The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1421
- Question
- Answer
- CISA Question 1422
- Question
- Answer
- CISA Question 1423
- Question
- Answer
- CISA Question 1424
- Question
- Answer
- CISA Question 1425
- Question
- Answer
- CISA Question 1426
- Question
- Answer
- CISA Question 1427
- Question
- Answer
- CISA Question 1428
- Question
- Answer
- CISA Question 1429
- Question
- Answer
- CISA Question 1430
- Question
- Answer
CISA Question 1421
Question
Which of the following privacy principles ensures data controllers do not use personal data unintended ways that breach protection of data subjects?
A. Data retention
B. Adequacy
C. Accuracy
D. Purpose limitation
Answer
D. Purpose limitation
CISA Question 1422
Question
Disaster recovery planning for network connectivity to a hot site over a public-switched network would be MOST likely to include:
A. minimizing the number of points of presence
B. contracts for acquiring new leased lines
C. reciprocal agreements with customers of that network
D. redirecting private virtual circuits
Answer
D. redirecting private virtual circuits
CISA Question 1423
Question
An organization is considering using production data for testing a new application’s functionality. Which of the following data protection techniques would BEST ensure that personal data cannot be inadvertently recovered in test environments while also reducing the need for strict confidentiality of the data?
A. Data anonymization
B. Data minimization
C. Data normalization
D. Data encryption
Answer
A. Data anonymization
CISA Question 1424
Question
Which of the following would BEST help to support an auditor’s conclusion about the effectiveness of an implemented data classification program?
A. Detailed data classification scheme
B. Access rights provisioned according to scheme
C. Business use cases and scenarios
D. Purchase of information management tools
Answer
C. Business use cases and scenarios
CISA Question 1425
Question
Which of the following is the MOST effective way for an organization to protect against data leakage?
A. Conduct periodic security awareness training.
B. Limit employee Internet access.
C. Review firewall logs for anomalies.
D. Develop a comprehensive data loss prevention policy.
Answer
D. Develop a comprehensive data loss prevention policy.
CISA Question 1426
Question
Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?
A. Apply single sign-on for access control.
B. Enforce an internal data access policy.
C. Enforce the use of digital signatures.
D. Implement segregation of duties.
Answer
B. Enforce an internal data access policy.
CISA Question 1427
Question
Which of the following controls will MOST effectively detect inconsistent records resulting from the lack of referential integrity in a database management system?
A. Concurrent access controls
B. Incremental data backups
C. Performance monitoring tools
D. Periodic table link checks
Answer
A. Concurrent access controls
CISA Question 1428
Question
A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items to the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?
A. An edit check for the validity of the inventory transaction
B. Separate authorization for input of transactions
C. Unscheduled audits of lost stock lines
D. Statistical sampling of adjustment transactions
Answer
B. Separate authorization for input of transactions
CISA Question 1429
Question
The business owner’s approval of software changes being moved into production is PRIMARILY necessary to:
A. ensure that an application functionality requirement is satisfied.
B. prevent unauthorized access to data.
C. inform management of deployments of new functionality.
D. confirm there is a process to control system changes.
Answer
A. ensure that an application functionality requirement is satisfied.
CISA Question 1430
Question
As part of a mergers and acquisitions activity, an acquiring organization wants to consolidate data and system from the organization being acquired into existing systems. To ensure the data is relevant, the acquiring organization should:
A. obtain data quality software.
B. define data quality requirements based on business needs.
C. automate the process of data collection and cleaning.
D. implement a data warehouse solution.
Answer
B. define data quality requirements based on business needs.