The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2221
- Question
- Answer
- CISA Question 2222
- Question
- Answer
- CISA Question 2223
- Question
- Answer
- CISA Question 2224
- Question
- Answer
- CISA Question 2225
- Question
- Answer
- CISA Question 2226
- Question
- Answer
- CISA Question 2227
- Question
- Answer
- CISA Question 2228
- Question
- Answer
- CISA Question 2229
- Question
- Answer
- CISA Question 2230
- Question
- Answer
CISA Question 2221
Question
Which of the following is the BEST way to ensure enterprise architectural objectives are aligned with business and technology objectives?
A. Identify dependencies between current and future state technologies.
B. Optimize technology investments with business requirements.
C. Adopt industry-approved architecture standards and best practices.
D. Identify business stakeholder responsibilities for IT projects.
Answer
D. Identify business stakeholder responsibilities for IT projects.
CISA Question 2222
Question
Which of the following is the BEST indicator that an application system’s agreed-upon level of service has been met?
A. Bandwidth usage logs
B. Transaction response time
C. CPU utilization reports
D. Security incident reports
Answer
B. Transaction response time
CISA Question 2223
Question
Which of the following key performance indicators (KPIs) provides the BEST indication of a security awareness campaign’s effectiveness?
A. Reduced average time for incident resolution
B. Percentage of attendees passing the awareness quiz
C. Decrease in the number of help desk calls
D. Increase in the number of reported security incidents
Answer
D. Increase in the number of reported security incidents
CISA Question 2224
Question
Which of the following is the BEST indicator of a mature quality management system (QMS)?
A. Projects are showing continuous improvement.
B. Continuous improvement has been integrated into business processes.
C. End users are satisfied with the outcome of IT projects.
D. Most IT projects have been completed on time and within budget.
Answer
D. Most IT projects have been completed on time and within budget.
CISA Question 2225
Question
What is the purpose of using a write blocker during the acquisition phase of a digital forensics investigation?
A. To preserve chain of custody
B. To protect against self-destruct utilities
C. To prevent the activation of installed malware
D. To prevent evidence alteration
Answer
D. To prevent evidence alteration
CISA Question 2226
Question
Which of the following sampling methods is the BEST approach for drawing conclusions based on frequency of occurrence?
A. Attribute sampling
B. Monetary estimation sampling
C. Stratified sampling
D. Difference estimation sampling
Answer
A. Attribute sampling
CISA Question 2227
Question
Which of the following would be the MOST effective method for detecting duplicate payments?
A. Enciphering and deciphering the message digest
B. Reviewing sequence numbers and time stamps for each transaction
C. Assessing payment history for reasonableness and approval
D. Using a cryptographic hashing algorithm
Answer
B. Reviewing sequence numbers and time stamps for each transaction
CISA Question 2228
Question
When reviewing user access to an application containing sensitive company data, which of the following should be the GREATEST concern with regard to segregation of duties?
A. The help desk performs application backups.
B. The application programmer performs quality assurance functions.
C. The network administrator performs security administrator functions.
D. The database administrator performs system analyst functions
Answer
C. The network administrator performs security administrator functions.
CISA Question 2229
Question
An accounts receivable data entry routine prevents the entry of the same customer with different account numbers. Which of the following is the BEST way to test if this programmed control is effective?
A. Compare source code against authorized software.
B. Implement a computer-assisted audit technique (CAAT).
C. Attempt to create a duplicate customer.
D. Review a sorted customer list for duplicates.
Answer
C. Attempt to create a duplicate customer.
CISA Question 2230
Question
Using swipe cards to limit employee access to restricted areas requires implementing which additional control?
A. Physical sign-in of all employees for access to restricted areas
B. Initial escort of all new hires by a current employee
C. Periodic review of access profiles by management
D. Employee-access criteria determined on the basis of IS experience
Answer
B. Initial escort of all new hires by a current employee