The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1471
- Question
- Answer
- CISA Question 1472
- Question
- Answer
- CISA Question 1473
- Question
- Answer
- CISA Question 1474
- Question
- Answer
- CISA Question 1475
- Question
- Answer
- CISA Question 1476
- Question
- Answer
- CISA Question 1477
- Question
- Answer
- CISA Question 1478
- Question
- Answer
- CISA Question 1479
- Question
- Answer
- CISA Question 1480
- Question
- Answer
CISA Question 1471
Question
During a review of information security procedures for disabling user accounts, an IS auditor discovers that IT is only disabling network access for terminated employees. IT management maintains if terminated users cannot access the network, they will not be able to access any applications.
Which of the following is the GREATEST risk associated with application access?
A. Unauthorized access to data
B. Inability to access data
C. Lack of segregation of duties
D. Loss of non-repudiation
Answer
D. Loss of non-repudiation
CISA Question 1472
Question
After threats to a data center are identified, an IS auditor would expect management to FIRST:
A. recommend required actions to executive management.
B. discuss risk management practices with neighboring firms.
C. implement procedures to address all identified threats.
D. establish and quantify the potential effects if each threat occurs.
Answer
C. implement procedures to address all identified threats.
CISA Question 1473
Question
An IS auditor finds multiple situations where the help desk resolved security incidents without notifying IT security as required by policy. Which of the following is the BEST audit recommendation?
A. Display the incident response hotline in common areas.
B. Have IT security review problem management policy.
C. Reinforce the incident escalation process.
D. Redesign the help desk reporting process.
Answer
B. Have IT security review problem management policy.
CISA Question 1474
Question
A recent audit identified duplicate software licenses and technologies. Which of the following would be MOST helpful to prevent this type of duplication in the future?
A. Centralizing IT procurement and approval practices
B. Updating IT procurement policies and procedures
C. Conducting periodic inventory reviews
D. Establishing a project management office
Answer
B. Updating IT procurement policies and procedures
CISA Question 1475
Question
As part of a post-implementation review, the BEST way to assess the realization of outcomes is by:
A. obtaining feedback from the user community.
B. performing a comprehensive risk analysis.
C. evaluating the actual performance of the system.
D. comparing the business case benefits to the achieved benefits.
Answer
D. comparing the business case benefits to the achieved benefits.
CISA Question 1476
Question
When migrating critical systems to a cloud provider, the GREATEST data security concern for an organization would be that data from different clients may be:
A. subject to different service level agreements (SLAs) for disaster recovery.
B. subject to varying government compliance regulations.
C. improperly separated from each other.
D. requested during a legal discovery process.
Answer
C. improperly separated from each other.
CISA Question 1477
Question
Which of the following would be MOST useful when analyzing computer performance?
A. Report of off-peak utilization and response time
B. Tuning of system software to optimize resource usage
C. Operations report of user dissatisfaction with response time
D. Statistical metrics measuring capacity utilization
Answer
B. Tuning of system software to optimize resource usage
CISA Question 1478
Question
In a large organization, IT deadlines on important projects have been missed because IT resources are not prioritized properly. Which of the following is the BEST recommendation to address this problem?
A. Implement project portfolio management.
B. Implement an integrated resource management system.
C. Implement a comprehensive project scorecard.
D. Revisit the IT strategic plan.
Answer
A. Implement project portfolio management.
CISA Question 1479
Question
Which of the following would be the BEST way to address segregation of duties issues in an organization with budget constraints?
A. Perform an independent audit.
B. Rotate job duties periodically.
C. Implement compensating controls.
D. Hire temporary staff.
Answer
C. Implement compensating controls.
CISA Question 1480
Question
Following an IS audit recommendation, all Telnet and File Transfer Protocol (FTP) connections have been replaced by Secure Socket Shell (SSH) and Secure File
Transfer Protocol (SFTP). Which risk treatment approach has the organization adopted?
A. Acceptance
B. Mitigation
C. Avoidance
D. Transfer
Answer
B. Mitigation