Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 19

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1911

Question

The BEST way to avoid session hijacking is to use:

A. a reverse lookup
B. a secure protocol
C. a firewall
D. strong password controls

Answer

B. a secure protocol

CISA Question 1912

Question

Senior management has approved employees working off-site by using a virtual private network (VPN) connection. It is MOST important for the information security manager to periodically:

A. review firewall configuration
B. review the security policy
C. perform a cost-benefit analysis
D. perform a risk assessment

Answer

D. perform a risk assessment

CISA Question 1913

Question

An employee uses a personal mobile device to access corporate data and email, but also allows friends to use it as a mobile hotspot for Internet access when not at work. The information security manager is concerned this situation may expose confidential data. The manager’s FIRST step should be to:

A. update the mobile device usage standards to address the issue and communicate to all employees
B. activate the incident response plan to mitigate the impact and stop the compromise
C. review the associated risks to determine if additional controls are needed
D. implement additional security controls that will mitigate the situation and then reassess risks

Answer

A. update the mobile device usage standards to address the issue and communicate to all employees

CISA Question 1914

Question

An information security manager has observed multiple exceptions for a number of different security controls. Which of the following should be the information security manager’s FIRST course of action?

A. Design mitigating controls for the exceptions.
B. Prioritize the risk and implement treatment options.
C. Inform respective risk owners of the impact of exceptions.
D. Report the noncompliance to the board of directors.

Answer

B. Prioritize the risk and implement treatment options.

CISA Question 1915

Question

The PRIMARY benefit of a centralized time server is that it:

A. reduces individual time-of-day requests by client applications
B. is required by password synchronization programs
C. allows decentralized logs to be kept in synchronization
D. decreases the likelihood of an unrecoverable systems failure

Answer

C. allows decentralized logs to be kept in synchronization

CISA Question 1916

Question

Which of the following is the GREATEST security threat when an organization allows remote access to a virtual private network (VPN)?

A. Client logins are subject to replay attack.
B. VPN traffic could be sniffed and captured.
C. Compromised VPN clients could impact the network.
D. Attackers could compromise the VPN gateway.

Answer

C. Compromised VPN clients could impact the network.

CISA Question 1917

Question

Which of the following is the BEST defense against a brute force attack?

A. Discretionary access control
B. Intruder detection lockout
C. Mandatory access control
D. Time-of-day restrictions

Answer

D. Time-of-day restrictions

CISA Question 1918

Question

An IT department has given a vendor remote access to the internal network for troubleshooting network performance problems. After discovering the remote activity during a firewall log review, which of the following is the BEST course of action for an information security manager?

A. Revoke the access.
B. Review the related service level agreement (SLA).
C. Determine the level of access granted.
D. Declare a security incident.

Answer

C. Determine the level of access granted.

CISA Question 1919

Question

Which of the following is the GREATEST risk of single sign-on?

A. Password carelessness by one user may render the entire infrastructure vulnerable
B. Integration of single sign-on with the rest of the infrastructure is complicated
C. It is a single point of failure for an enterprise access control process
D. One administrator maintains the single sign-on solutions without segregation of duty

Answer

B. Integration of single sign-on with the rest of the infrastructure is complicated

CISA Question 1920

Question

The MOST effective control to detect fraud inside an organization’s network, is to:

A. implement an intrusion detection system (IDS)
B. apply two-factor authentication
C. review access logs
D. segregate duties

Answer

C. review access logs

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.