Free Access ISACA.CISA.v2023-03-29.q119 Practice Test (Page 20)

Question 91

Which of the following is a social engineering attack method?

A.An employee is induced to reveal confidential IP addresses and passwords by answering questions over the phone.

B.A hacker walks around an office building using scanning tools to search for a wireless network to gain access.

C.An unauthorized person attempts to gam access to secure premises by following an authonzed person through a secure door.

D.An intruder eavesdrops and collects sensitive information flowing through the network and sells it to third parties.

Question 92

An organization's security policy mandates that all new employees must receive appropriate security awareness training. Which of the following metrics would BEST assure compliance with this policy?

A.Percentage of new hires that have completed the training.

B.Percentage of new hires who report incidents

C.Number of new hires who have violated enterprise security policies.

D.Number of reported incidents by new hires.

Question 93

During a review of a production schedule, an IS auditor observes that a staff member is not complying with mandatory operational procedures. The auditor's NEXT step should be to:

A.note the noncompliance in the audit working papers.

B.include the noncompliance in the audit report.

C.determine why the procedures were not followed.

D.issue an audit memorandum identifying the noncompliance.

Question 94

Which of the following is the BEST way to mitigate the impact of ransomware attacks?

A.Invoking the disaster recovery plan (DRP)

B.Paying the ransom

C.Requiring password changes for administrative accounts

D.Backing up data frequently

Question 95

Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

A.Organizational policies and procedures

B.Legal and compliance requirements

C.Customer agreements

D.Data classification

Other Version: 4531ISACA.CISA.v2025-05-24.q773; 1589ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 2383ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3050ISACA.CISA.v2022-08-28.q129; 4213ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5619ISACA.CISA.v2021-11-11.q194; 8796ISACA.CISA.v2021-10-08.q198; 9785ISACA.CISA.v2021-09-28.q199; 12245ISACA.CISA.v2021-09-11.q201

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 91

Question 92

Question 93

Question 94

Question 95

Download PDF File