Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 20

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2131

Question

Which of the following BEST contributes to the successful management of security incidents?

A. Tested controls
B. Established procedures
C. Established policies
D. Current technologies

Answer

B. Established procedures

CISA Question 2132

Question

The MOST critical security weakness of a packet level firewall is that it can be circumvented by:

A. using a dictionary attack of encrypted passwords.
B. changing the source address on incoming packets.
C. intercepting packets and viewing passwords sent in clear text.
D. deciphering the signature information of the packets.

Answer

B. changing the source address on incoming packets.

CISA Question 2133

Question

When replacing a critical software application, which of the following provides for the LOWEST risk of interruption to business processes?

A. Parallel implementation
B. Pilot implementation
C. Incremental implementation
D. Big-bang implementation

Answer

A. Parallel implementation

CISA Question 2134

Question

Which of the following is the BEST approach to verify that internal help desk procedures are executed in compliance with policies?

A. Benchmark help desk procedures.
B. Interview end users.
C. Test a sample of closed tickets.
D. Evaluate help desk call metrics.

Answer

C. Test a sample of closed tickets.

CISA Question 2135

Question

The BEST way to prevent fraudulent payments is to implement segregation of duties between payment processing and:

A. requisition creation.
B. vendor setup.
C. payment approval.
D. check creation.

Answer

C. payment approval.

CISA Question 2136

Question

Requiring that passwords contain a combination of numeric and alphabetic characters is MOST effective against which type of attack?

A. Denial of service
B. Dictionary
C. Social engineering
D. Programmed

Answer

B. Dictionary

CISA Question 2137

Question

A grants management system is used to calculate grant payments. Once per day, a batch interface extracts grant amounts and payee details from this system for import into the finance system so payments can be made overnight. Which of the following controls provides the GREATEST assurance of the accuracy and completeness of the imported payments?

A. Performing monthly bank reconciliations in a timely manner
B. Restricting access to the grants and finance systems
C. Reviewing transaction logs for anomalies
D. Reconciling data from both systems

Answer

D. Reconciling data from both systems

CISA Question 2138

Question

Which of the following would BEST indicate the effectiveness of a security awareness training program?

A. Increased number of employees completing training
B. Employee satisfaction with training
C. Reduced unintentional violations
D. Results of third-party social engineering tests.

Answer

D. Results of third-party social engineering tests.

CISA Question 2139

Question

Which of the following is the GREATEST risk posed by denial-of-service attacks?

A. Confidential information leakage
B. Loss of integrity and corruption of databases
C. Loss of reputation and business
D. Unauthorized access to the systems

Answer

C. Loss of reputation and business

CISA Question 2140

Question

Which of the following is the MOST important activity to undertake to avoid rework later in a project?

A. Control review
B. Risk assessment
C. Acceptance testing
D. Phase review

Answer

D. Phase review

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.