The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2111
- Question
- Answer
- CISA Question 2112
- Question
- Answer
- CISA Question 2113
- Question
- Answer
- CISA Question 2114
- Question
- Answer
- CISA Question 2115
- Question
- Answer
- CISA Question 2116
- Question
- Answer
- CISA Question 2117
- Question
- Answer
- CISA Question 2118
- Question
- Answer
- CISA Question 2119
- Question
- Answer
- CISA Question 2120
- Question
- Answer
CISA Question 2111
Question
Which of the following is an advantage of decentralized security administration?
A. Greater integrity
B. Faster turnaround
C. More uniformity
D. Better-trained administrators
Answer
C. More uniformity
CISA Question 2112
Question
Which of the following is a substantive test procedure?
A. Using audit software to verify the total of an accounts receivable file
B. Observing that user IDs and passwords are required to sign on to the online system
C. Test of invoice calculation process
D. Verifying that appropriate approvals are documented in a sample of program changes
Answer
A. Using audit software to verify the total of an accounts receivable file
CISA Question 2113
Question
In an IT organization where many responsibilities are shared, which of the following would be the BEST control for detecting unauthorized data changes?
A. Data changes are independently reviewed by another group.
B. Users are required to periodically rotate responsibilities.
C. Segregation of duties conflicts are periodically reviewed.
D. Data changes are logged in an outside application.
Answer
D. Data changes are logged in an outside application.
CISA Question 2114
Question
Which of the following is the GREATEST risk of cloud computing?
A. Reduced performance
B. Disclosure of data
C. Lack of scalability
D. Inflexibility
Answer
B. Disclosure of data
CISA Question 2115
Question
Which of the following would BEST ensure the confidentiality of sensitive data during transmission?
A. Restricting the recipient through destination IP addresses
B. Sending data over public networks using Secure Sockets Layer (SSL)
C. Password protecting data over virtual local area networks (VLAN)
D. Sending data through proxy servers
Answer
C. Password protecting data over virtual local area networks (VLAN)
CISA Question 2116
Question
A client/server configuration will:
A. optimize system performance by having a server on a front-end and clients on a host
B. enhance system performance through the separation of front-end and back-end processes
C. keep track of all the clients using the IS facilities of a service organization
D. limit the clients and servers’ relationship by limiting the IS facilities to a single hardware system
Answer
A. optimize system performance by having a server on a front-end and clients on a host
CISA Question 2117
Question
An organization has purchased a security information and event management (SIEM) tool. Which of the following would be MOST important to consider before implementation?
A. The contract with the SIEM vendor
B. Controls to be monitored
C. Available technical support
D. Reporting capabilities
Answer
B. Controls to be monitored
CISA Question 2118
Question
What should be the MAIN goal of an organization’s incident response plan?
A. Keep stakeholders notified of incident status.
B. Enable appropriate response according to criticality.
C. Correlate incidents from different systems.
D. Identify the root cause of the incident.
Answer
D. Identify the root cause of the incident.
CISA Question 2119
Question
Which of the following is the MOST important outcome of testing incident response plans?
A. Internal procedures are improved.
B. An action plan is available for senior management.
C. Staff is educated about current threats.
D. Areas requiring investment are identified.
Answer
A. Internal procedures are improved.
CISA Question 2120
Question
An information security manager has discovered a potential security breach in a server that supports a critical business process. Which of the following should be the information security manager’s FIRST course of action?
A. Validate that there has been an incident
B. Notify the business process owner
C. Shut down the server in an organized manner
D. Inform senior management of the incident
Answer
A. Validate that there has been an incident