Online Access Free ISACA.CISA.v2023-03-04.q272 Practice Test (Page 35)

CISA Exam Question 166

An IS auditor finds that one employee has unauthorized access to confidential dat a. The IS auditor's BEST recommendation should be to:

A.recommend corrective actions to be taken by the security administrator.

B.reclassify the data to a lower level of confidentiality

C.implement a strong password schema for users.

D.require the business owner to conduct regular access reviews.

CISA Exam Question 167

During an audit of an organization's risk management practices, an IS auditor finds several documented IT risk acceptances have not been renewed in a timely manner after the assigned expiration date When assessing the seventy of this finding, which mitigating factor would MOST significantly minimize the associated impact?

A.There are documented compensating controls over the business processes.

B.The risk acceptances were previously reviewed and approved by appropriate senior management

C.The risk acceptances with issues reflect a small percentage of the total population

D.The business environment has not significantly changed since the risk acceptances were approved.

CISA Exam Question 168

Which of the following security risks can be reduced by a property configured network firewall?

A.SQL injection attacks

B.Denial of service (DoS) attacks

C.Phishing attacks

D.Insider attacks

CISA Exam Question 169

An IS auditor is evaluating the access controls for a shared customer relationship management (CRM) system. Which of the following would be the GREATEST concern?

A.Complex passwords are not required

B.Audit logging is not enabled

C.Security baseline is not consistently applied

D.Single sign-on is not enabled

CISA Exam Question 170

A senior auditor is reviewing work papers prepared by a junior auditor indicating that a finding was removed after the auditee said they corrected the problem. Which of the following is the senior auditor s MOST appropriate course of action?

A.Have the finding reinstated

B.Approve the work papers as written

C.Ask the auditee to retest

D.Refer the issue to the audit director

Other Version: 5791ISACA.CISA.v2025-06-20.q647; 1803ISACA.CISA.v2025-06-11.q606; 2349ISACA.CISA.v2022-10-31.q203; 2452ISACA.CISA.v2022-03-29.q126; 123ISACA.Examprepaway.CISA.v2022-02-10.by.barret.126q.pdf; 8604ISACA.CISA.v2021-11-29.q567; 36ISACA.Actualvce.CISA.v2021-08-31.by.ralap.101q.pdf

Latest Upload: 287ISACA.CGEIT.v2025-09-19.q537; 153Fortinet.FCP_FWF_AD-7.4.v2025-09-18.q62; 154Scrum.SAFe-Practitioner.v2025-09-18.q63; 146Workday.Workday-Prism-Analytics.v2025-09-17.q17; 131Oracle.1Z0-1055-24.v2025-09-17.q28; 129Oracle.1Z1-182.v2025-09-17.q32; 244Nutanix.NCP-US-6.5.v2025-09-16.q73; 265Oracle.1z0-071.v2025-09-16.q232; 203Oracle.1Z1-922.v2025-09-16.q125; 325CyberArk.PAM-CDE-RECERT.v2025-09-15.q100

CISA Exam Question 166

CISA Exam Question 167

CISA Exam Question 168

CISA Exam Question 169

CISA Exam Question 170

Download PDF File