Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 2

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 101

Question

A healthcare facility offers patients health tracking devices that can be monitored remotely by healthcare professionals. Which of the following is the BEST way to protect patient personal information from unauthorized exfiltration?

A. Restrict the devices to using Internet Protocol (IP) version 6 only
B. Add a digital certificate to the devices that limits communication to specific servers
C. Provide the patients with Internet security training and education programs
D. Configure the devices to reboot automatically every 7 days

Answer

B. Add a digital certificate to the devices that limits communication to specific servers

CISA Question 102

Question

Critical processes are not defined in an organization’s business continuity plan (BCP). Which of the following would have MOST likely identified the gap?

A. Updating the risk register
B. Reviewing the business continuity strategy
C. Reviewing the business impact analysis (BIA)
D. Testing the incident response plan

Answer

D. Testing the incident response plan

CISA Question 103

Question

Which of the following recommendations by an IS auditor is the BEST control to protect an organization’s corporate network from the guest wireless network?

A. Hide the service set identifier (SSID) of the guest network
B. Place the guest network in its own virtual local area network (LAN)
C. Authenticate devices connecting to the guest network
D. Ensure the guest access point is running the latest software

Answer

B. Place the guest network in its own virtual local area network (LAN)

CISA Question 104

Question

Which of the following would BEST protect the confidentiality of sensitive data in transit between multiple offices?

A. Public key infrastructure (PKI)
B. Kerberos
C. Digital signatures
D. Hash algorithms

Answer

A. Public key infrastructure (PKI)

CISA Question 105

Question

Which of the following is the PRIMARY protocol for protecting outbound content from tampering and eavesdropping?

A. Transport Layer Security (TLS)
B. Point-to-Point Protocol (PPP)
C. Secure Shell (SSH)
D. Internet Key Exchange (IKE)

Answer

A. Transport Layer Security (TLS)

CISA Question 106

Question

As part of business continuity planning, which of the following is MOST important to assess when conducting a business impact analysis (BIA)?

A. Risk appetite
B. Recovery scenarios
C. Completeness of critical asset inventory
D. Critical applications in the cloud

Answer

C. Completeness of critical asset inventory

CISA Question 107

Question

Which of the following statements appearing in an organization’s acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?

A. Information assets should only be accessed by persons with a justified need
B. All information assets must be encrypted when stored on the organization’s systems
C. Any information assets transmitted over a public network must be approved by executive management
D. All information assets will be assigned a clearly defined level to facilitate proper employee handling

Answer

D. All information assets will be assigned a clearly defined level to facilitate proper employee handling

CISA Question 108

Question

Which of the following is the GREATEST advantage of vulnerability scanning over penetration testing?

A. Custom-developed applications can be tested more accurately.
B. The testing produces a lower number of false positive results.
C. The testing process can be automated to cover large groups of assets.
D. Network bandwidth is utilized more efficiently.

Answer

C. The testing process can be automated to cover large groups of assets.

CISA Question 109

Question

Which of the following is the BEST way to ensure payment transaction data is restricted to the appropriate users?

A. Using a single menu for sensitive application transactions
B. Restricting access to transactions using network security software
C. Implementing two-factor authentication
D. Implementing role-based access at the application level

Answer

B. Restricting access to transactions using network security software

CISA Question 110

Question

During a database security audit, an IS auditor is reviewing the process used to upload source data. Which of the following is the MOST significant risk area for the auditor to focus on?

A. Data integrity
B. Data sensitivity
C. Data resilience
D. Data normalization

Answer

C. Data resilience

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.