Free Access ISACA.CISA.v2021-11-11.q194 Practice Test (Page 7)

Question 26

An organization is developing a web portal using some external components. Which of the following should be of MOST concern to an IS auditor?

A.Open-source components were integrated during development.

B.Some of the developers are located in another country.

C.The organization has not reviewed the components for known exploits.

D.Staff require additional training in order to perform cede review.

Question 27

The practice of periodic secure code reviews is which type of control?

A.Preventive

B.Compensating

C.Corrective

D.Detective

Question 28

The BEST way to validate whether a malicious act has actually occurred in an application is to review.

A.segregation of duties

B.activity logs

C.change management logs.

D.access controls

Question 29

What is the PRIMARY reason for conducting a risk assessment when developing an annual IS audit plan?

A.Decide which audit procedures and techniques to use

B.Determine the existence of controls in audit areas

C.Provide assurance material items will be covered

D.Identify and prioritize audit areas

Question 30

An auditor is creating an audit program in which the objective is to establish the adequacy of personal data privacy controls in a payroll process. Which of the following would be MOST important to include?

A.Segregation of duties controls

B.Approval of data changes

C.Audit logging of administrative user activity

D.User access provisioning

Other Version: 4516ISACA.CISA.v2025-05-24.q773; 1564ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3714ISACA.CISA.v2023-03-29.q119; 2375ISACA.CISA.v2023-02-09.q181; 1485ISACA.CISA.v2023-02-06.q107; 3032ISACA.CISA.v2022-08-28.q129; 4197ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 8785ISACA.CISA.v2021-10-08.q198; 9763ISACA.CISA.v2021-09-28.q199; 12223ISACA.CISA.v2021-09-11.q201

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 146Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 155TheSecOpsGroup.CNSP.v2025-09-08.q20; 204CFAInstitute.ESG-Investing.v2025-09-08.q173; 152PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 140Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 176Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 26

Question 27

Question 28

Question 29

Question 30

Download PDF File