The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 141
- Question
- Answer
- CISA Question 142
- Question
- Answer
- CISA Question 143
- Question
- Answer
- CISA Question 144
- Question
- Answer
- CISA Question 145
- Question
- Answer
- CISA Question 146
- Question
- Answer
- CISA Question 147
- Question
- Answer
- CISA Question 148
- Question
- Answer
- CISA Question 149
- Question
- Answer
- CISA Question 150
- Question
- Answer
CISA Question 141
Question
The use of cookies constitutes the MOST significant security threat when they are used for:
A. authenticating using username and password.
B. downloading files from the host server.
C. obtaining a public key from a certification authority (CA).
D. forwarding email and Internet protocol (IP) addresses.
Answer
A. authenticating using username and password.
CISA Question 142
Question
Which of the following processes would benefit MOST from vulnerability scan results?
A. Traffic management
B. Patch management
C. Asset management
D. Incident management
Answer
B. Patch management
CISA Question 143
Question
Which of the following is the BEST method to delete sensitive information from storage media that will be reused?
A. Multiple-overwriting
B. Crypto-shredding
C. Reformatting
D. Re-partitioning
Answer
B. Crypto-shredding
CISA Question 144
Question
An IS auditor is reviewing a small organization’s business continuity and disaster recovery plans. Which of the following findings would pose the GREATEST concern?
A. Data backup and storage is not performed every day.
B. Practice drills related to the plans are conducted infrequently.
C. The plans are not periodically reviewed and updated.
D. The organization’s hardware is near end-of-life
Answer
A. Data backup and storage is not performed every day.
CISA Question 145
Question
Which of the following attacks would MOST likely result in the interception and modification of traffic for mobile phones connecting to potentially insecure public Wi-Fi networks?
A. Phishing
B. Man-in-the middle
C. Vishing
D. Brute force
Answer
B. Man-in-the middle
CISA Question 146
Question
Which of the following would BEST detect unauthorized modification of data by a database administrator (DBA)?
A. Audit database change requests
B. Audit database activity logs
C. Review changes to edit checks
D. Compare data to input records
Answer
D. Compare data to input records
CISA Question 147
Question
Which of the following findings would be of GREATEST concern when reviewing a business impact analysis (BIA)?
A. There is not adequate documentation to perform a recovery.
B. The business continuity plan (BCP) does not align with corporate strategy.
C. Several key business processes were not included.
D. The recovery point objective (RPO) is not accurate.
Answer
B. The business continuity plan (BCP) does not align with corporate strategy.
CISA Question 148
Question
When a data center is attempting to restore computing facilities at an alternative site following a disaster, which of the following should be restored FIRST?
A. Data backups
B. Decision support system
C. Operating system
D. Applications
Answer
C. Operating system
CISA Question 149
Question
An IS auditor observes that a bank’s web page address is prefixed `https://`. The auditor would be correct to conclude that:
A. the bank has a restricted Internet protocol (IP) address.
B. the bank has established a virtual private network (VPN).
C. the customer is connected to the bank’s intranet.
D. transactions are encrypted.
Answer
D. transactions are encrypted.
CISA Question 150
Question
Which of the following is the MOST important metric in selecting a biometric device?
A. System response time
B. Crossover error rate
C. False rejection rate
D. Image size
Answer
B. Crossover error rate