The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2101
- Question
- Answer
- CISA Question 2102
- Question
- Answer
- CISA Question 2103
- Question
- Answer
- CISA Question 2104
- Question
- Answer
- CISA Question 2105
- Question
- Answer
- CISA Question 2106
- Question
- Answer
- CISA Question 2107
- Question
- Answer
- CISA Question 2108
- Question
- Answer
- CISA Question 2109
- Question
- Answer
- CISA Question 2110
- Question
- Answer
CISA Question 2101
Question
Which of the following incident management practices would BEST facilitate rapid resolution and reduce downtime from unplanned interruptions?
A. Ensuring the service desk has access to catalogs of known errors
B. Ensuring IT systems are monitored on a continual basis
C. Ensuring incidents with unknown root causes are escalated
D. Ensuring the service desk is trained on issue resolution
Answer
B. Ensuring IT systems are monitored on a continual basis
CISA Question 2102
Question
After an employee termination, a network account was removed, but the application account remained active. To keep this issue from recurring, which of the following is the BEST recommendation?
A. Integrate application accounts with network single sign-on.
B. Perform periodic access reviews.
C. Leverage shared accounts for the application.
D. Retrain system administration staff.
Answer
A. Integrate application accounts with network single sign-on.
CISA Question 2103
Question
Which of the following is the BEST way to mitigate the risk associated with a document storage application that has a syncing feature that could allow malware to spread to other machines in the network?
A. An audit should be conducted to detect shadow data and shadow IT in the network.
B. User behavior modeling and analysis should be performed to discover anomalies in user behavior.
C. Content inspection technologies should be used to scan files for sensitive data.
D. All files should be scanned when they are uploaded to and downloaded from the application.
Answer
D. All files should be scanned when they are uploaded to and downloaded from the application.
CISA Question 2104
Question
Which of the following is an example of a corrective control?
A. Restoring system information from data backups
B. Utilizing processes that enforce segregation of duties
C. Generating automated batch job failure notifications
D. Employing only qualified personnel to execute tasks
Answer
A. Restoring system information from data backups
CISA Question 2105
Question
Which of the following is the BEST indication that an organization’s security incident and event monitoring (SIEM) capability is operating effectively?
A. Security event logging is centralized.
B. Security event logging policies are defined.
C. Security event logging is enabled for individual applications.
D. Security event logging is correlated across multiple applications.
Answer
D. Security event logging is correlated across multiple applications.
CISA Question 2106
Question
Which of the following observations should be of MOST concern to an IS auditor evaluating an IT security team’s incident handling practices?
A. The team’s scope covers any nonstandard operation of IT services within the organization.
B. The prioritization of incidents is not done through a standardized process.
C. Defined acceptable ranges for incident resolution are not established.
D. Unresolved incidents are escalated based on criteria set by the organization’s CIO.
Answer
C. Defined acceptable ranges for incident resolution are not established.
CISA Question 2107
Question
An IT department is unaware of spreadsheets and databases that have been created by business end users to support their respective operations.
Which of the following is the GREATEST risk in this situation?
A. End-user solutions may not have proper documentation.
B. End-user developed systems may duplicate data.
C. End-user solutions may not be protected by IT general controls.
D. End-user developed systems may be inefficient.
Answer
C. End-user solutions may not be protected by IT general controls.
CISA Question 2108
Question
Using development and operations (DevOps) processes, an organization’s IT department has automated the process of replacing application programming interfaces (APIs) in production with new versions. Which of the following controls would BEST reduce the risk of vulnerabilities in this situations?
A. Review API change requests to ensure appropriate authorization exists
B. Conduct API security testing prior to release into production
C. Examine API log files to determine when changes occur in production
D. Review an up-to-date inventory of APIs in production for completeness
Answer
B. Conduct API security testing prior to release into production
CISA Question 2109
Question
An IS audit of help desk operations reveals that a number of similar issues have recently been reported to the help desk, but incident details have not been tracked. Which of the following is the MOST significant risk in this situation?
A. The help desk may not be meeting agreed-upon service levels.
B. The help desk may not be able to perform root cause analysis.
C. The help desk may lack resources to investigate incidents.
D. The help desk may not respond to incidents in a timely manner.
Answer
B. The help desk may not be able to perform root cause analysis.
CISA Question 2110
Question
An IS auditor notes that several recent incidents related to server overload were not anticipated early enough by IT operations to prevent outages.
Which of the following is the auditor’s BEST recommendation?
A. Update the IT operations balanced scorecard.
B. Improve training for IT operations personnel.
C. Re-evaluate key performance indicators (KPIs).
D. Purchase additional server hardware.
Answer
A. Update the IT operations balanced scorecard.