Exam CISA Topic 3 Question 1294 Discussion
Actual exam question for ISACA's CISA exam
Question #: 1294
Topic #: 3
Question #: 1294
Topic #: 3
Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS audit has been asked to conduct a control assessment. the auditor's BEST course of action would be to determine if:
Suggested Answer: B Vote an answer
The auditor's best course of action after a security breach in which a hacker exploited a well-known vulnerability in the domain controller is to determine if the logs were monitored. Log monitoring is an essential control for detecting and responding to security incidents, especially when known vulnerabilities exist in the system. The auditor should assess if the logs were properly configured, collected, reviewed, analyzed, and acted upon by the responsible parties. Updating patches, monitoring network traffic, and classifying domain controllers for high availability are also important controls, but they are not directly related to the detection and response of the security breach. References:
* CISA Review Manual (Digital Version), page 301
* CISA Questions, Answers & Explanations Database, question ID 3340
* CISA Review Manual (Digital Version), page 301
* CISA Questions, Answers & Explanations Database, question ID 3340
by Tech Assurance Warrior at Jul 20, 2025, 04:06 AM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Tech Assurance Warrior
2025-07-20 04:06:47Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).