The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
CISA Question 131
Question
Which of the following user actions constitutes the GREATEST risk for introducing viruses into a local network?
A. Downloading a file from an external server
B. Uploading a file onto an internal server
C. Opening an email attachment
D. Viewing a hypertext markup language (HTML) document
Answer
A. Downloading a file from an external server
CISA Question 132
Question
The practice of performing backups reflects which type of internal control?
A. Corrective
B. Preventive
C. Detective
D. Compensating
Answer
A. Corrective
CISA Question 133
Question
What is the MOST important consideration of any disaster response plan?
A. Personnel safety
B. Business resumption
C. Adequate resource capacity
D. IT asset protection
Answer
A. Personnel safety
CISA Question 134
Question
An IS auditor is evaluating the risk of zero-day attacks and related mitigating controls for an organization. The auditor’s BEST recommendation is to implement:
A. a demilitarized zone (DMZ).
B. a signature-based antivirus program.
C. a heuristic intrusion prevention system (IPS).
D. an intrusion detection system (IDS).
Answer
C. a heuristic intrusion prevention system (IPS).
CISA Question 135
Question
Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?
A. Temperature sensors
B. Air pressure sensors
C. Humidity sensors
D. Water sensors
Answer
D. Water sensors
CISA Question 136
Question
Which of the following is the BEST method to secure credit card information displayed by an application used by both customer service representatives and fraud analysts?
A. Truncation
B. One-way hash
C. Encryption
D. Masking
Answer
C. Encryption
CISA Question 137
Question
The PRIMARY purpose of conducting a test of an alternate site as part of a disaster recovery program is to:
A. assess security awareness among employees.
B. determine recovery time objectives (RTOs).
C. verify the alternate infrastructure works as designed.
D. identify hidden costs for maintaining the site.
Answer
C. verify the alternate infrastructure works as designed.
CISA Question 138
Question
Which of the following BEST help to ensure system resiliency for a business application that processes high-volume and real-time retail transactions?
A. Adequate resourcing for the incident response team
B. Adequate encryption between applications
C. Adequate application clustering
D. Adequate reciprocal recovery agreement
Answer
C. Adequate application clustering
CISA Question 139
Question
A manager identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor in this scenario?
A. Hacktivists
B. Deleted log data
C. Terminated staff
D. Unauthorized access
Answer
C. Terminated staff
CISA Question 140
Question
Which of the following is the BEST control to help prevent sensitive data leaving an organization via email?
A. Scanning outgoing emails
B. Providing encryption solutions for employees
C. Conducting periodic phishing tests
D. Blocking outbound emails sent without encryption
Answer
D. Blocking outbound emails sent without encryption
