Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 19

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1991

Question

Which of the following tasks would cause the GREATEST segregation of duties (SoD) concern if performed by the person who reconciles the organization’s device inventory?

A. Tracking devices used for spare parts
B. Approving the issuing of devices
C. Creating the device policy
D. Issuing devices to employees

Answer

D. Issuing devices to employees

CISA Question 1992

Question

Which of the following is the BEST justification for an organization’s decision to go with active-active application clustering instead of activepassive?

A. High availability is a priority.
B. Increased demand on network latency is a concern.
C. Load balancing is a priority.
D. The relevant application is not set up to be cluster-aware.

Answer

C. Load balancing is a priority.

CISA Question 1993

Question

An organization has outsourced its help desk services. Which of the following would be MOST useful in evaluating the quality of the service provider?

A. Benchmark results against industry peers
B. Percentage of cases reopened
C. End-user satisfaction survey results
D. Average waiting time in queue

Answer

C. End-user satisfaction survey results

CISA Question 1994

Question

Backups will MOST effectively minimize a disruptive incident’s impact on a business if they are:

A. stored on write-once read-many media.
B. performed by automated backup software on a fixed schedule.
C. scheduled according to the service delivery objectives.
D. taken according to recovery point objectives (RPOs)

Answer

D. taken according to recovery point objectives (RPOs)

CISA Question 1995

Question

Which of the following is the BEST way to detect system security breaches?

A. Ensuring maximum interoperability among systems throughout the organization
B. Performing intrusion tests on a regular basis
C. Conducting frequent vulnerability scans
D. Conducting continuous monitoring with an automated system security tool

Answer

D. Conducting continuous monitoring with an automated system security tool

CISA Question 1996

Question

Which of the following BEST facilitates scalability objectives for an organization that anticipates a significant increase in web traffic?

A. Load balancers
B. Distributive allocation of servers
C. Failover clusters
D. Redundant array of inexpensive disks (RAID)

Answer

B. Distributive allocation of servers

CISA Question 1997

Question

Following a security breach, an IS auditor finds an organization’s transport layer security (TLS) certificate is compromised. Which of the following would be the auditor’s BEST recommendation to the system administrator?

A. Disable and retrieve the key from escrow.
B. Revoke and regenerate TLS certificates.
C. Repurchase the key from the certification authority (CA).
D. Re-issue TLS certificates with a new effective date.

Answer

B. Revoke and regenerate TLS certificates.

CISA Question 1998

Question

Which type of risk has materialized when an internal IS auditor discovers an issue that external auditors missed due to improperly applied audit procedures?

A. Detection risk
B. Inherent risk
C. Sampling risk
D. Control risk

Answer

A. Detection risk

CISA Question 1999

Question

What is an IS auditor’s BEST recommendation to strengthen security guidelines in order to prevent data leakage from the use of smart devices?

A. Include usage restrictions for smart devices in the security procedures.
B. Require employees to formally acknowledge security procedures.
C. Review the access logs to the organization’s sensitive data in a timely manner.
D. Enforce strong security settings on smart devices.

Answer

D. Enforce strong security settings on smart devices.

CISA Question 2000

Question

Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?

A. Implementing incident escalation procedures
B. Broadcasting an emergency message
C. Completing the incident management log
D. Requiring a dedicated incident response team

Answer

D. Requiring a dedicated incident response team

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.