Free Access ISACA.CISA.v2025-05-24.q773 Practice Test (Page 118)

Question 581

An IS auditor is reviewing a bank's service level agreement (SLA) with a third-party provider that hosts the
bank's secondary data center. Which of the following findings should be of GREATEST concern to the
auditor?

A.The recovery point objective (RPO) has a shorter duration than documented in the disaster recovery
plan

B.The recovery time objective (RTO) has a longer duration than documented in the disaster recovery plan

C.Backup data is hosted online only

D.The SLA has not been reviewed in more than a year

Question 582

Which of the following methods should be used to purge confidential data from write-once optical media?

A.Degauss the media.

B.Destroy the media.

C.Remove the references to data from the access index.

D.Write over the data with null values.

Question 583

On a public-key cryptosystem when there is no previous knowledge between parties, which of the following will BEST help to prevent one person from using a fictitious key to impersonate someone else?

A.Encrypt the message containing the sender's public key, using a private-key cryptosystem.

B.Send a certificate that can be verified by a certification authority with the public key.

C.Encrypt the message containing the sender's public key; using the recipient's pubic key.

D.Send the public key to the recipient prior to establishing the connection.

Question 584

Which of the following should be of PRIMARY concern to an IS auditor reviewing the management of external IT service providers?

A.Minimizing costs for the services provided

B.Prohibiting the provider from subcontracting services

C.Evaluating the process for transferring knowledge to the IT department

D.Determining if the services were provided as contracted

Question 585

Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?

A.Reviewing program code

B.Reviewing operations documentation

C.Turning off the UPS, then the power

D.Reviewing program documentation

Other Version: 1635ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3740ISACA.CISA.v2023-03-29.q119; 2398ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8827ISACA.CISA.v2021-10-08.q198; 9801ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 106OCEG.GRCP.v2025-09-11.q211; 106HP.HPE0-V27.v2025-09-11.q78; 121Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 136SAP.C-S4EWM-2023.v2025-09-08.q83; 171TheSecOpsGroup.CNSP.v2025-09-08.q20; 238CFAInstitute.ESG-Investing.v2025-09-08.q173; 225PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 156Salesforce.Data-Architect.v2025-09-05.q216; 151Adobe.AD0-E605.v2025-09-05.q50

Question 581

Question 582

Question 583

Question 584

Question 585

Download PDF File