The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2241
- Question
- Answer
- CISA Question 2242
- Question
- Answer
- CISA Question 2243
- Question
- Answer
- CISA Question 2244
- Question
- Answer
- CISA Question 2245
- Question
- Answer
- CISA Question 2246
- Question
- Answer
- CISA Question 2247
- Question
- Answer
- CISA Question 2248
- Question
- Answer
- CISA Question 2249
- Question
- Answer
- CISA Question 2250
- Question
- Answer
CISA Question 2241
Question
During a review of operations, it is noted that during a batch update, an error was detected and the database initiated a roll-back. An IT operator stopped the roll- back and re-initiated the update. What should the operator have done PRIOR to re-initiating the update?
A. Determined the cause of the error
B. Obtained approval before re-initiating the update
C. Allowed the roll-back to complete
D. Scheduled the roll-back for a later time
Answer
A. Determined the cause of the error
CISA Question 2242
Question
Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions. Which of the following is MOST important for the organization to ensure?
A. The policy includes a strong risk-based approach.
B. The retention period allows for review during the year-end audit.
C. The total transaction amount has no impact on financial reporting.
D. The retention period complies with data owner responsibilities.
Answer
D. The retention period complies with data owner responsibilities.
CISA Question 2243
Question
Which of the following is the GREATEST cause for concern when an organization is planning to migrate business-critical applications to the cloud using a Platform as a Service (PaaS) model?
A. The organization will not manage operating system patches.
B. The cloud provider does not offer regional redundancy.
C. Compliance requirements are not being validated.
D. Application data will not be encrypted at rest.
Answer
A. The organization will not manage operating system patches.
CISA Question 2244
Question
Which of the following is the BEST point in time to conduct a post-implementation review (PIR)?
A. After a full processing cycle
B. Immediately after deployment
C. To coincide with annual PIR cycle
D. Six weeks after deployment
Answer
A. After a full processing cycle
CISA Question 2245
Question
An organization outsourced its IS functions. To meet its responsibility for disaster recovery, the organization should:
A. delegate evaluation of disaster recovery to internal audit.
B. delegate evaluation of disaster recovery to a third party.
C. discontinue the maintenance of the disaster recovery plan (DRP).
D. coordinate disaster recovery administration with the outsourcing vendor.
Answer
D. coordinate disaster recovery administration with the outsourcing vendor.
CISA Question 2246
Question
IT help desk statistics show a high number of recurring incidents with known solutions. Which of the following is the BEST IS audit recommendation?
A. Outsource the IT help desk.
B. Provide better training to end users.
C. Implement incident escalation.
D. Hire additional technical support staff.
Answer
B. Provide better training to end users.
CISA Question 2247
Question
An IS auditor performing an audit of backup procedures observes that backup tapes are picked up weekly and stored offsite at a third-party hosting facility. Which of the following recommendations would be the BEST way to maintain data integrity during transport?
A. Ensure the data is transported in locked tamper-evident containers.
B. Ensure that logging and recording of data transport takes place.
C. Ensure the transport company is licensed and insured.
D. Ensure the data is validated prior to transport.
Answer
A. Ensure the data is transported in locked tamper-evident containers.
CISA Question 2248
Question
Which of the following provides the BEST evidence that network filters are functioning?
A. Reviewing network configuration rules
B. Reviewing network filtering policy
C. Performing network port scans
D. Analyzing network performance
Answer
B. Reviewing network filtering policy
CISA Question 2249
Question
An IS auditor is following upon a finding that determined elevated administrator accounts for servers were not being properly checked out and then back in after each use. Which of the following is the MOST appropriate sampling technique to determine the scope of the problem?
A. Stratified sampling
B. Random sampling
C. Attribute sampling
D. Statistical sampling
Answer
C. Attribute sampling
CISA Question 2250
Question
A small organization does not have enough employees to implement adequate segregation of duties in accounts payable. Which of the following is the BEST compensating control to mitigate the risk associated with this situation?
A. Regular reconciliation of key transactions approved by a supervisor
B. Supervisory review of logs to detect changes in vendors
C. Review of transactions exceeding a specific threshold
D. Rotation of duties among existing personnel
Answer
B. Supervisory review of logs to detect changes in vendors