Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 20

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2111

Question

Which of the following is an advantage of decentralized security administration?

A. Greater integrity
B. Faster turnaround
C. More uniformity
D. Better-trained administrators

Answer

C. More uniformity

CISA Question 2112

Question

Which of the following is a substantive test procedure?

A. Using audit software to verify the total of an accounts receivable file
B. Observing that user IDs and passwords are required to sign on to the online system
C. Test of invoice calculation process
D. Verifying that appropriate approvals are documented in a sample of program changes

Answer

A. Using audit software to verify the total of an accounts receivable file

CISA Question 2113

Question

In an IT organization where many responsibilities are shared, which of the following would be the BEST control for detecting unauthorized data changes?

A. Data changes are independently reviewed by another group.
B. Users are required to periodically rotate responsibilities.
C. Segregation of duties conflicts are periodically reviewed.
D. Data changes are logged in an outside application.

Answer

D. Data changes are logged in an outside application.

CISA Question 2114

Question

Which of the following is the GREATEST risk of cloud computing?

A. Reduced performance
B. Disclosure of data
C. Lack of scalability
D. Inflexibility

Answer

B. Disclosure of data

CISA Question 2115

Question

Which of the following would BEST ensure the confidentiality of sensitive data during transmission?

A. Restricting the recipient through destination IP addresses
B. Sending data over public networks using Secure Sockets Layer (SSL)
C. Password protecting data over virtual local area networks (VLAN)
D. Sending data through proxy servers

Answer

C. Password protecting data over virtual local area networks (VLAN)

CISA Question 2116

Question

A client/server configuration will:

A. optimize system performance by having a server on a front-end and clients on a host
B. enhance system performance through the separation of front-end and back-end processes
C. keep track of all the clients using the IS facilities of a service organization
D. limit the clients and servers’ relationship by limiting the IS facilities to a single hardware system

Answer

A. optimize system performance by having a server on a front-end and clients on a host

CISA Question 2117

Question

An organization has purchased a security information and event management (SIEM) tool. Which of the following would be MOST important to consider before implementation?

A. The contract with the SIEM vendor
B. Controls to be monitored
C. Available technical support
D. Reporting capabilities

Answer

B. Controls to be monitored

CISA Question 2118

Question

What should be the MAIN goal of an organization’s incident response plan?

A. Keep stakeholders notified of incident status.
B. Enable appropriate response according to criticality.
C. Correlate incidents from different systems.
D. Identify the root cause of the incident.

Answer

D. Identify the root cause of the incident.

CISA Question 2119

Question

Which of the following is the MOST important outcome of testing incident response plans?

A. Internal procedures are improved.
B. An action plan is available for senior management.
C. Staff is educated about current threats.
D. Areas requiring investment are identified.

Answer

A. Internal procedures are improved.

CISA Question 2120

Question

An information security manager has discovered a potential security breach in a server that supports a critical business process. Which of the following should be the information security manager’s FIRST course of action?

A. Validate that there has been an incident
B. Notify the business process owner
C. Shut down the server in an organized manner
D. Inform senior management of the incident

Answer

A. Validate that there has been an incident

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker