Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 1

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 91

Question

Which of the following is MOST effective in detecting an intrusion attempt?

A. Installing biometrics-based authentication
B. Analyzing system logs
C. Using smart cards with one-time passwords
D. Using packet filter software

Answer

A. Installing biometrics-based authentication

CISA Question 92

Question

Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

A. File Transfer Protocol (FTP)
B. Application level firewalls
C. Instant messaging policy
D. File level encryption

Answer

B. Application level firewalls

CISA Question 93

Question

Which of the following types of firewalls provide the GREATEST degree of control against hacker intrusion?

A. Screening router
B. Packet filtering router
C. Application level gateway
D. Circuit gateway

Answer

C. Application level gateway

CISA Question 94

Question

Which of the following is the BEST control to mitigate the malware risk associated with an instant messaging (IM) system?

A. Blocking external IM traffic
B. Blocking attachments in IM
C. Allowing only corporate IM solutions
D. Encrypting IM traffic

Answer

B. Blocking attachments in IM

CISA Question 95

Question

An organization shares some of its customers’ personally identifiable information (PII) with third-party suppliers for business purposes. What is MOST important for the IS auditor to evaluate to ensure that risk associated with leakage of privacy-related data during transmission is effectively managed?

A. Encrypting and masking of customer data
B. The third party’s privacy and data security policies
C. Nondisclosure and indemnity agreements
D. Service and operational level agreements

Answer

A. Encrypting and masking of customer data

CISA Question 96

Question

An organization sends daily backup media by courier to an offsite location. Which of the following provides the BEST evidence that the media is transported reliably?

A. Documented backup media transport procedures
B. Certification of the courier company
C. Deliver schedule of the backup media
D. Signed acknowledgements by offsite manager

Answer

D. Signed acknowledgements by offsite manager

CISA Question 97

Question

During an audit of a disaster recovery plan (DRP) for a critical business area, an IS auditor finds that not all critical systems are covered. What should the auditor do NEXT?

A. Evaluate the impact of not covering the systems
B. Escalate the finding to senior management
C. Evaluate the prior year’s audit results regarding critical system coverage
D. Verify whether the systems are part of the business impact analysis (BIA)

Answer

A. Evaluate the impact of not covering the systems

CISA Question 98

Question

Which of the following would an IS auditor recommend as the MOST effective preventive control to reduce the risk of data leakage?

A. Ensure that paper documents are disposed securely.
B. Verify that application logs capture any changes made.
C. Implement an intrusion detection system (IDS).
D. Validate all data files contain digital watermarks.

Answer

D. Validate all data files contain digital watermarks.

CISA Question 99

Question

Which of the following is the PRIMARY concern when negotiating a contract for a hot site?

A. Complete testing of the recovery plan
B. Availability of the site in the event of multiple disaster declarations
C. Reciprocal agreements with other organizations
D. Coordination with the site staff in the event of multiple disaster declarations

Answer

B. Availability of the site in the event of multiple disaster declarations

CISA Question 100

Question

Which of the following is MOST important to ensure when reviewing a global organization’s controls to protect data held on its IT infrastructure across all of its locations?

A. The threat of natural disasters in each location hosting infrastructure has been accounted for.
B. The capacity of underlying communications infrastructure in the host locations is sufficient.
C. Technical capabilities exist in each location to manage the data and recovery operations.
D. Relevant data protection legislation and regulations for each location are adhered to.

Answer

D. Relevant data protection legislation and regulations for each location are adhered to.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker