Free Access ISACA.CISA.v2023-03-29.q119 Practice Test (Page 15)

Question 66

An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives. Which of the following findings should be the IS auditor's GREATEST concern?

A.Mobile devices are not encrypted.

B.Users are not required to sign updated acceptable use agreements.

C.The business continuity plan (BCP) was not updated.

D.Users have not been trained on the new system.

Question 67

An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:

A.violation reports may not be reviewed in a timely manner.

B.violations may not be categorized according to the organization's risk profile.

C.violation reports may not be retained according to the organization's risk profile.

D.a significant number of false positive violations may be reported.

Question 68

An IS audit reveals that an organization is not proactively addressing known vulnerabilities. Which of the following should the IS auditor recommend the organization do FIRST?

A.Assess the security risks to the business.

B.Verify the disaster recovery plan (DRP) has been tested.

C.Ensure the intrusion prevention system (IPS) is effective.

D.Confirm the incident response team understands the issue.

Question 69

While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?

A.Have IT security staff conduct targeted training for data owners.

B.Use automatic document classification based on content.

C.Publish the data classification policy on the corporate web portal.

D.Conduct awareness presentations and seminars for information classification policies.

Question 70

A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?

A.Statistical sampling of adjustment transactions

B.An edit check for the validity of the inventory transaction

C.Unscheduled audits of lost stock lines

D.Separate authorization for input of transactions

Other Version: 4552ISACA.CISA.v2025-05-24.q773; 1604ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 2386ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8809ISACA.CISA.v2021-10-08.q198; 9791ISACA.CISA.v2021-09-28.q199; 12254ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 66

Question 67

Question 68

Question 69

Question 70

Download PDF File