Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1431

Question

Which of the following would BEST help ensure information security is effective following the outsourcing of network operations?

A. Test security controls periodically.
B. Review security key performance indicators (KPIs).
C. Establish security service level agreements (SLAs).
D. Appoint a security service delivery monitoring manager.

Answer

C. Establish security service level agreements (SLAs).

CISA Question 1432

Question

An IS auditor is reviewing documentation of application systems change control and identifies several patches that were not tested before being put into production. Which of the following is the MOST significant risk from this situation?

A. Developer access to production
B. Lack of system integrity
C. Outdated system documentation
D. Loss of application support

Answer

D. Loss of application support

CISA Question 1433

Question

Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?

A. Private
B. Public
C. Community
D. Hybrid

Answer

B. Public

CISA Question 1434

Question

What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

A. Creating new user IDs valid only on a few hosts
B. Maintaining consistency throughout all platforms
C. Restricting a local user to necessary resources on a local platform
D. Restricting a local user to necessary resources on the host server

Answer

B. Maintaining consistency throughout all platforms

CISA Question 1435

Question

While planning a review of IT governance, the IS auditor is MOST likely to:

A. examine audit committee minutes for IS-related matters and their control.
B. obtain information about the framework of control adopted by management.
C. assess whether business process owner responsibilities are consistent across the organization.
D. review compliance with policies and procedures issued by the board of directors.

Answer

A. examine audit committee minutes for IS-related matters and their control.

CISA Question 1436

Question

During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

A. allocation of resources during an emergency.
B. maintenance of hardware and software compatibility.
C. differences in IS policies and procedures.
D. frequency of system testing.

Answer

C. differences in IS policies and procedures.

CISA Question 1437

Question

Which of the following would BEST describe an audit risk?

A. The company is being sued for false accusations.
B. The financial report may contain undetected material errors.
C. Key employees have not taken vacation for 2 years.
D. Employees have been misappropriating funds.

Answer

B. The financial report may contain undetected material errors.

CISA Question 1438

Question

An IS auditor intends to accept a management position in the data processing department within the same organization. However, the auditor is currently working on an audit of a major application and has not yet finished the report. Which of the following would be the BEST step for the IS auditor to take?

A. Start in the position and inform the application owner of the job change.
B. Start in the position immediately.
C. Disclose this issue to the appropriate parties.
D. Complete the audit without disclosure and then start in the position.

Answer

C. Disclose this issue to the appropriate parties.

CISA Question 1439

Question

An organization transmits large amounts of data from one internal system to another. The IS auditor is reviewing the quality of the data at the originating point.
Which of the following should the auditor verify FIRST?

A. The data has been encrypted.
B. The data transformation is accurate.
C. The data extraction process is completed.
D. The source data is accurate.

Answer

A. The data has been encrypted.

CISA Question 1440

Question

To maintain the confidentiality of information moved between office and home on removable media, which of the following is the MOST effective control?

A. Mandatory file passwords
B. Security awareness training
C. Digitally signed media
D. Data encryption

Answer

D. Data encryption

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker