Free Access to ISACA.CISA.v2023-04-24.q308 with Valid Practice Test (Page 28)

Question 131

Which of the following is the BEST metric to measure the alignment of IT and business strategy?

A.Level of stakeholder satisfaction with the scope of planned IT projects
B.Percentage of stat satisfied with their IT-related roles
C.Frequency of business process capability maturity assessments
D.Percentage of enterprise risk assessments that include IT-related risk

Question 132

Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?

A.The logs failed to identify the person handling the evidence.
B.The person who collected the evidence is not qualified to represent the case.
C.The evidence was collected by the Internal forensics team.
D.The evidence was not fully backed up using a cloud-based solution prior to the trial.

Question 133

While evaluating the data classification process of an organization, an IS auditor's PRIMARY focus should be on whether:

A.data retention requirements are clearly defined.
B.data classifications are automated.
C.data is correctly classified.
D.a data dictionary is maintained.

Question 134

An IS auditor observes that a business-critical application does not currently have any level of fault tolerance Which of the following is the GREATEST concern with this situation?

A.Single point of failure
B.Limited tolerance for damage
C.Decreased mean time between failures (MTBF)
D.Degradation of services

Question 135

Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:

A.The logs were monitored.
B.the patches were updated.
C.The network traffic was being monitored.
D.The domain controller was classified for high availability.

Question 131

Question 132

Question 133

Question 134

Question 135

Download PDF File