Instant Access ISACA.CISA.v2024-07-10.q771 Actual Practice Test Engine for Free (Page 131)

Question 646

From a risk management perspective, which of the following is the BEST approach when implementing a large and complex data center IT infrastructure?

A.Simulating the new infrastructure before deployment
B.Prototyping and a one-phase deployment
C.A deployment plan based on sequenced phases
D.A big bang deployment with a successful proof of concept

Question 647

AN IS auditor has been asked to perform an assurance review of an organization's mobile computing security.
To ensure the organization is able to centrally manage mobile devices to protect against data disclosure. It is MOST important for the auditor to determine whether:

A.a security exist for mobile devices.
B.a mobile security awareness training program exists.
C.procedures for lost devices include remote wiping of data
D.lost devices can be located remotely

Question 648

What should an IS auditor do FIRST upon discovering that a service provider did not notify its customers of a security breach?

A.Notify law enforcement of the finding
B.Require the third party to notify customers
C.Issue the audit report with a significant finding.
D.Notify audit management of the finding

Question 649

Which of the following ensures components of an IT system are identified and baselined, and that changes to them are implemented in a controlled manner?

A.Restricted production access
B.Software versioning control
C.Configuration management process
D.Change management process

Question 650

Which of the following BEST indicates that the effectiveness of an organization's security awareness program has improved?

A.A decrease in the number of information security audit findings
B.An increase in the number of staff who complete awareness training
C.An increase in the number of phishing emails reported by employees
D.A decrease in the number of malware outbreaks

Question 646

Question 647

Question 648

Question 649

Question 650

Download PDF File