptions by risk category.

D.Establish shared responsibility among business peers.

Question 108

Which of the following is the BEST way to minimize the impact of a ransomware attack?

A.Maintain a regular schedule for patch updates.

B.Perform more frequent system backups.

C.Provide user awareness training on ransomware attacks.

D.Grant system access based on least privilege.

Question 109

The MOST important function of a business continuity plan (BCP) is to.

A.provide a schedule of events that has to occur if there is a disaster

B.ensure that the critical business functions can be recovered

C.ensure that all business functions are restored

D.provide procedures for evaluating tests of the BCP

Question 110

Which of the following issues identified during a postmortem analysis of the IT security incident response process should be of GREATEST concern?

A.Incident response team members' contact details were not up to date.

B.The incident response team did not initiate actions to limit the impact of the incident

C.The root cause of the incident was not properly identified and documented

D.The incident was caused by an attacker that exploited a zero-day vulnerability.

Other Version: 4571ISACA.CISA.v2025-05-24.q773; 1619ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3739ISACA.CISA.v2023-03-29.q119; 2387ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8826ISACA.CISA.v2021-10-08.q198; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 170PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 150Salesforce.Data-Architect.v2025-09-05.q216; 144Adobe.AD0-E605.v2025-09-05.q50

Question 106

Question 107

Question 108

Question 109

Question 110

Download PDF File