The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1351
- Question
- Answer
- CISA Question 1352
- Question
- Answer
- CISA Question 1353
- Question
- Answer
- CISA Question 1354
- Question
- Answer
- CISA Question 1355
- Question
- Answer
- CISA Question 1356
- Question
- Answer
- CISA Question 1357
- Question
- Answer
- CISA Question 1358
- Question
- Answer
- CISA Question 1359
- Question
- Answer
- CISA Question 1360
- Question
- Answer
CISA Question 1351
Question
Due to the increasing size of a database, user access times and daily backups continue to increase. Which of the following is the BEST way to address this situation?
A. Data modeling
B. Data visualization
C. Data mining
D. Data purging
Answer
D. Data purging
CISA Question 1352
Question
Which of the following will BEST protect the confidentiality of data stored on the hard drive of a laptop computer?
A. Encryption of the data
B. A boot password
C. Physical locks and alarms
D. Biometric access control
Answer
A. Encryption of the data
CISA Question 1353
Question
Which of the following would be the MOST likely reason for an intrusion prevention system (IPS) being unable to block an ongoing web attack?
A. The firewall is not configured properly.
B. The network design contains flaws.
C. Monitoring personnel are not proactive.
D. Signatures are outdated.
Answer
D. Signatures are outdated.
CISA Question 1354
Question
In which phase of penetration testing would host detection and domain name system (DNS) interrogation be performed?
A. Reporting
B. Attacks
C. Discovery
D. Planning
Answer
C. Discovery
CISA Question 1355
Question
The FIRST course of action an investigator should take when a computer is being attacked is to:
A. terminate all active processes.
B. copy the contents of the hard drive.
C. disconnect it from the network.
D. disconnect the power source.
Answer
C. disconnect it from the network.
CISA Question 1356
Question
Which of the following is the MOST effective way to prevent unauthorized changes from being moved into production?
A. Conduct periodic review of change tickets to ensure all change documentation is attached.
B. Enforce segregation of duties between developers and migrators.
C. Perform thorough testing of changes in the test environment.
D. Require approval of changes by the appropriate business process owners.
Answer
C. Perform thorough testing of changes in the test environment.
CISA Question 1357
Question
Which of the following would BEST detect logic bombs in the new programs?
A. Final acceptance testing by users
B. Parallel/pilot testing
C. Regression testing
D. Independent program review
Answer
C. Regression testing
CISA Question 1358
Question
Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (IDSs)?
A. An increase in the number of identified false positives
B. An increase in the number of unfamiliar sources of intruders
C. An increase in the number of detected incidents not previously identified
D. An increase in the number of internally reported critical incidents
Answer
C. An increase in the number of detected incidents not previously identified
CISA Question 1359
Question
On a daily basis, an in-house development team moves duplicate copies of production data containing personally identifiable information (PII) to the test environment. Which of the following is the BEST way to mitigate the privacy risk involved?
A. Require data owners to sign off on production data.
B. Encrypt the data file.
C. Obtain customer opt-in acceptances.
D. Sanitize the data in the test environment.
Answer
B. Encrypt the data file.
CISA Question 1360
Question
Which of the following validation techniques would BEST prevent duplicate electronic vouchers?
A. Cyclic redundancy check
B. Edit check
C. Reasonableness check
D. Sequence check
Answer
C. Reasonableness check