The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1431
- Question
- Answer
- CISA Question 1432
- Question
- Answer
- CISA Question 1433
- Question
- Answer
- CISA Question 1434
- Question
- Answer
- CISA Question 1435
- Question
- Answer
- CISA Question 1436
- Question
- Answer
- CISA Question 1437
- Question
- Answer
- CISA Question 1438
- Question
- Answer
- CISA Question 1439
- Question
- Answer
- CISA Question 1440
- Question
- Answer
CISA Question 1431
Question
Which of the following would BEST help ensure information security is effective following the outsourcing of network operations?
A. Test security controls periodically.
B. Review security key performance indicators (KPIs).
C. Establish security service level agreements (SLAs).
D. Appoint a security service delivery monitoring manager.
Answer
C. Establish security service level agreements (SLAs).
CISA Question 1432
Question
An IS auditor is reviewing documentation of application systems change control and identifies several patches that were not tested before being put into production. Which of the following is the MOST significant risk from this situation?
A. Developer access to production
B. Lack of system integrity
C. Outdated system documentation
D. Loss of application support
Answer
D. Loss of application support
CISA Question 1433
Question
Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?
A. Private
B. Public
C. Community
D. Hybrid
Answer
B. Public
CISA Question 1434
Question
What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?
A. Creating new user IDs valid only on a few hosts
B. Maintaining consistency throughout all platforms
C. Restricting a local user to necessary resources on a local platform
D. Restricting a local user to necessary resources on the host server
Answer
B. Maintaining consistency throughout all platforms
CISA Question 1435
Question
While planning a review of IT governance, the IS auditor is MOST likely to:
A. examine audit committee minutes for IS-related matters and their control.
B. obtain information about the framework of control adopted by management.
C. assess whether business process owner responsibilities are consistent across the organization.
D. review compliance with policies and procedures issued by the board of directors.
Answer
A. examine audit committee minutes for IS-related matters and their control.
CISA Question 1436
Question
During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:
A. allocation of resources during an emergency.
B. maintenance of hardware and software compatibility.
C. differences in IS policies and procedures.
D. frequency of system testing.
Answer
C. differences in IS policies and procedures.
CISA Question 1437
Question
Which of the following would BEST describe an audit risk?
A. The company is being sued for false accusations.
B. The financial report may contain undetected material errors.
C. Key employees have not taken vacation for 2 years.
D. Employees have been misappropriating funds.
Answer
B. The financial report may contain undetected material errors.
CISA Question 1438
Question
An IS auditor intends to accept a management position in the data processing department within the same organization. However, the auditor is currently working on an audit of a major application and has not yet finished the report. Which of the following would be the BEST step for the IS auditor to take?
A. Start in the position and inform the application owner of the job change.
B. Start in the position immediately.
C. Disclose this issue to the appropriate parties.
D. Complete the audit without disclosure and then start in the position.
Answer
C. Disclose this issue to the appropriate parties.
CISA Question 1439
Question
An organization transmits large amounts of data from one internal system to another. The IS auditor is reviewing the quality of the data at the originating point.
Which of the following should the auditor verify FIRST?
A. The data has been encrypted.
B. The data transformation is accurate.
C. The data extraction process is completed.
D. The source data is accurate.
Answer
A. The data has been encrypted.
CISA Question 1440
Question
To maintain the confidentiality of information moved between office and home on removable media, which of the following is the MOST effective control?
A. Mandatory file passwords
B. Security awareness training
C. Digitally signed media
D. Data encryption
Answer
D. Data encryption