Free Access ISACA.CISA.v2021-11-11.q194 Practice Test (Page 23)

Which of the following is MOST important for the successful establishment of a security vulnerability management program?

A.A robust tabletop exercise plan

B.A tested incident response plan

C.An approved patching policy

D.A comprehensive asset inventory

An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

A.security parameters are set in accordance with the organizations policies

B.a detailed business case was formally approved prior to the purchase.

C.security parameters are set in accordance with the manufacturer's standards

D.the procurement project invited tenders from at least three different suppliers.

Which of the following is the MOST likely cause of a successful firewall penetration?

A.Use of a Trojan to bypass the firewall

B.Virus infection

C.Firewall misconfiguration by the administrator

D.Loophole m firewall vendor's code

When preparing to evaluate the effectiveness of an organizations IT strategy, an IS auditor should FIRST review:

A.the IT governance framework.

B.Information security procedures.

C.the most recent audit results.

D.the IT processes and procedures.

Which of the following is the BEST way to ensure payment transaction data is restricted to the appropriate users?

A.Restricting access to transactions using network security software

B.Using a single menu for sensitive application transactions

C.Implementing two-factor authentication

D.Implementing role-based access at the application level

Other Version: 4531ISACA.CISA.v2025-05-24.q773; 1589ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3724ISACA.CISA.v2023-03-29.q119; 2383ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3050ISACA.CISA.v2022-08-28.q129; 4213ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 8796ISACA.CISA.v2021-10-08.q198; 9784ISACA.CISA.v2021-09-28.q199; 12245ISACA.CISA.v2021-09-11.q201

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Download PDF File