Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 13

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1381

Question

Which of the following should be the FIRST step to help ensure the necessary regulatory requirements are addressed in an organization’s crossborder data protection policy?

A. Conduct a risk assessment
B. Perform a gap analysis
C. Conduct stakeholder interviews
D. Perform a business impact analysis (BIA)

Answer

B. Perform a gap analysis

CISA Question 1382

Question

Which of the following methods of providing telecommunications continuity involves the use of an alternative media?

A. Alternative routing
B. Diverse routing
C. Long haul network diversity
D. Last mile circuit protection

Answer

A. Alternative routing

Explanation

Alternative routing is a method of routing information via an alternate medium such as copper cable or fiber optics. This involves use of different networks, circuits or end points should the normal network be unavailable. Diverse routing routes traffic through split cable facilities or duplicate cable facilities. This can be accomplished with different and/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit and therefore subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities by having alternate routes, although the entrance to and from the customer premises may be in the same conduit.

The subscriber can obtain diverse routing and alternate routing from the local carrier, including dual entrance facilities. This type of access is time-consuming and costly. Long haul network diversity is a diverse long-distance network utilizing T1 circuits among the major long-distance carriers. It ensures long-distance access should any one carrier experience a network failure. Last mile circuit protection is a redundant combination of local carrier T1s microwave and/or coaxial cable access to the local communications loop. This enables the facility to have access during a local carrier communication disaster. Alternate local carrier routing is also utilized.

CISA Question 1383

Question

Determining the risk for a particular threat/vulnerability pair before controls are applied can be expressed as:

A. the likelihood of a given threat attempting to exploit a vulnerability
B. a function of the cost and effectiveness of controls over a vulnerability
C. the magnitude of the impact should a threat exploit a vulnerability
D. a function of the likelihood and impact, should a threat exploit a vulnerability

Answer

A. the likelihood of a given threat attempting to exploit a vulnerability

CISA Question 1384

Question

A data leakage prevention (DLP) solution has identified that several employees are sending confidential company data to their personal email addresses in violation of company policy. The information security manager should FIRST:

A. initiate an investigation to determine the full extent of noncompliance
B. notify senior management that employees are breaching policy
C. limit access to the Internet for employees involved
D. contact the employees involved to retake security awareness training

Answer

A. initiate an investigation to determine the full extent of noncompliance

CISA Question 1385

Question

Which of the following is the MOST important reason for performing vulnerability assessments periodically?

A. Technology risks must be mitigated.
B. Management requires regular reports.
C. The environment changes constantly.
D. The current threat levels are being assessed.

Answer

C. The environment changes constantly.

CISA Question 1386

Question

Which of the following would BEST support a business case to implement a data leakage prevention (DLP) solution?

A. An unusual upward trend in outbound email volume
B. Lack of visibility into previous data leakage incidents
C. Industry benchmark of DLP investments
D. A risk assessment on the threat of data leakage

Answer

D. A risk assessment on the threat of data leakage

CISA Question 1387

Question

While conducting a test of a business continuity plan, which of the following is the MOST important consideration?

A. The test simulates actual prime-time processing conditions.
B. The test is scheduled to reduce operational impact.
C. The test involves IT members in the test process.
D. The test addresses the critical components.

Answer

A. The test simulates actual prime-time processing conditions.

CISA Question 1388

Question

Before a failover test of a critical business application is performed, it is MOST important for the information security manager to:

A. obtain a signed risk acceptation from the recovery team
B. obtain senior management‘s approval
C. inform the users that the test is taking place
D. verify that the information assets have been classified properly

Answer

B. obtain senior management‘s approval

CISA Question 1389

Question

Which of the following is the PRIMARY purpose of data classification?

A. To determine access rights to data
B. To provide a basis for protecting data
C. To select encryption technologies
D. To ensure integrity of data

Answer

B. To provide a basis for protecting data

CISA Question 1390

Question

When preventive controls to appropriately mitigate risk are not feasible, which of the following is the MOST important action for the information security manager to perform?

A. Identity unacceptable risk levels
B. Manage the impact
C. Evaluate potential threats
D. Assess vulnerabilities

Answer

B. Manage the impact

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker