The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2131
- Question
- Answer
- CISA Question 2132
- Question
- Answer
- CISA Question 2133
- Question
- Answer
- CISA Question 2134
- Question
- Answer
- CISA Question 2135
- Question
- Answer
- CISA Question 2136
- Question
- Answer
- CISA Question 2137
- Question
- Answer
- CISA Question 2138
- Question
- Answer
- CISA Question 2139
- Question
- Answer
- CISA Question 2140
- Question
- Answer
CISA Question 2131
Question
Which of the following BEST contributes to the successful management of security incidents?
A. Tested controls
B. Established procedures
C. Established policies
D. Current technologies
Answer
B. Established procedures
CISA Question 2132
Question
The MOST critical security weakness of a packet level firewall is that it can be circumvented by:
A. using a dictionary attack of encrypted passwords.
B. changing the source address on incoming packets.
C. intercepting packets and viewing passwords sent in clear text.
D. deciphering the signature information of the packets.
Answer
B. changing the source address on incoming packets.
CISA Question 2133
Question
When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?
A. Parallel implementation
B. Pilot implementation
C. Incremental implementation
D. Big-bang implementation
Answer
A. Parallel implementation
CISA Question 2134
Question
Which of the following is the BEST approach to verify that internal help desk procedures are executed in compliance with policies?
A. Benchmark help desk procedures.
B. Interview end users.
C. Test a sample of closed tickets.
D. Evaluate help desk call metrics.
Answer
C. Test a sample of closed tickets.
CISA Question 2135
Question
The BEST way to prevent fraudulent payments is to implement segregation of duties between payment processing and:
A. requisition creation.
B. vendor setup.
C. payment approval.
D. check creation.
Answer
C. payment approval.
CISA Question 2136
Question
Requiring that passwords contain a combination of numeric and alphabetic characters is MOST effective against which type of attack?
A. Denial of service
B. Dictionary
C. Social engineering
D. Programmed
Answer
B. Dictionary
CISA Question 2137
Question
A grants management system is used to calculate grant payments. Once per day, a batch interface extracts grant amounts and payee details from this system for import into the finance system so payments can be made overnight. Which of the following controls provides the GREATEST assurance of the accuracy and completeness of the imported payments?
A. Performing monthly bank reconciliations in a timely manner
B. Restricting access to the grants and finance systems
C. Reviewing transaction logs for anomalies
D. Reconciling data from both systems
Answer
D. Reconciling data from both systems
CISA Question 2138
Question
Which of the following would BEST indicate the effectiveness of a security awareness training program?
A. Increased number of employees completing training
B. Employee satisfaction with training
C. Reduced unintentional violations
D. Results of third-party social engineering tests.
Answer
D. Results of third-party social engineering tests.
CISA Question 2139
Question
Which of the following is the GREATEST risk posed by denial-of-service attacks?
A. Confidential information leakage
B. Loss of integrity and corruption of databases
C. Loss of reputation and business
D. Unauthorized access to the systems
Answer
C. Loss of reputation and business
CISA Question 2140
Question
Which of the following is the MOST important activity to undertake to avoid rework later in a project?
A. Control review
B. Risk assessment
C. Acceptance testing
D. Phase review
Answer
D. Phase review