Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1431

Question

Which of the following would BEST help ensure information security is effective following the outsourcing of network operations?

A. Test security controls periodically.
B. Review security key performance indicators (KPIs).
C. Establish security service level agreements (SLAs).
D. Appoint a security service delivery monitoring manager.

Answer

C. Establish security service level agreements (SLAs).

CISA Question 1432

Question

An IS auditor is reviewing documentation of application systems change control and identifies several patches that were not tested before being put into production. Which of the following is the MOST significant risk from this situation?

A. Developer access to production
B. Lack of system integrity
C. Outdated system documentation
D. Loss of application support

Answer

D. Loss of application support

CISA Question 1433

Question

Which of the following cloud deployment models would BEST meet the needs of a startup software development organization with limited initial capital?

A. Private
B. Public
C. Community
D. Hybrid

Answer

B. Public

CISA Question 1434

Question

What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

A. Creating new user IDs valid only on a few hosts
B. Maintaining consistency throughout all platforms
C. Restricting a local user to necessary resources on a local platform
D. Restricting a local user to necessary resources on the host server

Answer

B. Maintaining consistency throughout all platforms

CISA Question 1435

Question

While planning a review of IT governance, the IS auditor is MOST likely to:

A. examine audit committee minutes for IS-related matters and their control.
B. obtain information about the framework of control adopted by management.
C. assess whether business process owner responsibilities are consistent across the organization.
D. review compliance with policies and procedures issued by the board of directors.

Answer

A. examine audit committee minutes for IS-related matters and their control.

CISA Question 1436

Question

During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

A. allocation of resources during an emergency.
B. maintenance of hardware and software compatibility.
C. differences in IS policies and procedures.
D. frequency of system testing.

Answer

C. differences in IS policies and procedures.

CISA Question 1437

Question

Which of the following would BEST describe an audit risk?

A. The company is being sued for false accusations.
B. The financial report may contain undetected material errors.
C. Key employees have not taken vacation for 2 years.
D. Employees have been misappropriating funds.

Answer

B. The financial report may contain undetected material errors.

CISA Question 1438

Question

An IS auditor intends to accept a management position in the data processing department within the same organization. However, the auditor is currently working on an audit of a major application and has not yet finished the report. Which of the following would be the BEST step for the IS auditor to take?

A. Start in the position and inform the application owner of the job change.
B. Start in the position immediately.
C. Disclose this issue to the appropriate parties.
D. Complete the audit without disclosure and then start in the position.

Answer

C. Disclose this issue to the appropriate parties.

CISA Question 1439

Question

An organization transmits large amounts of data from one internal system to another. The IS auditor is reviewing the quality of the data at the originating point.
Which of the following should the auditor verify FIRST?

A. The data has been encrypted.
B. The data transformation is accurate.
C. The data extraction process is completed.
D. The source data is accurate.

Answer

A. The data has been encrypted.

CISA Question 1440

Question

To maintain the confidentiality of information moved between office and home on removable media, which of the following is the MOST effective control?

A. Mandatory file passwords
B. Security awareness training
C. Digitally signed media
D. Data encryption

Answer

D. Data encryption

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.