Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1461

Question

Which of the following should be used to assess the level of security required to protect information on a corporate network?

A. Data classification
B. Business intelligence
C. Access rights
D. Access control matrix

Answer

C. Access rights

CISA Question 1462

Question

Which of the following is the FIRST step in initiating a data classification program?

A. Risk appetite assessment
B. Inventory of data assets
C. Assignment of data ownership
D. Assignment of sensitivity levels

Answer

C. Assignment of data ownership

Explanation

The data classification process starts with the process of establishing ownership of data. This process also helps to prepare data dictionary.

CISA Question 1463

Question

As part of an audit response, an auditee has concerns with the recommendations and is hesitant to implement them. Which of the following would be the BEST course of action for the IS auditor?

A. Accept the auditee’s response and perform additional testing.
B. Conduct further discussions with the auditee to develop a mitigation plan.
C. Suggest hiring a third-party consultant to perform a current state assessment.
D. Issue a final report without including the opinion of the auditee.

Answer

B. Conduct further discussions with the auditee to develop a mitigation plan.

CISA Question 1464

Question

An IS auditor should ensure that an application’s audit trail:

A. has adequate security
B. does not impact operational efficiency.
C. is accessible online.
D. logs all database records.

Answer

B. does not impact operational efficiency.

CISA Question 1465

Question

An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor?

A. Using a third-party provider to host and manage content
B. Lack of guidance on appropriate social media usage and monitoring
C. Negative posts by customers affecting the organization’s image
D. Reduced productivity of stuff using social media

Answer

B. Lack of guidance on appropriate social media usage and monitoring

CISA Question 1466

Question

Which of the following should be of MOST concern to an IS auditor during the review of a quality management system?

A. The quality management system includes training records for IT personnel.
B. There are no records to document actions for minor business processes.
C. Important quality checklists are maintained outside the quality management system.
D. Indicators are not fully represented in the quality management system.

Answer

B. There are no records to document actions for minor business processes.

CISA Question 1467

Question

Organization A has a Software as a Service Agreement (SaaS) with Organization B. The software is vital to Organization A. Which of the following would provide the GREATEST assurance that the application can be recovered in the event of a disaster?

A. Organization B is responsible for disaster recovery and held accountable for interruption of service.
B. Organization A has a source code escrow agreement and hardware procurement provisions for disaster recovery purposes.
C. Organization B has a disaster recovery plan included in its contract and allows oversight by Organization A.
D. Organization A buys disaster insurance to recuperate losses in the event of a disaster.

Answer

C. Organization B has a disaster recovery plan included in its contract and allows oversight by Organization A.

CISA Question 1468

Question

An IS auditor seeks assurance that a new process for purging transactions does not have a detrimental impact on the integrity of a database. This could be achieved BEST by analyzing the:

A. database structure.
B. design of triggers.
C. results of the process in a test environment.
D. entity relationship diagram of the database.

Answer

D. entity relationship diagram of the database.

CISA Question 1469

Question

Which of the following is the BEST data integrity check?

A. Counting the transactions processed per day
B. Performing a sequence check
C. Tracing data back to the point of origin
D. Preparing and running test data

Answer

C. Tracing data back to the point of origin

CISA Question 1470

Question

Adopting a service-oriented architecture would MOST likely:

A. inhibit integration with legacy systems.
B. compromise application software security.
C. facilitate connectivity between partners.
D. streamline all internal processes.

Answer

C. facilitate connectivity between partners.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker