Free Access ISACA.CISA.v2026-02-11.q999 Practice Test (Page 127)

Question 626

Users are issued security tokens to be used in combination with a PIN to access the corporate virtual
private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security
policy?

A.Users should not leave tokens where they could be stolen

B.Users must never keep the token in the same bag as their laptop computer

C.Users should select a PIN that is completely random, with no repeating digits

D.Users should never write down their PIN

Question 627

Which of the following findings would be of GREATEST concern when auditing an organization's end-user computing (EUC)?

A.Reduced oversight by the IT department

B.Errors flowed through to financial statements

C.Inability to monitor EUC audit logs and activities

D.Inconsistency of patching processes being followed

Question 628

A bank's transactional services are exclusively conducted online via Internet and mobile banking.
Both its primary and disaster recovery sites are supported by the same Internet service provider (ISP). Which of the following is the BEST way for the bank to minimize risk in this situation?

A.Conduct real-time data synchronization between the primary and disaster recovery sites.

B.Establish a contractual agreement with a second ISP to cover connection to the disaster recovery site

C.Revise the current contract to require 99.99% connection availability with the current ISP.

D.Conduct incremental backups of transactional data every two hours.

Question 629

An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

A.Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees

B.Establishing strong access controls on confidential data

C.Providing education and guidelines to employees on use of social networking sites

D.Monitoring employees' social networking usage

Question 630

When segregation of duties concerns exists between IT support staff and end users, what would be
suitable compensating control?

A.Restricting physical access to computing equipment

B.Reviewing transaction and application logs

C.Performing background checks prior to hiring IT staff

D.Locking user sessions after a specified period of inactivity

Other Version: 6302ISACA.CISA.v2026-01-26.q999; 9874ISACA.CISA.v2025-05-24.q773; 3491ISACA.CISA.v2024-10-22.q310; 7967ISACA.CISA.v2023-10-02.q715; 4905ISACA.CISA.v2023-03-29.q119; 3756ISACA.CISA.v2023-02-09.q181; 2321ISACA.CISA.v2023-02-06.q107; 3849ISACA.CISA.v2022-08-28.q129; 5312ISACA.CISA.v2022-02-25.q148; 130ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 6991ISACA.CISA.v2021-11-11.q194; 10498ISACA.CISA.v2021-10-08.q198; 11565ISACA.CISA.v2021-09-28.q199; 13811ISACA.CISA.v2021-09-11.q201

Latest Upload: 288PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 421Nokia.4A0-113.v2026-05-01.q69; 451EC-COUNCIL.312-49v11.v2026-04-30.q214; 426Microsoft.MB-820.v2026-04-30.q101; 287Salesforce.MC-202.v2026-04-30.q57; 336BICSI.INSTC_V8.v2026-04-29.q53; 472NMLS.MLO.v2026-04-28.q82; 304NCARB.Project-Management.v2026-04-28.q27; 564EMC.D-AV-DY-23.v2026-04-27.q184; 1420ServiceNow.CSA.v2026-04-27.q483

Question 626

Question 627

Question 628

Question 629

Question 630

Download PDF File