Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 21

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2201

Question

Which of the following test approaches would utilize data analytics to validate customer authentication controls for banking transactions?

A. Review transactions completed for one period that have blank customer identification fields.
B. Attempt to complete a monetary transaction and leave the customer identification fields blank.
C. Review the business requirements document for customer identification requirements.
D. Evaluate configuration settings for transactions requiring customer identification.

Answer

B. Attempt to complete a monetary transaction and leave the customer identification fields blank.

CISA Question 2202

Question

Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?

A. Entity-relationship diagram
B. Process flowchart
C. Data flow diagram
D. Systems flowchart

Answer

B. Process flowchart

CISA Question 2203

Question

Which of the following tools are MOST helpful for benchmarking an existing IT capability?

A. Prior IS audit reports
B. IT maturity models
C. Risk assessments
D. IT balanced scorecards

Answer

D. IT balanced scorecards

CISA Question 2204

Question

Which of the following controls is MOST effective in detecting spam?

A. Denying transmission control protocol (TCP) connections in the mail server
B. Refusing Internet protocol (IP) connections at the router
C. Registering the recipient with keepers of spam lists
D. Using heuristic filters based on the content of the message

Answer

D. Using heuristic filters based on the content of the message

CISA Question 2205

Question

In which of the following cloud service models does the user organization have the GREATEST control over the accuracy of configuration items in its configuration management database (CMDB)?

A. Database as a Service (DbaaS)
B. Software as a Service (SaaS)
C. Platform as a Service (PaaS)
D. Infrastructure as a Service (IaaS)

Answer

D. Infrastructure as a Service (IaaS)

CISA Question 2206

Question

Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?

A. Standardize file naming conventions.
B. Utilize automated version control.
C. Document details on a change register.
D. Embed details within source code.

Answer

B. Utilize automated version control.

CISA Question 2207

Question

An IS auditor finds that a required security patch was not installed on a critical server for more than 6 months. The NEXT course of action should be to:

A. determine the root cause of the delay.
B. review patch management procedures.
C. request the patch be installed as soon as possible.
D. notify senior management of audit findings.

Answer

B. review patch management procedures.

CISA Question 2208

Question

Which of the following should be the FIRST step in the incident response process for a suspected breach?

A. Inform potentially affected customers of the security breach.
B. Notify business management of the security breach.
C. Engage a third party to independently evaluate the alerted breach.
D. Research the validity of the alerted breach.

Answer

D. Research the validity of the alerted breach.

CISA Question 2209

Question

Which of the following would provide the BEST assurance that an organization’s backup media is adequate in the case of a disaster?

A. Scheduled maintenance of the backup device
B. Regular recovery of production systems in a test environment
C. Scheduled read/write tests of the backup media
D. Regular review of backup logs to ensure that all data from the production environment is included

Answer

B. Regular recovery of production systems in a test environment

CISA Question 2210

Question

Which of the following should be considered when examining fire suppression systems as part of a data center environmental controls review?

A. Maintenance procedures
B. Onsite replacement availability
C. Insurance coverage
D. Installation manuals

Answer

A. Maintenance procedures

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker