ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1713 discussion

Actual exam question from Isaca's CISA
Question #: 1713
Topic #: 1
[All CISA Questions]

An IS audit report highlighting inadequate network internal controls is challenged because no serious incident has ever occurred. Which of the following actions performed during the audit would have BEST supported the findings?

  • A. Penetration testing
  • B. Threat risk assessment
  • C. Compliance testing
  • D. Vulnerability assessment
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by 46080f2 at March 13, 2025, 4:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
46080f2
1 month, 2 weeks ago
Selected Answer: A
The action that would have best supported the audit findings is penetration testing. By actively demonstrating that network internal controls can be breached, it provides the strongest evidence of inadequacy, directly countering the challenge that no serious incidents have occurred. This aligns with the CISA Manual’s emphasis on penetration testing as a practical, evidence-based approach to assess control effectiveness (CISA Manual, p. 514).
upvoted 2 times
CCNPWILL
1 day, 14 hours ago
Nail on the head. Correct.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago