Free Access ISACA.CISA.v2023-02-09.q181 Practice Test (Page 12)

Question 51

Which of the following is MOST important to verify when determining the completeness of the vulnerability scanning process?

A.The organization's systems inventory is kept up to date.

B.Access to the vulnerability scanning tool is periodically reviewed

C.Vulnerability scanning results are reported to the CISO.

D.The organization is using a cloud-hosted scanning tool for Identification of vulnerabilities

Question 52

Which of the following should an IS auditor ensure is classified at the HIGHEST level of sensitivity?

A.IT security incidents

B.Penetration test results

C.Emergency change records

D.Server room access history

Question 53

An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?

A.The number of users deleting the email without reporting because it is a phishing email

B.The number of users clicking on the link to learn more about the sender of the email

C.The number of users forwarding the email to their business unit managers

D.The number of users reporting receipt of the email to the information security team

Question 54

An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?

A.Report the security posture of the organization.

B.Report the mitigating controls.

C.Determine the risk of not replacing the firewall.

D.Determine the value of the firewall.

Question 55

Controls related to authorized modifications to production programs are BEST tested by:

A.tracing modifications from the original request for change forward to the executable program.

B.testing only the authorizations to implement the new program.

C.reviewing only the actual lines of source code changed in the program.

D.tracing modifications from the executable program back to the original request for change.

Other Version: 4518ISACA.CISA.v2025-05-24.q773; 1576ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3714ISACA.CISA.v2023-03-29.q119; 1495ISACA.CISA.v2023-02-06.q107; 3046ISACA.CISA.v2022-08-28.q129; 4200ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5607ISACA.CISA.v2021-11-11.q194; 8786ISACA.CISA.v2021-10-08.q198; 9772ISACA.CISA.v2021-09-28.q199; 12236ISACA.CISA.v2021-09-11.q201

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 156TheSecOpsGroup.CNSP.v2025-09-08.q20; 207CFAInstitute.ESG-Investing.v2025-09-08.q173; 155PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 144Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 177Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 51

Question 52

Question 53

Question 54

Question 55

Download PDF File