The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2391
- Question
- Answer
- CISA Question 2392
- Question
- Answer
- CISA Question 2393
- Question
- Answer
- CISA Question 2394
- Question
- Answer
- CISA Question 2395
- Question
- Answer
- CISA Question 2396
- Question
- Answer
- CISA Question 2397
- Question
- Answer
- CISA Question 2398
- Question
- Answer
- CISA Question 2399
- Question
- Answer
- CISA Question 2400
- Question
- Answer
CISA Question 2391
Question
Which of the following application input controls would MOST likely detect data input errors in the customer account number field during the processing of an accounts receivable transaction?
A. Validity check
B. Reasonableness check
C. Parity check
D. Limit check
Answer
A. Validity check
CISA Question 2392
Question
Following a successful attack on an organization’s web server, which of the following actions should be performed FIRST?
A. Review the boundary configuration rules to ensure that outbound packets are limited
B. Evaluate and deploy an intrusion detection system
C. Periodically scan the network for systems with well-known vulnerabilities
D. Establish reference systems using cryptographic checksum tools
Answer
A. Review the boundary configuration rules to ensure that outbound packets are limited
CISA Question 2393
Question
For several years, a vendor has been providing offsite backup media and record storage for a bank. Due to familiarity with bank employees, the vendor does not consistently require authorization forms from them to retrieve media. Which of the following is the GREATEST risk from this situation?
A. Bank employees can inappropriately obtain sensitive records
B. Backup tapes may not be available
C. Chain of custody could not be validated
D. The vendor provides the incorrect media to employees
Answer
C. Chain of custody could not be validated
CISA Question 2394
Question
The BEST access strategy while configuring a firewall would be to:
A. permit access to all and log the activity
B. deny access to all but permit selected
C. permit access to all but deny selected
D. deny access to all except authorized programs
Answer
D. deny access to all except authorized programs
CISA Question 2395
Question
Which of the following is the MOST important feature of access control software?
A. Authentication
B. Violation reporting
C. Nonrepudiation
D. Identification
Answer
A. Authentication
CISA Question 2396
Question
Reconciliations have identified data discrepancies between an enterprise data warehouse and a revenue system for key financial reports. What is the GREATEST risk to the organization in this situation?
A. The key financial reports may no longer be produced
B. Financial reports may be delayed
C. Undetected fraud may occur
D. Decisions may be made based on incorrect information
Answer
C. Undetected fraud may occur
CISA Question 2397
Question
Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?
A. Stress testing
B. Regression testing
C. User acceptance testing
D. Black-box testing
Answer
B. Regression testing
CISA Question 2398
Question
Which of the following MOST effectively provides assurance of ongoing service delivery by a vendor?
A. Regular status reporting provided by the vendor
B. Short incident response time by the vendor
C. Pre-defined service and operational level agreements
D. Regular monitoring by service management team
Answer
C. Pre-defined service and operational level agreements
CISA Question 2399
Question
Several remote users have been unable to communicate with a secured network news transfer protocol (NNTP) server. Of the following, the MOST likely cause is:
A. the use of a password cracker
B. a hacker impersonating the server
C. a hacker using a sniffer
D. a replay attack by an eavesdropper
Answer
B. a hacker impersonating the server
CISA Question 2400
Question
Which of the following is the BEST way to increase the effectiveness of security incident detection?
A. Determining containment activities based on the type of incident
B. Establishing service level agreements (SLAs) with appropriate forensic service providers
C. Educating end users on identifying suspicious activity
D. Documenting root cause analysis procedures
Answer
D. Documenting root cause analysis procedures