Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 13

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1361

Question

Which of the following is the BEST approach to identify whether a vulnerability is actively being exploited?

A. Implement key performance indicators (KPIs).
B. Conduct a penetration test.
C. Review service desk reports.
D. Perform log analysis.

Answer

D. Perform log analysis.

CISA Question 1362

Question

A bank is relocating its servers to a vendor that provides data center hosting services to multiple clients. Which of the following controls would restrict other clients from physical access to the bank’s servers?

A. Closed-circuit television cameras
B. Locking server cages
C. Biometric access at all data center entrances
D. 24-hour security guards

Answer

B. Locking server cages

CISA Question 1363

Question

Which of the following is the GREATEST advantage of application penetration testing over vulnerability scanning?

A. Penetration testing does not require a special skill set to be executed.
B. Penetration testing provides a more accurate picture of gaps in application controls.
C. Penetration testing can be conducted in a relatively short time period.
D. Penetration testing creates relatively smaller risks to application availability and integrity.

Answer

B. Penetration testing provides a more accurate picture of gaps in application controls.

CISA Question 1364

Question

The use of the Transport Layer Security (TLS) protocol enables the client in a network to be:

A. provided with a digital certificate.
B. identified by a password.
C. registered by the server.
D. assured of the server‘s identity.

Answer

D. assured of the server‘s identity.

CISA Question 1365

Question

To confirm integrity for a hashed message, the receiver should use:

A. a different hashing algorithm from the sender‘s to create a numerical representation of the file.
B. a different hashing algorithm from the sender‘s to create a binary image of the file.
C. the same hashing algorithm as the sender‘s to create a binary image of the file.
D. the same hashing algorithm as the sender‘s to create a numerical representation of the file.

Answer

D. the same hashing algorithm as the sender‘s to create a numerical representation of the file.

CISA Question 1366

Question

Which of the following is MOST likely to be prevented by a firewall connected to the Internet?

A. Dial-in penetration attacks
B. Disclosure of public key infrastructure (PKI) keys
C. Alteration of email message content
D. External spoofing of internal addresses

Answer

B. Disclosure of public key infrastructure (PKI) keys

CISA Question 1367

Question

A stockbroker accepts orders over the Internet. Which of the following is the MOST appropriate control to ensure confidentiality of the orders?

A. Virtual private network (VPN)
B. Public key encryption
C. Data Encryption Standard (DES)
D. Digital signature

Answer

B. Public key encryption

CISA Question 1368

Question

An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents.
Which of the following observations should be of MOST concern to the auditor?

A. Training was not provided to the department that handles intellectual property and patents.
B. Logging and monitoring for content filtering is not enabled.
C. The collaboration tool is hosted and can only be accessed via an Internet browser.
D. Employees can share files with users outside the company through collaboration tools.

Answer

D. Employees can share files with users outside the company through collaboration tools.

CISA Question 1369

Question

Which of the following is MOST likely to enable a hacker to successfully penetrate a system?

A. Lack of virus protection
B. Unpatched software
C. Decentralized dialup access
D. Lack of DoS protection

Answer

B. Unpatched software

CISA Question 1370

Question

Which of the following will enable a customer to authenticate an online Internet vendor?

A. Vendor signs a reply using a hash function and the customer‘s public key.
B. Customer encrypts an order using the vendor‘s public key.
C. Customer verifies the vendor‘s certificate with a certificate authority (CA).
D. Vendor decrypts incoming orders using its own private key.

Answer

C. Customer verifies the vendor‘s certificate with a certificate authority (CA).

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.