Free Access ISACA.CISA.v2024-10-22.q310 Practice Test (Page 16)

Question 71

An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

A.Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees

B.Establishing strong access controls on confidential data

C.Providing education and guidelines to employees on use of social networking sites

D.Monitoring employees' social networking usage

Question 72

In order to properly protect against unauthorized disclosure of sensitive data, how should hard disks be sanitized?

A.The data should be deleted and overwritten with binary 0s.

B.The data should be demagnetized.

C.The data should be low-level formatted.

D.The data should be deleted.

Question 73

What can be implemented to provide the highest level of protection from external attack?

A.Layering perimeter network protection by configuring the firewall as a screened host in a screened subnet behind the bastion host

B.Configuring the firewall as a screened host behind a router

C.Configuring the firewall as the protecting bastion host

D.Configuring two load-sharing firewalls facilitating VPN access from external hosts to internal hosts

Question 74

Which of the following findings should hr of GREATEST concern for an IS auditor when auditing the effectiveness of a phishing simulation test administered for staff members?

A.Staff members were not notified about the test beforehand

B.Security awareness training was not provided poor to the test

C.Test results were not communicated to staff members

D.Staff members who failed the test did not receive follow-up education

Question 75

When designing metrics for information security, the MOST important consideration is that the metrics:

A.provide actionable data.

B.apply to all business units.

C.are easy to understand.

D.track trends over time.

Other Version: 4551ISACA.CISA.v2025-05-24.q773; 4136ISACA.CISA.v2023-10-02.q715; 3737ISACA.CISA.v2023-03-29.q119; 2386ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8809ISACA.CISA.v2021-10-08.q198; 9790ISACA.CISA.v2021-09-28.q199; 12254ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 148Salesforce.Data-Architect.v2025-09-05.q216; 143Adobe.AD0-E605.v2025-09-05.q50

Question 71

Question 72

Question 73

Question 74

Question 75

Download PDF File