Free Access ISACA.CISA.v2023-03-29.q119 Practice Test (Page 23)

Question 106

When reviewing an organization's information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:

A.past information security incidents.

B.a risk management process.

C.industry best practices.

D.an information security framework.

Question 107

An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor's NEXT course of action?

A.Determine the risk of not replacing the firewall.

B.Report the security posture of the organization.

C.Determine the value of the firewall.

D.Report the mitigating controls.

Question 108

Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?

A.Providing independent and objective feedback to facilitate improvement of IT processes

B.Identifying relevant roles for an enterprise IT governance framework

C.Verifying that legal, regulatory, and contractual requirements are being met

D.Making decisions regarding risk response and monitoring of residual risk

Question 109

The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:

A.allows more time to abort release of the suppressant.

B.has a decreased risk of leakage.

C.is more effective at suppressing flames.

D.disperses dry chemical suppressants exclusively.

Question 110

Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?

A.Ensuring classification levels align with regulatory guidelines

B.Validating that assets are protected according to assigned classification

C.Defining classification levels for information assets within the organization

D.Securing information assets in accordance with the classification assigned

Other Version: 4531ISACA.CISA.v2025-05-24.q773; 1589ISACA.CISA.v2024-10-22.q310; 4135ISACA.CISA.v2023-10-02.q715; 2383ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3050ISACA.CISA.v2022-08-28.q129; 4213ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5621ISACA.CISA.v2021-11-11.q194; 8796ISACA.CISA.v2021-10-08.q198; 9785ISACA.CISA.v2021-09-28.q199; 12245ISACA.CISA.v2021-09-11.q201

Latest Upload: 101OCEG.GRCP.v2025-09-11.q211; 101HP.HPE0-V27.v2025-09-11.q78; 117Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 106

Question 107

Question 108

Question 109

Question 110

Download PDF File