Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 19

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1921

Question

Which of the following is the GREATEST threat to Voice-over Internet Protocol (VoIP) related to privacy release?

A. Incorrect routing
B. Eavesdropping
C. Call recording
D. Denial of service

Answer

B. Eavesdropping

CISA Question 1922

Question

Which of the following is a detective control?

A. Procedures for authorizing transactions
B. Echo checks in telecommunications
C. A router rule restricting a service
D. Programmed edit checks

Answer

B. Echo checks in telecommunications

CISA Question 1923

Question

A disk management system’s PRIMARY function is to:

A. monitor disk accesses for analytical review
B. deny access to disk resident data files
C. provide data on efficient disk usage
D. provide the method of control for disk usage

Answer

D. provide the method of control for disk usage

CISA Question 1924

Question

Which of the following is the GREATEST risk when relying on reports generated by end-user computing?

A. Data may be inaccurate
B. Reports may not work efficiently
C. Reports may not be timely
D. Historical data may not be available

Answer

A. Data may be inaccurate

CISA Question 1925

Question

When responding to an ongoing denial of service (DoS) attack, an organization’s FIRST course of action should be to:

A. restore service
B. minimize impact
C. analyze the attack path
D. investigate damage

Answer

B. minimize impact

CISA Question 1926

Question

Which of the following is the GREATEST security risk associated with data migration from a legacy human resources (HR) system to a cloud-based system?

A. System performance may be impacted by the migration.
B. Records past their retention period may not be migrated to the new system.
C. Data from the source and target system may have different data formats.
D. Data from the source and target system may be intercepted.

Answer

D. Data from the source and target system may be intercepted.

CISA Question 1927

Question

Which of the following provides nonrepudiation in an electronic communication session without confidentiality?

A. Message encryption
B. Log-on ID and password
C. Certification authority
D. Digital signature

Answer

D. Digital signature

CISA Question 1928

Question

For an organization which uses a VoIP telephony system exclusively, the GREATEST concern associated with leaving a connected telephone in an unmonitored public area is the possibility of:

A. connectivity issues when used with an analog local exchange carrier
B. unauthorized use leading to theft of services and financial loss
C. network compromise due to the introduction of malware
D. theft or destruction of an expensive piece of electronic equipment

Answer

B. unauthorized use leading to theft of services and financial loss

CISA Question 1929

Question

The use of control totals reduces the risk of:

A. incomplete processing.
B. improper backup.
C. posting to the wrong record.
D. improper authorization.

Answer

C. posting to the wrong record.

CISA Question 1930

Question

Which of the following is MOST important for an IS auditor to verify during a disaster recovery audit?

A. Roles and responsibilities are documented
B. Regular backups are made and stored offsite.
C. The disaster recovery plan (DRP) is updated on a regular basis.
D. Tabletop disaster recovery tests are conducted.

Answer

A. Roles and responsibilities are documented

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.