The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2341
- Question
- Answer
- CISA Question 2342
- Question
- Answer
- CISA Question 2343
- Question
- Answer
- CISA Question 2344
- Question
- Answer
- CISA Question 2345
- Question
- Answer
- CISA Question 2346
- Question
- Answer
- CISA Question 2347
- Question
- Answer
- CISA Question 2348
- Question
- Answer
- CISA Question 2349
- Question
- Answer
- CISA Question 2350
- Question
- Answer
CISA Question 2341
Question
Which of the following IS audit findings should be of GREATEST concern when preparing to migrate to a new core system using a direct cut-over?
A. Incomplete test cases for some critical reports
B. Informal management approval to go live
C. Lack of a rollback strategy for the system go-live
D. Plans to use some workarounds for an extended period after go-live
Answer
C. Lack of a rollback strategy for the system go-live
CISA Question 2342
Question
The IS auditor of a power company finds that the radio link to a remote mountain site is experiencing systematic outages under specific weather conditions. The communications manager explains that increasing the radio power would require a new license and would help little. What is the MOST appropriate action by the IS auditor?
A. Recommend that the site’s data collection and transmission be non-interruptible.
B. Review the installation license, permissions and associated costs.
C. Recommend that the site’s hardware be upgraded to record data during outages.
D. Gather additional information to identify threats, vulnerabilities, and impact.
Answer
D. Gather additional information to identify threats, vulnerabilities, and impact.
CISA Question 2343
Question
Which of the following sampling techniques is commonly used in fraud detection when the expected occurrence rate is small and the specific controls are critical?
A. Discovery sampling
B. Monetary unit sampling
C. Stop-or-go sampling
D. Random sampling
Answer
C. Stop-or-go sampling
CISA Question 2344
Question
The objective of using coding standards for systems development is to:
A. facilitate program maintenance.
B. facilitate user testing.
C. ensure the completeness of requirements.
D. ensure that business needs are met.
Answer
C. ensure the completeness of requirements.
CISA Question 2345
Question
Which of the following would be MOST helpful when assessing how applications exchange data with other applications?
A. List of servers and their applications
B. Entity relationship diagram
C. Results of a risk assessment on the applications
D. Configuration management database
Answer
B. Entity relationship diagram
CISA Question 2346
Question
During a business process re-engineering (BPR) program, IT can assist with:
A. total cost of ownership.
B. focusing on value-added tasks.
C. segregation of duties.
D. streamlining of tasks.
Answer
B. focusing on value-added tasks.
CISA Question 2347
Question
Which of the following BEST provides continuous availability of network bandwidth for critical application services?
A. Configuration management
B. Cloud computing
C. Problem management
D. Quality of service (QoS)
Answer
D. Quality of service (QoS)
CISA Question 2348
Question
Which of the following is the BEST type of backup to minimize the associated time and media?
A. Differential
B. Incremental
C. Mirror
D. Compressed full
Answer
A. Differential
CISA Question 2349
Question
Inherent risk ratings are determined by assessing the impact and likelihood of a threat or vulnerability occurring:
A. after internal controls are taken into account.
B. before the risk appetite is established.
C. after compensating controls have been applied.
D. before internal controls are taken into account
Answer
D. before internal controls are taken into account
CISA Question 2350
Question
Which of the following is the BEST approach for performing a business impact analysis (BIA) of a supply-chain management application?
A. Circulating questionnaires to key internal stakeholders
B. Interviewing groups of key stakeholders
C. Accepting IT personnel’s view of business issues
D. Reviewing the organization’s policies and procedures
Answer
D. Reviewing the organization’s policies and procedures