Free Access ISACA.CISA.v2023-02-09.q181 Practice Test (Page 15)

Question 66

During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

A.Notify the chair of the audit committee.

B.Notify the audit manager.

C.Retest the control.

D.Close the audit finding.

Question 67

When assessing the overall effectiveness of an organization's disaster recovery planning process, which of the following is MOST important for the IS auditor to verify?

A.Management documents and distributes a copy of the plan to all personnel.

B.Management contracts with a third party for warm site services.

C.Management schedules an annual tabletop exercise.

D.Management reviews and updates the plan annually or as changes occur.

Question 68

Which of the following activities would allow an IS auditor to maintain independence while facilitating a control sell-assessment (CSA)?

A.Implementing the remediation plan

B.Developing the remediation plan

C.Partially completing the CSA

D.Developing the CSA questionnaire

Question 69

An IS auditor notes that the previous year's disaster recovery test was not completed within the scheduled time frame due to insufficient hardware allocated by a third-party vendor. Which of the following provides the BEST evidence that adequate resources are now allocated to successfully recover the systems?

A.Service level agreement (SLA)

B.Vendor memo indicating problem correction

C.An up-to-date RACI chart

D.Hardware change management policy

Question 70

Which of the following security risks can be reduced by a property configured network firewall?

A.SQL injection attacks

B.Denial of service (DoS) attacks

C.Insider attacks

D.Phishing attacks

Other Version: 4531ISACA.CISA.v2025-05-24.q773; 1589ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 3724ISACA.CISA.v2023-03-29.q119; 1498ISACA.CISA.v2023-02-06.q107; 3050ISACA.CISA.v2022-08-28.q129; 4213ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5616ISACA.CISA.v2021-11-11.q194; 8796ISACA.CISA.v2021-10-08.q198; 9784ISACA.CISA.v2021-09-28.q199; 12245ISACA.CISA.v2021-09-11.q201

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 156PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 146Salesforce.Data-Architect.v2025-09-05.q216; 140Adobe.AD0-E605.v2025-09-05.q50

Question 66

Question 67

Question 68

Question 69

Question 70

Download PDF File