Free Access ISACA.CISA.v2021-10-08.q198 Practice Test (Page 6)

Question 21

Which of the following should be done FIRST to effectively define the IT audit universe for an entity with multiple business lines?

A.Identify aggregate residual IT risk for each business line.

B.Obtain a complete listing of assets fundamental to the entity's businesses.

C.Obtain a complete listing of the entity's IT processes

D.Identify key control objectives for each business line's core processes

Question 22

Which of the following is the GREATEST risk associated with the use of instant messaging (IM)?

A.Loss of employee productivity

B.Data leakage

C.Internet Protocol (IP) address spoofing

D.Excess bandwidth consumption

Question 23

An IS auditor is reviewing a recent security incident and is seeking information about the approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?

A.Database log

B.Change log

C.Security incident and event management (SIEM) report

D.System event correlation report

Question 24

An IS auditor finds that corporate mobile devices used by employees have varying levels of password settings.
Which of the following would be the BEST recommendation?

A.Apply security policy to the mobile devices.

B.Encrypt data between corporate gateway and devices.

C.Update the acceptable use policy for mobile devices.

D.Notify employees to set passwords to a specified length

Question 25

An airlines online booking system uses an automated script that checks whether fares are within the defined threshold of what is reasonable before the fares are displayed on the website. Which type of control is in place?

A.Compensating control

B.Detective control

C.Corrective control

D.Preventer control

Other Version: 4519ISACA.CISA.v2025-05-24.q773; 1576ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3724ISACA.CISA.v2023-03-29.q119; 2379ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3050ISACA.CISA.v2022-08-28.q129; 4210ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5614ISACA.CISA.v2021-11-11.q194; 9772ISACA.CISA.v2021-09-28.q199; 12240ISACA.CISA.v2021-09-11.q201

Latest Upload: 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 208CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 145Salesforce.Data-Architect.v2025-09-05.q216; 139Adobe.AD0-E605.v2025-09-05.q50; 183Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File