Free Access ISACA.CISA.v2025-05-24.q773 Practice Test (Page 113)

Question 556

According to the three lines of defense model for risk management, the second line of defense includes functions that:

A.own risks.

B.define risk appetite.

C.provide independent assurance.

D.oversee risks.

Question 557

Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization that recently experienced a ransomware attack?

A.Antivirus software was unable to prevent the attack even though it was properly updated

B.The most recent security patches were not tested prior to implementation

C.Backups were only performed within the local network

D.Employees were not trained on cybersecurity policies and procedures

Question 558

Which of the following is MOST important for the successful establishment of a security vulnerability management program?

A.A robust tabletop exercise plan

B.A comprehensive asset inventory

C.A tested incident response plan

D.An approved patching policy

Question 559

An organization is disposing of a system containing sensitive data and has deleted all files from the hard disk. An IS auditor should be concerned because:

A.deleted data cannot easily be retrieved.

B.deleting the files logically does not overwrite the files' physical data.

C.deleting all files separately is not as efficient as formatting the hard disk.

D.backup copies of files were not deleted as well.

Question 560

What is the PRIMARY reason an IS auditor would recommend an automated management review process for network administration activity on a daily basis instead of quarterly?

A.To detect unauthorized transactions

B.To identify system changes

C.To identify failed login attempts

D.To detect network intrusions

Other Version: 1635ISACA.CISA.v2024-10-22.q310; 4137ISACA.CISA.v2023-10-02.q715; 3741ISACA.CISA.v2023-03-29.q119; 2398ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8827ISACA.CISA.v2021-10-08.q198; 9801ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 122Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 172TheSecOpsGroup.CNSP.v2025-09-08.q20; 239CFAInstitute.ESG-Investing.v2025-09-08.q173; 234PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 158Salesforce.Data-Architect.v2025-09-05.q216; 152Adobe.AD0-E605.v2025-09-05.q50

Question 556

Question 557

Question 558

Question 559

Question 560

Download PDF File