Free Access ISACA.CISA.v2023-02-09.q181 Practice Test (Page 37)

Question 176

An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk. An IS auditor should be concerned because:

A.deleting the files logically does not overwrite the files' physical data.

B.backup copies of files were not deleted as well.

C.deleted data cannot easily be retrieved.

D.deleting all files separately is not as efficient as formatting the hard disk.

Question 177

A project team has decided to switch to an agile approach to develop a replacement for an existing business application. Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?

A.Interview business process owners to compile a list of business requirements

B.Understand the specific agile methodology that will be followed.

C.Identify and assess existing agile process control

D.Compare the agile process with previous methodology.

Question 178

An IS auditor is preparing a plan for audits to be carried out over a specified period. Which of the following activities should the IS auditor perform FIRST?

A.Allocate audit resources.

B.Review prior audit reports.

C.Determine the audit universe.

D.Prioritize risks.

Question 179

An organization has recently moved to an agile model for deploying custom code to its in-house accounting software system. When reviewing the procedures in place for production code deployment, which of the following is the MOST significant security concern to address?

A.Software vulnerability scanning is done on an ad hoc basis.

B.Production code deployment is not automated.

C.Current DevSecOps processes have not been independently verified.

D.Change control does not include testing and approval from quality assurance (QA).

Question 180

An externally facing system containing sensitive data is configured such that users have either read-only or administrator rights. Most users of the system have administrator access. Which of the following is the GREATEST risk associated with this situation?

A.Users can export application logs.

B.Users can make unauthorized changes.

C.Users can view sensitive data.

D.Users can install open-licensed software.

Other Version: 4605ISACA.CISA.v2025-05-24.q773; 1634ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3740ISACA.CISA.v2023-03-29.q119; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8827ISACA.CISA.v2021-10-08.q198; 9801ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 105HP.HPE0-V27.v2025-09-11.q78; 120Oracle.1Z0-1057-23.v2025-09-10.q47; 156Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 237CFAInstitute.ESG-Investing.v2025-09-08.q173; 220PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 155Salesforce.Data-Architect.v2025-09-05.q216; 149Adobe.AD0-E605.v2025-09-05.q50

Question 176

Question 177

Question 178

Question 179

Question 180

Download PDF File