Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 41 discussion

Actual exam question from Isaca's CISA
Question #: 41
Topic #: 1
[All CISA Questions]

During audit fieldwork, an IS auditor learns that employees are allowed to connect their personal devices to company-owned computers. How can the auditor
BEST validate that appropriate security controls are in place to prevent data loss?

  • A. Verify the data loss prevention (DLP) tool is properly configured by the organization.
  • B. Review compliance with data loss and applicable mobile device user acceptance policies.
  • C. Verify employees have received appropriate mobile device security awareness training.
  • D. Conduct a walk-through to view results of an employee plugging in a device to transfer confidential data.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Changwha at July 10, 2023, 2:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Pumeza
1 week, 1 day ago
a for alpha
upvoted 1 times
...
Lightfinger
1 week, 2 days ago
Selected Answer: B
'Properly configured' is an ambiguous term. Review needs to be done against acceptable risks translated into policy documentation - Anwser B is correct.
upvoted 1 times
...
vyvi130
2 weeks, 2 days ago
Selected Answer: A
Answer: A
upvoted 1 times
...
BenHung
5 months, 3 weeks ago
The best answer is B. Review data loss and compliance with the applicable mobile device user acceptance policy. reason: Option A only focuses on the configuration of DLP tools without considering employee behavior and policy compliance. Option C. While important, insufficient employee awareness training does not necessarily result in data being lost. Option D, while testing employee responses to data loss, does not fully verify the effectiveness of all security controls.
upvoted 1 times
...
a84n
6 months, 3 weeks ago
Selected Answer: B
Answer: B
upvoted 1 times
...
5b56aae
7 months ago
Selected Answer: A
A for me
upvoted 4 times
...
CISA2021
10 months ago
Selected Answer: B
Auditor is not responsible to verify or conduct the work, therefore, review is the answer here.
upvoted 3 times
...
Changwha
1 year, 4 months ago
B, This option addresses the overall framework and guidelines for managing risks associated with personal device usage, making it the best choice for validating security controls.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel