Free Access ISACA.CISA.v2023-02-09.q181 Practice Test (Page 28)

Question 131

An IS auditor has completed the fieldwork phase of a network security review and is preparing the initial following findings should be ranked as the HIGHEST risk?

A.Network firewall rules have not been documented.

B.Network penetration tests are not performed

C.The network firewall policy has not been approved by the information security officer.

D.The network device inventory is incomplete.

Question 132

An IS auditor has discovered that a software system still in regular use is years out of date and no longer supported The auditee has stated that it will take six months until the software is running on the current version. Which of the following is the BEST way to reduce the immediate risk associated with using an unsupported version of the software?

A.Segregate the outdated software system from the main network.

B.Verify all patches have been applied to the software system's outdated version

C.Monitor network traffic attempting to reach the outdated software system.

D.Close all unused ports on the outdated software system.

Question 133

Which of the following should be of GREATEST concern for an IS auditor reviewing an organization's disaster recovery plan (DRP)?

A.The DRP has not been updated since an IT infrastructure upgrade.

B.The DRP has not been formally approved by senior management.

C.The DRP has not been distributed to end users.

D.The DRP contains recovery procedures for critical servers only.

Question 134

Which of the following is the BEST way to ensure that an application is performing according to its specifications?

A.Pilot testing

B.Unit testing

C.Integration testing

D.System testing

Question 135

Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?

A.Identify the most critical database controls.

B.Perform a business impact analysis (BIA).

C.Determine which databases will be in scope.

D.Evaluate the types of databases being used

Other Version: 4579ISACA.CISA.v2025-05-24.q773; 1626ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3740ISACA.CISA.v2023-03-29.q119; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8826ISACA.CISA.v2021-10-08.q198; 9799ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 224CFAInstitute.ESG-Investing.v2025-09-08.q173; 175PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 147Adobe.AD0-E605.v2025-09-05.q50

Question 131

Question 132

Question 133

Question 134

Question 135

Download PDF File