The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2231
- Question
- Answer
- CISA Question 2232
- Question
- Answer
- CISA Question 2233
- Question
- Answer
- CISA Question 2234
- Question
- Answer
- CISA Question 2235
- Question
- Answer
- CISA Question 2236
- Question
- Answer
- CISA Question 2237
- Question
- Answer
- CISA Question 2238
- Question
- Answer
- CISA Question 2239
- Question
- Answer
- CISA Question 2240
- Question
- Answer
CISA Question 2231
Question
Which of the following would BEST determine whether a post implementation review (PIR) performed by the project management office (PMO) was effective?
A. The review was performed by an external provider.
B. Management approved the PIR report.
C. Lessons learned were implemented.
D. Project outcomes have been realized.
Answer
D. Project outcomes have been realized.
CISA Question 2232
Question
An organization is planning to outsource its customer relationship management (CRM) system to a Software as a Service (SaaS) provider. Which of the following is MOST important to include in the contract?
A. Service levels for change management
B. CRM system intellectual property rights
C. Nondisclosure agreement
D. Maximum number of licenses allowed
Answer
B. CRM system intellectual property rights
CISA Question 2233
Question
Which of the following is MOST likely to improve the portability of an application connected to a database?
A. Analyzing stored procedures and triggers
B. Optimizing the database physical schema
C. Verifying database import and export procedures
D. Using a structured query language (SQL)
Answer
D. Using a structured query language (SQL)
CISA Question 2234
Question
A financial institution suspects that a manager has been crediting customer accounts without authorization. Which of the following is the MOST effective method to validate this concern?
A. Variable sampling
B. Stop or go sampling
C. Attribute sampling
D. Discovery sampling
Answer
D. Discovery sampling
CISA Question 2235
Question
Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?
A. Inability to utilize the site when required
B. Inability to test the recovery plans onsite
C. Mismatched organizational security policies
D. Equipment compatibility issues at the site
Answer
B. Inability to test the recovery plans onsite
CISA Question 2236
Question
A transaction processing system interfaces with the general ledger. Data analytics has identified that some transactions are being recorded twice in the general ledger. While management states a system fix has been implemented, what should the IS auditor recommend to validate the interface is working in the future?
A. Perform periodic reconciliations.
B. Ensure system owner sign-off for the system fix.
C. Conduct functional testing.
D. Improve user acceptance testing (UAT).
Answer
A. Perform periodic reconciliations.
CISA Question 2237
Question
Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?
A. A high percentage of incidents being quickly resolved
B. A high percentage of stakeholders satisfied with the quality of IT
C. A high percentage of IT processes reviewed by quality assurance
D. A high percentage of IT employees attending quality training
Answer
A. A high percentage of incidents being quickly resolved
CISA Question 2238
Question
Which of the following functions is MOST likely to be performed by an operating system utility residing on a web server?
A. Generating control totals for terminal devices such as point-of-sale devices.
B. Configuring network protocols.
C. Sending and receiving terminal warnings and error messages.
D. Monitoring utilization activity and traffic patterns.
Answer
D. Monitoring utilization activity and traffic patterns.
CISA Question 2239
Question
Which of the following would present the GREATEST risk to the effectiveness of a security operations center for a global financial institution processing transactions 24ֳ —7?
A. Incident response reporting is based on open-source software.
B. Incident response is conducted from a single location during normal business hours.
C. Correlation of events excludes logs for pre-production systems.
D. The incident response function is outsourced to a third-party provider.
Answer
B. Incident response is conducted from a single location during normal business hours.
CISA Question 2240
Question
Which of the following would provide the MOST important input during the planning phase for an audit on the implementation of a bring your own device (BYOD) program?
A. Policies including BYOD acceptable use statements
B. Results of a risk assessment
C. An inventory of personal devices to be connected to the corporate network
D. Findings from prior audits
Answer
B. Results of a risk assessment