The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1461
- Question
- Answer
- CISA Question 1462
- Question
- Answer
- Explanation
- CISA Question 1463
- Question
- Answer
- CISA Question 1464
- Question
- Answer
- CISA Question 1465
- Question
- Answer
- CISA Question 1466
- Question
- Answer
- CISA Question 1467
- Question
- Answer
- CISA Question 1468
- Question
- Answer
- CISA Question 1469
- Question
- Answer
- CISA Question 1470
- Question
- Answer
CISA Question 1461
Question
Which of the following should be used to assess the level of security required to protect information on a corporate network?
A. Data classification
B. Business intelligence
C. Access rights
D. Access control matrix
Answer
C. Access rights
CISA Question 1462
Question
Which of the following is the FIRST step in initiating a data classification program?
A. Risk appetite assessment
B. Inventory of data assets
C. Assignment of data ownership
D. Assignment of sensitivity levels
Answer
C. Assignment of data ownership
Explanation
The data classification process starts with the process of establishing ownership of data. This process also helps to prepare data dictionary.
CISA Question 1463
Question
As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following would be the BEST course of action for the IS auditor?
A. Accept the auditee’s response and perform additional testing.
B. Conduct further discussions with the auditee to develop a mitigation plan.
C. Suggest hiring a third-party consultant to perform a current state assessment.
D. Issue a final report without including the opinion of the auditee.
Answer
B. Conduct further discussions with the auditee to develop a mitigation plan.
CISA Question 1464
Question
An IS auditor should ensure that an application’s audit trail:
A. has adequate security
B. does not impact operational efficiency.
C. is accessible online.
D. logs all database records.
Answer
B. does not impact operational efficiency.
CISA Question 1465
Question
An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor?
A. Using a third-party provider to host and manage content
B. Lack of guidance on appropriate social media usage and monitoring
C. Negative posts by customers affecting the organization’s image
D. Reduced productivity of stuff using social media
Answer
B. Lack of guidance on appropriate social media usage and monitoring
CISA Question 1466
Question
Which of the following should be of MOST concern to an IS auditor during the review of a quality management system?
A. The quality management system includes training records for IT personnel.
B. There are no records to document actions for minor business processes.
C. Important quality checklists are maintained outside the quality management system.
D. Indicators are not fully represented in the quality management system.
Answer
B. There are no records to document actions for minor business processes.
CISA Question 1467
Question
Organization A has a Software as a Service Agreement (SaaS) with Organization B. The software is vital to Organization A. Which of the following would provide the GREATEST assurance that the application can be recovered in the event of a disaster?
A. Organization B is responsible for disaster recovery and held accountable for interruption of service.
B. Organization A has a source code escrow agreement and hardware procurement provisions for disaster recovery purposes.
C. Organization B has a disaster recovery plan included in its contract and allows oversight by Organization A.
D. Organization A buys disaster insurance to recuperate losses in the event of a disaster.
Answer
C. Organization B has a disaster recovery plan included in its contract and allows oversight by Organization A.
CISA Question 1468
Question
An IS auditor seeks assurance that a new process for purging transactions does not have a detrimental impact on the integrity of a database. This could be achieved BEST by analyzing the:
A. database structure.
B. design of triggers.
C. results of the process in a test environment.
D. entity relationship diagram of the database.
Answer
D. entity relationship diagram of the database.
CISA Question 1469
Question
Which of the following is the BEST data integrity check?
A. Counting the transactions processed per day
B. Performing a sequence check
C. Tracing data back to the point of origin
D. Preparing and running test data
Answer
C. Tracing data back to the point of origin
CISA Question 1470
Question
Adopting a service-oriented architecture would MOST likely:
A. inhibit integration with legacy systems.
B. compromise application software security.
C. facilitate connectivity between partners.
D. streamline all internal processes.
Answer
C. facilitate connectivity between partners.