Free Access ISACA.CISA.v2025-05-24.q773 Practice Test (Page 20)

Question 91

When developing a risk-based audit strategy, an IS auditor conduct a risk assessment to ensure that:

A.controls needed to mitigate risks are in place.

B.vulnerabilities and threats are identified.

C.audit risks are considered.

D.a gap analysis is appropriate.

Question 92

A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them.
zombie computers are being HEAVILY relied upon on by which of the following types of attack?

A.Eavedropping

B.DoS

C.DDoS

D.ATP

E.Social Engineering

F.None of the choices.

Question 93

To help ensure the organization's information assets are adequately protected, which of the following considerations is MOST important when developing an information classification and handling policy?

A.The policy has been mapped against industry frameworks for classifying information assets.

B.The policy is owned by the head of information security, who has the authority to enforce the policy.

C.The policy specifies requirements to safeguard information assets based on their importance to the organization.

D.The policy is subject to periodic reviews to ensure its provisions are up to date.

Question 94

The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:

A.integrity.

B.authenticity.

C.authorization.

D.nonrepudiation.

Question 95

Which of the following is a general operating system access control function?

A.Creating database profiles

B.Verifying user authorization at a field level

C.Creating individual accountability

D.Logging database access activities for monitoring access violation

Other Version: 1624ISACA.CISA.v2024-10-22.q310; 4136ISACA.CISA.v2023-10-02.q715; 3740ISACA.CISA.v2023-03-29.q119; 2388ISACA.CISA.v2023-02-09.q181; 1498ISACA.CISA.v2023-02-06.q107; 3051ISACA.CISA.v2022-08-28.q129; 4218ISACA.CISA.v2022-02-25.q148; 126ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 5623ISACA.CISA.v2021-11-11.q194; 8826ISACA.CISA.v2021-10-08.q198; 9799ISACA.CISA.v2021-09-28.q199; 12255ISACA.CISA.v2021-09-11.q201

Latest Upload: 105OCEG.GRCP.v2025-09-11.q211; 104HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 151Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 165TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 173PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 151Salesforce.Data-Architect.v2025-09-05.q216; 147Adobe.AD0-E605.v2025-09-05.q50

Question 91

Question 92

Question 93

Question 94

Question 95

Download PDF File