CISA Question #294: Real Exam Question with Answer & Explanation

Sign in or unlock CISA to reveal the answer and full explanation for question #294. The question stem and answer options stay visible for context.

Submitted by yuki_2020· Apr 18, 2026Protection of Information Assets

Question

Which of the following would be of GREATEST concern when testing an organization's controls around social engineering threats?

Options

AIncident handling procedures are not included in security awareness sessions
BStaff are not aware of information asset classifications
CBiometric authentication is not utilized
DThe intrusion detection system (IDS) is not configured properly

Unlock CISA to see the answer

You've previewed enough free CISA questions. Unlock CISA for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CISA - $49.99 / 30 days Sign in

Topics

#Social Engineering#Security Awareness#Incident Response#Human Factors

Full CISA Practice Browse All CISA Questions