Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 102 discussion

Actual exam question from Isaca's CISA
Question #: 102
Topic #: 1
[All CISA Questions]

During a review of an organization's network threat response process, the IS auditor noticed that the majority of alerts were closed without resolution.
Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the BEST way for the auditor to address this situation?

  • A. Further review closed unactioned alerts to identify mishandling of threats.
  • B. Reopen unactioned alerts and report to the audit committee.
  • C. Recommend that management enhance the policy and improve threat awareness training.
  • D. Omit the finding from the report as this practice is in compliance with the current policy.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by saado9 at March 31, 2023, 1:42 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
saado9
Highly Voted 1 year, 7 months ago
C. Recommend that management enhance the policy and improve threat awareness training.
upvoted 5 times
SBD600
1 year, 6 months ago
The IS auditor should review the closed unactioned alerts to determine if there was any mishandling of threats. This will help the auditor assess if the current policy and practice are effective and if there is a need for improvements in the threat response process. so answer is a
upvoted 6 times
...
...
PurpleParrot
Most Recent 1 month, 2 weeks ago
Selected Answer: C
option A only addresses the immediate concern, however, option C is the BEST way to address the situation.
upvoted 1 times
...
RS66
4 months, 3 weeks ago
Selected Answer: A
There might me some risks not resolved. You need to ivestigate further before enhancing policies and awareness.
upvoted 2 times
...
Swallows
5 months, 2 weeks ago
Selected Answer: C
While further reviewing closed unactioned alerts (Option A) could provide insights into specific instances of mishandling, recommending enhancements to the policy and training (Option C) addresses the underlying issue more comprehensively. It allows the organization to proactively improve its network threat response process rather than just reacting to past incidents.
upvoted 2 times
...
5b56aae
6 months, 4 weeks ago
Selected Answer: A
Further review
upvoted 1 times
...
OD1N
11 months, 2 weeks ago
why answer B?
upvoted 1 times
...
Bankyz
1 year, 4 months ago
By recommending that management enhances the policy and improves threat awareness training, the auditor addresses the underlying issues. Enhancing the policy can provide clearer guidelines and expectations for handling alerts, including criteria for closure. Improving threat awareness training can better equip the support team with the knowledge and skills to evaluate alerts effectively and take appropriate action.
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel