ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1748 discussion

Actual exam question from Isaca's CISA
Question #: 1748
Topic #: 1
[All CISA Questions]

During an audit of a mortgage processing application, an IS auditor identifies that the application allows all users to export large quantities of sensitive customer data. Which of the following is the BEST control for the auditor to recommend to mitigate this risk?

  • A. Restrict download capability to authorized users.
  • B. Require strong passwords for application login.
  • C. Periodically recertify user access.
  • D. Mask sensitive data within the application.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by 46080f2 at March 31, 2025, 2:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
46080f2
2 weeks, 3 days ago
Selected Answer: A
The core issue identified is unrestricted access to exporting sensitive data, which violates the principle of least privilege. The CISA Review Manual emphasizes: "Controls must be implemented to ensure that the data residing on the sending system is the same as the data recorded on the receiving system... access controls should be put in place".
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago