The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 1511
- Question
- Answer
- CISA Question 1512
- Question
- Answer
- CISA Question 1513
- Question
- Answer
- CISA Question 1514
- Question
- Answer
- CISA Question 1515
- Question
- Answer
- CISA Question 1516
- Question
- Answer
- CISA Question 1517
- Question
- Answer
- CISA Question 1518
- Question
- Answer
- CISA Question 1519
- Question
- Answer
- CISA Question 1520
- Question
- Answer
CISA Question 1511
Question
Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization’s data loss prevention (DLP) controls?
A. Verify that confidential files cannot be transmitted to a personal USB device.
B. Conduct interviews to identify possible data protection vulnerabilities.
C. Review data classification levels based on industry best practice.
D. Verify that current DLP software is installed on all computer systems.
Answer
C. Review data classification levels based on industry best practice.
CISA Question 1512
Question
Which of the following should be an IS auditor’s BEST recommendation to prevent installation of unlicensed software on employees’ companyprovided devices?
A. Enforce audit logging of software installation activities.
B. Restrict software installation authority to administrative users only.
C. Implement software blacklisting.
D. Remove unlicensed software from end-user devices.
Answer
A. Enforce audit logging of software installation activities.
CISA Question 1513
Question
In an organization that has a staff-rotation policy, the MOST appropriate access control model is:
A. role-based.
B. discretionary.
C. mandatory.
D. lattice-based.
Answer
A. role-based.
CISA Question 1514
Question
Which of the following should be the MOST important consideration when determining which information system application to audit?
A. Cost-benefit analysis
B. Available resources
C. Business impact analysis
D. Newly implemented systems
Answer
C. Business impact analysis
CISA Question 1515
Question
One advantage of managing an entire collection of projects as a portfolio is that it highlights the need to:
A. identify dependencies between projects.
B. inform users about all ongoing projects.
C. manage the risk of each individual project.
D. manage the quality of each project.
Answer
D. manage the quality of each project.
CISA Question 1516
Question
Which of the following is the BEST reason for an organization to develop a business continuity plan?
A. To develop a detailed description of information systems and processes
B. To identify the users of information systems and processes
C. To avoid the costs resulting from the failure of key systems and processes
D. To establish business unit prioritization of systems, projects, and strategies
Answer
C. To avoid the costs resulting from the failure of key systems and processes
CISA Question 1517
Question
An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor’s BEST recommendation would be to:
A. recruit more monitoring personnel.
B. fine tune the intrusion detection system (IDS).
C. reduce the firewall rules.
D. establish criteria for reviewing alerts.
Answer
D. establish criteria for reviewing alerts.
CISA Question 1518
Question
During an audit of a financial application, it was determined that many terminated users’ accounts were not disabled. Which of the following should be the IS auditor’s NEXT step?
A. Perform a review of terminated users’ account activity.
B. Conclude that IT general controls are ineffective.
C. Communicate risks to the application owner.
D. Perform substantive testing of terminated users’ access rights.
Answer
A. Perform a review of terminated users’ account activity.
CISA Question 1519
Question
An IS auditor performing an audit of backup procedures observes that backup tapes are picked up weekly and stored offsite at a third-party hosting facility. Which of the following recommendations would be the BEST way to protect the data on the backup tapes?
A. Ensure that data is encrypted before leaving the facility.
B. Ensure that the transport company obtains signatures for all shipments.
C. Confirm that data is transported in locked tamper-evident containers.
D. Confirm that data transfers are logged and recorded.
Answer
A. Ensure that data is encrypted before leaving the facility.
CISA Question 1520
Question
An IS auditor is reviewing the performance outcomes of controls in an agile development project. Which of the following would provide the MOST relevant evidence for the auditor to consider?
A. Progress report of outstanding work
B. Product backlog
C. Number of failed builds
D. Composition of the scrum team
Answer
A. Progress report of outstanding work