Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 13

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1361

Question

Which of the following is the BEST approach to identify whether a vulnerability is actively being exploited?

A. Implement key performance indicators (KPIs).
B. Conduct a penetration test.
C. Review service desk reports.
D. Perform log analysis.

Answer

D. Perform log analysis.

CISA Question 1362

Question

A bank is relocating its servers to a vendor that provides data center hosting services to multiple clients. Which of the following controls would restrict other clients from physical access to the bank’s servers?

A. Closed-circuit television cameras
B. Locking server cages
C. Biometric access at all data center entrances
D. 24-hour security guards

Answer

B. Locking server cages

CISA Question 1363

Question

Which of the following is the GREATEST advantage of application penetration testing over vulnerability scanning?

A. Penetration testing does not require a special skill set to be executed.
B. Penetration testing provides a more accurate picture of gaps in application controls.
C. Penetration testing can be conducted in a relatively short time period.
D. Penetration testing creates relatively smaller risks to application availability and integrity.

Answer

B. Penetration testing provides a more accurate picture of gaps in application controls.

CISA Question 1364

Question

The use of the Transport Layer Security (TLS) protocol enables the client in a network to be:

A. provided with a digital certificate.
B. identified by a password.
C. registered by the server.
D. assured of the server‘s identity.

Answer

D. assured of the server‘s identity.

CISA Question 1365

Question

To confirm integrity for a hashed message, the receiver should use:

A. a different hashing algorithm from the sender‘s to create a numerical representation of the file.
B. a different hashing algorithm from the sender‘s to create a binary image of the file.
C. the same hashing algorithm as the sender‘s to create a binary image of the file.
D. the same hashing algorithm as the sender‘s to create a numerical representation of the file.

Answer

D. the same hashing algorithm as the sender‘s to create a numerical representation of the file.

CISA Question 1366

Question

Which of the following is MOST likely to be prevented by a firewall connected to the Internet?

A. Dial-in penetration attacks
B. Disclosure of public key infrastructure (PKI) keys
C. Alteration of email message content
D. External spoofing of internal addresses

Answer

B. Disclosure of public key infrastructure (PKI) keys

CISA Question 1367

Question

A stockbroker accepts orders over the Internet. Which of the following is the MOST appropriate control to ensure confidentiality of the orders?

A. Virtual private network (VPN)
B. Public key encryption
C. Data Encryption Standard (DES)
D. Digital signature

Answer

B. Public key encryption

CISA Question 1368

Question

An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents.
Which of the following observations should be of MOST concern to the auditor?

A. Training was not provided to the department that handles intellectual property and patents.
B. Logging and monitoring for content filtering is not enabled.
C. The collaboration tool is hosted and can only be accessed via an Internet browser.
D. Employees can share files with users outside the company through collaboration tools.

Answer

D. Employees can share files with users outside the company through collaboration tools.

CISA Question 1369

Question

Which of the following is MOST likely to enable a hacker to successfully penetrate a system?

A. Lack of virus protection
B. Unpatched software
C. Decentralized dialup access
D. Lack of DoS protection

Answer

B. Unpatched software

CISA Question 1370

Question

Which of the following will enable a customer to authenticate an online Internet vendor?

A. Vendor signs a reply using a hash function and the customer‘s public key.
B. Customer encrypts an order using the vendor‘s public key.
C. Customer verifies the vendor‘s certificate with a certificate authority (CA).
D. Vendor decrypts incoming orders using its own private key.

Answer

C. Customer verifies the vendor‘s certificate with a certificate authority (CA).

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker