Free Access ISACA.CISA.v2025-05-24.q773 Practice Test (Page 153)

Question 756

During an audit of a disaster recovery plan (DRP) for a critical business area, an IS auditor finds that not all critical systems are covered. What should the auditor do NEXT?

A.Escalate the finding to senior management.

B.Evaluate the impact of not covering the systems.

C.Verify whether the systems are part of the business impact analysis (BIA).

D.Evaluate the prior year's audit results regarding critical system coverage.

Question 757

Which of the following should be the FIRST step when developing a data loss prevention (DLP) solution for a large organization?

A.Create the DLP policies and templates.

B.Conduct a threat analysis against sensitive data usage.

C.Conduct a data inventory and classification exercise.

D.Identify approved data workflows across the enterprise.

Question 758

An organization implemented a cybersecurity policy last year Which of the following is the GREATE ST indicator that the policy may need to be revised"7 :

A.A significant increase in authorized connections to third parties

B.A significant increase in approved exceptions

C.A significant increase in cybersecurity audit findings

D.A significant increase in external attack attempts

Question 759

The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open- source software?

A.Rewrite the patches and apply them

B.Code review and application of available patches

C.Develop in-house patches

D.identify and test suitable patches before applying them

Question 760

Stress testing should ideally be earned out under a:

A.production environment with production workloads.

B.production environment with test data.

C.test environment with test data.

D.test environment with production workloads.

Other Version: 1595ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3737ISACA.CISA.v2023-03-29.q119; 2383ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8809ISACA.CISA.v2021-10-08.q198; 9785ISACA.CISA.v2021-09-28.q199; 12249ISACA.CISA.v2021-09-11.q201

Latest Upload: 103OCEG.GRCP.v2025-09-11.q211; 102HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 222CFAInstitute.ESG-Investing.v2025-09-08.q173; 157PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 141Adobe.AD0-E605.v2025-09-05.q50

Question 756

Question 757

Question 758

Question 759

Question 760

Download PDF File