Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1471

Question

During a review of information security procedures for disabling user accounts, an IS auditor discovers that IT is only disabling network access for terminated employees. IT management maintains if terminated users cannot access the network, they will not be able to access any applications.
Which of the following is the GREATEST risk associated with application access?

A. Unauthorized access to data
B. Inability to access data
C. Lack of segregation of duties
D. Loss of non-repudiation

Answer

D. Loss of non-repudiation

CISA Question 1472

Question

After threats to a data center are identified, an IS auditor would expect management to FIRST:

A. recommend required actions to executive management.
B. discuss risk management practices with neighboring firms.
C. implement procedures to address all identified threats.
D. establish and quantify the potential effects if each threat occurs.

Answer

C. implement procedures to address all identified threats.

CISA Question 1473

Question

An IS auditor finds multiple situations where the help desk resolved security incidents without notifying IT security as required by policy. Which of the following is the BEST audit recommendation?

A. Display the incident response hotline in common areas.
B. Have IT security review problem management policy.
C. Reinforce the incident escalation process.
D. Redesign the help desk reporting process.

Answer

B. Have IT security review problem management policy.

CISA Question 1474

Question

A recent audit identified duplicate software licenses and technologies. Which of the following would be MOST helpful to prevent this type of duplication in the future?

A. Centralizing IT procurement and approval practices
B. Updating IT procurement policies and procedures
C. Conducting periodic inventory reviews
D. Establishing a project management office

Answer

B. Updating IT procurement policies and procedures

CISA Question 1475

Question

As part of a post-implementation review, the BEST way to assess the realization of outcomes is by:

A. obtaining feedback from the user community.
B. performing a comprehensive risk analysis.
C. evaluating the actual performance of the system.
D. comparing the business case benefits to the achieved benefits.

Answer

D. comparing the business case benefits to the achieved benefits.

CISA Question 1476

Question

When migrating critical systems to a cloud provider, the GREATEST data security concern for an organization would be that data from different clients may be:

A. subject to different service level agreements (SLAs) for disaster recovery.
B. subject to varying government compliance regulations.
C. improperly separated from each other.
D. requested during a legal discovery process.

Answer

C. improperly separated from each other.

CISA Question 1477

Question

Which of the following would be MOST useful when analyzing computer performance?

A. Report of off-peak utilization and response time
B. Tuning of system software to optimize resource usage
C. Operations report of user dissatisfaction with response time
D. Statistical metrics measuring capacity utilization

Answer

B. Tuning of system software to optimize resource usage

CISA Question 1478

Question

In a large organization, IT deadlines on important projects have been missed because IT resources are not prioritized properly. Which of the following is the BEST recommendation to address this problem?

A. Implement project portfolio management.
B. Implement an integrated resource management system.
C. Implement a comprehensive project scorecard.
D. Revisit the IT strategic plan.

Answer

A. Implement project portfolio management.

CISA Question 1479

Question

Which of the following would be the BEST way to address segregation of duties issues in an organization with budget constraints?

A. Perform an independent audit.
B. Rotate job duties periodically.
C. Implement compensating controls.
D. Hire temporary staff.

Answer

C. Implement compensating controls.

CISA Question 1480

Question

Following an IS audit recommendation, all Telnet and File Transfer Protocol (FTP) connections have been replaced by Secure Socket Shell (SSH) and Secure File
Transfer Protocol (SFTP). Which risk treatment approach has the organization adopted?

A. Acceptance
B. Mitigation
C. Avoidance
D. Transfer

Answer

B. Mitigation

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker