The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
CISA Question 1991
Table of Contents
Question
Which of the following tasks would cause the GREATEST segregation of duties (SoD) concern if performed by the person who reconciles the organization’s device inventory?
A. Tracking devices used for spare parts
B. Approving the issuing of devices
C. Creating the device policy
D. Issuing devices to employees
Answer
D. Issuing devices to employees
CISA Question 1992
Question
Which of the following is the BEST justification for an organization’s decision to go with active-active application clustering instead of activepassive?
A. High availability is a priority.
B. Increased demand on network latency is a concern.
C. Load balancing is a priority.
D. The relevant application is not set up to be cluster-aware.
Answer
C. Load balancing is a priority.
CISA Question 1993
Question
An organization has outsourced its help desk services. Which of the following would be MOST useful in evaluating the quality of the service provider?
A. Benchmark results against industry peers
B. Percentage of cases reopened
C. End-user satisfaction survey results
D. Average waiting time in queue
Answer
C. End-user satisfaction survey results
CISA Question 1994
Question
Backups will MOST effectively minimize a disruptive incident’s impact on a business if they are:
A. stored on write-once read-many media.
B. performed by automated backup software on a fixed schedule.
C. scheduled according to the service delivery objectives.
D. taken according to recovery point objectives (RPOs)
Answer
D. taken according to recovery point objectives (RPOs)
CISA Question 1995
Question
Which of the following is the BEST way to detect system security breaches?
A. Ensuring maximum interoperability among systems throughout the organization
B. Performing intrusion tests on a regular basis
C. Conducting frequent vulnerability scans
D. Conducting continuous monitoring with an automated system security tool
Answer
D. Conducting continuous monitoring with an automated system security tool
CISA Question 1996
Question
Which of the following BEST facilitates scalability objectives for an organization that anticipates a significant increase in web traffic?
A. Load balancers
B. Distributive allocation of servers
C. Failover clusters
D. Redundant array of inexpensive disks (RAID)
Answer
B. Distributive allocation of servers
CISA Question 1997
Question
Following a security breach, an IS auditor finds an organization’s transport layer security (TLS) certificate is compromised. Which of the following would be the auditor’s BEST recommendation to the system administrator?
A. Disable and retrieve the key from escrow.
B. Revoke and regenerate TLS certificates.
C. Repurchase the key from the certification authority (CA).
D. Re-issue TLS certificates with a new effective date.
Answer
B. Revoke and regenerate TLS certificates.
CISA Question 1998
Question
Which type of risk has materialized when an internal IS auditor discovers an issue that external auditors missed due to improperly applied audit procedures?
A. Detection risk
B. Inherent risk
C. Sampling risk
D. Control risk
Answer
A. Detection risk
CISA Question 1999
Question
What is an IS auditor’s BEST recommendation to strengthen security guidelines in order to prevent data leakage from the use of smart devices?
A. Include usage restrictions for smart devices in the security procedures.
B. Require employees to formally acknowledge security procedures.
C. Review the access logs to the organization’s sensitive data in a timely manner.
D. Enforce strong security settings on smart devices.
Answer
D. Enforce strong security settings on smart devices.
CISA Question 2000
Question
Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?
A. Implementing incident escalation procedures
B. Broadcasting an emergency message
C. Completing the incident management log
D. Requiring a dedicated incident response team
Answer
D. Requiring a dedicated incident response team
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
