Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1421

Question

Which of the following privacy principles ensures data controllers do not use personal data unintended ways that breach protection of data subjects?

A. Data retention
B. Adequacy
C. Accuracy
D. Purpose limitation

Answer

D. Purpose limitation

CISA Question 1422

Question

Disaster recovery planning for network connectivity to a hot site over a public-switched network would be MOST likely to include:

A. minimizing the number of points of presence
B. contracts for acquiring new leased lines
C. reciprocal agreements with customers of that network
D. redirecting private virtual circuits

Answer

D. redirecting private virtual circuits

CISA Question 1423

Question

An organization is considering using production data for testing a new application’s functionality. Which of the following data protection techniques would BEST ensure that personal data cannot be inadvertently recovered in test environments while also reducing the need for strict confidentiality of the data?

A. Data anonymization
B. Data minimization
C. Data normalization
D. Data encryption

Answer

A. Data anonymization

CISA Question 1424

Question

Which of the following would BEST help to support an auditor’s conclusion about the effectiveness of an implemented data classification program?

A. Detailed data classification scheme
B. Access rights provisioned according to scheme
C. Business use cases and scenarios
D. Purchase of information management tools

Answer

C. Business use cases and scenarios

CISA Question 1425

Question

Which of the following is the MOST effective way for an organization to protect against data leakage?

A. Conduct periodic security awareness training.
B. Limit employee Internet access.
C. Review firewall logs for anomalies.
D. Develop a comprehensive data loss prevention policy.

Answer

D. Develop a comprehensive data loss prevention policy.

CISA Question 1426

Question

Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

A. Apply single sign-on for access control.
B. Enforce an internal data access policy.
C. Enforce the use of digital signatures.
D. Implement segregation of duties.

Answer

B. Enforce an internal data access policy.

CISA Question 1427

Question

Which of the following controls will MOST effectively detect inconsistent records resulting from the lack of referential integrity in a database management system?

A. Concurrent access controls
B. Incremental data backups
C. Performance monitoring tools
D. Periodic table link checks

Answer

A. Concurrent access controls

CISA Question 1428

Question

A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items to the inventory system. Which control would have BEST prevented this type of fraud in a retail environment?

A. An edit check for the validity of the inventory transaction
B. Separate authorization for input of transactions
C. Unscheduled audits of lost stock lines
D. Statistical sampling of adjustment transactions

Answer

B. Separate authorization for input of transactions

CISA Question 1429

Question

The business owner’s approval of software changes being moved into production is PRIMARILY necessary to:

A. ensure that an application functionality requirement is satisfied.
B. prevent unauthorized access to data.
C. inform management of deployments of new functionality.
D. confirm there is a process to control system changes.

Answer

A. ensure that an application functionality requirement is satisfied.

CISA Question 1430

Question

As part of a mergers and acquisitions activity, an acquiring organization wants to consolidate data and system from the organization being acquired into existing systems. To ensure the data is relevant, the acquiring organization should:

A. obtain data quality software.
B. define data quality requirements based on business needs.
C. automate the process of data collection and cleaning.
D. implement a data warehouse solution.

Answer

B. define data quality requirements based on business needs.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker