The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
CISA Question 1941
Table of Contents
Question
An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner. Which of the following is the auditor’s BEST recommendation?
A. Upgrade hardware to newer technology
B. Build a virtual environment
C. Hire temporary contract workers for the IT function
D. Increase the capacity of existing systems
Answer
B. Build a virtual environment
CISA Question 1942
Question
Which of the following is MOST important when duties in a small organization cannot be appropriately segregated?
A. Exception reporting
B. Variance reporting
C. Independent reviews
D. Audit trail
Answer
D. Audit trail
CISA Question 1943
Question
In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to `never expire`. Which of the following recommendations would BEST address the risk with minimal disruption to the business?
A. Modify the access management policy to make allowances for application accounts
B. Introduce database access monitoring into the environment
C. Modify applications to no longer require direct access to the database
D. Schedule downtime to implement password changes
Answer
B. Introduce database access monitoring into the environment
CISA Question 1944
Question
An IS audit found that malware entered the organization through a spreadsheet macro, and the auditor recommended that spreadsheet macros be disabled. All macros were disabled except those needed by the finance team for reporting purposes. Which of the following is the auditor’s BEST course of action?
A. Close the recommendation, as most of the risk has been mitigated
B. Advise management to disable the spreadsheet macros for the finance users
C. Recommend alternate reporting methods that do not use spreadsheet macros
D. Escalate the issue to the audit committee
Answer
C. Recommend alternate reporting methods that do not use spreadsheet macros
CISA Question 1945
Question
A data breach has occurred due to malware. Which of the following should be the FIRST course of action?
A. Notify customers of the breach
B. Notify the cyber insurance company
C. Shut down the affected systems
D. Quarantine the impacted systems
Answer
D. Quarantine the impacted systems
CISA Question 1946
Question
Which of the following is the MAJOR advantage of automating internal controls?
A. To help identify transactions with no segregation of duties
B. To enable the review of large value transactions
C. To efficiently test large volumes of data
D. To assist in performing analytical reviews
Answer
C. To efficiently test large volumes of data
CISA Question 1947
Question
Batch processes running in multiple countries are merged to one batch job to be executed in a single data center. Which of the following is the GREATEST concern with this approach?
A. The job execution approval process at the regional level may be compromised
B. The knowledge base maintained by current staff may be lost
C. Change management may become highly complex after job integration
D. Restart of the batch job after disruption may impair the integrity of databases
Answer
D. Restart of the batch job after disruption may impair the integrity of databases
CISA Question 1948
Question
An organization is disposing of a system containing sensitive data and has deleted all files from the disk. An IS auditor should be concerned because:
A. deleted data cannot easily be retrieved.
B. deleting the files logically does not overwrite the files’ physical data.
C. backup copies of files were not deleted as well.
D. deleting all files separately is not as efficient as formatting the hard disk.
Answer
B. deleting the files logically does not overwrite the files’ physical data.
CISA Question 1949
Question
Which of the following is the GREATEST risk associated with conducting penetration testing on a business-critical application production environment?
A. Data integrity may become compromised
B. This type of testing may not adhere to audit standards
C. System owners may not be informed in advance
D. Results may differ from those obtained in the test environment
Answer
A. Data integrity may become compromised
CISA Question 1950
Question
Which of the following is the BEST way to mitigate the risk associated with technology obsolescence?
A. Make provisions in the budgets for potential upgrades
B. Create a technology watch team that evaluates emerging trends
C. Invest in current technology
D. Create tactical and strategic IS plans
Answer
D. Create tactical and strategic IS plans
Alex Lim
Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook
