Free Access ISACA.CISA.v2026-02-11.q999 Practice Test (Page 6)

Question 21

Which of the following BEST indicates the effectiveness of an organization's risk management program?

A.Control risk is minimized.

B.Inherent risk is eliminated.

C.Residual risk is minimized.

D.Overall risk is quantified.

Question 22

Which of the following should be used to assess the level of security required to protect information on a corporate network?

A.Access rights

B.Data classification

C.Access control matrix

D.Business intelligence

Question 23

After identifying potential security vulnerabilities, what should be the IS auditor's next step?

A.To evaluate potential countermeasures and compensatory controls

B.To implement effective countermeasures and compensatory controls

C.To perform a business impact analysis of the threats that would exploit the vulnerabilities

D.To immediately advise senior management of the findings

Question 24

Which of the following is the BEST guidance from an IS auditor to an organization planning an initiative to improve the effectiveness of its IT processes?

A.IT staff should be surveyed to identify current IT process weaknesses and suggest improvements.

B.The organization should use a capability maturity model to identify current maturity levels for each IT process.

C.IT management should include process improvements in staff performance

D.The organization should refer to prior audit reports to identify the specific IT processes to be improved.

Question 25

Which of the following is the MOST effective control to ensure electronic records beyond their retention periods are deleted from IT systems?

A.Review the record retention register regularly to initiate data deletion.

B.Perform a sample check of current data against the retention schedule.

C.Execute all data deletions at a predefined month during the year.

D.Build in system logic to trigger data deletion at predefined times.

Other Version: 5695ISACA.CISA.v2026-01-26.q999; 9509ISACA.CISA.v2025-05-24.q773; 3159ISACA.CISA.v2024-10-22.q310; 7436ISACA.CISA.v2023-10-02.q715; 4760ISACA.CISA.v2023-03-29.q119; 3541ISACA.CISA.v2023-02-09.q181; 2203ISACA.CISA.v2023-02-06.q107; 3721ISACA.CISA.v2022-08-28.q129; 5156ISACA.CISA.v2022-02-25.q148; 127ISACA.Actualtestpdf.CISA.v2021-11-13.by.sarah.721q.pdf; 6806ISACA.CISA.v2021-11-11.q194; 10325ISACA.CISA.v2021-10-08.q198; 11408ISACA.CISA.v2021-09-28.q199; 13590ISACA.CISA.v2021-09-11.q201

Latest Upload: 201PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 298Nokia.4A0-113.v2026-05-01.q69; 253EC-COUNCIL.312-49v11.v2026-04-30.q214; 228Microsoft.MB-820.v2026-04-30.q101; 210Salesforce.MC-202.v2026-04-30.q57; 205BICSI.INSTC_V8.v2026-04-29.q53; 334NMLS.MLO.v2026-04-28.q82; 243NCARB.Project-Management.v2026-04-28.q27; 461EMC.D-AV-DY-23.v2026-04-27.q184; 1114ServiceNow.CSA.v2026-04-27.q483

Question 21

Question 22

Question 23

Question 24

Question 25

Download PDF File