The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2361
- Question
- Answer
- CISA Question 2362
- Question
- Answer
- CISA Question 2363
- Question
- Answer
- CISA Question 2364
- Question
- Answer
- CISA Question 2365
- Question
- Answer
- CISA Question 2366
- Question
- Answer
- CISA Question 2367
- Question
- Answer
- CISA Question 2368
- Question
- Answer
- CISA Question 2369
- Question
- Answer
- CISA Question 2370
- Question
- Answer
CISA Question 2361
Question
The MAJOR reason for segregating test programs from production programs is to:
A. achieve segregation of duties between IS staff and end users.
B. limit access rights of IS staff to the development environment.
C. provide control over program changes.
D. provide the basis for efficient system change management.
Answer
D. provide the basis for efficient system change management.
CISA Question 2362
Question
Which of the following should be the MOST important consideration when establishing data classification standards?
A. An education campaign is established upon rollout.
B. Reporting metrics are established.
C. Management supports the newly developed standards.
D. The standards comply with relevant regulations.
Answer
C. Management supports the newly developed standards.
CISA Question 2363
Question
Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?
A. Configure each authentication server and ensure that the disks of each server form part of a duplex.
B. Configure each authentication server as belonging to a cluster of authentication servers.
C. Configure a single server as a primary authentication server and a second server as a secondary authentication server.
D. Configure each authentication server and ensure that each disk of its RAID is attached to the primary controller.
Answer
B. Configure each authentication server as belonging to a cluster of authentication servers.
CISA Question 2364
Question
Which of the following would be the MOST effective method to address software license violations on employee workstations?
A. Restricting administrative rights on employee workstations
B. Requiring automated installation of software
C. Scanning of workstations daily for unauthorized software use
D. Implementing real-time monitoring software on employee workstations
Answer
A. Restricting administrative rights on employee workstations
CISA Question 2365
Question
When conducting a follow-up audit on an organization’s firewall configuration, the IS auditor discovered that the firewall had been integrated into a new system that provides both firewall and intrusion detection capabilities. The IS auditor should:
A. consider the follow-up audit unnecessary since the firewall is no longer being used.
B. assess whether the integrated system addresses the identified risk.
C. review the compatibility of the new system with existing network controls.
D. evaluate whether current staff is able to support the new system.
Answer
B. assess whether the integrated system addresses the identified risk.
CISA Question 2366
Question
What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?
A. Software escrow was not negotiated.
B. An operational level agreement (OLA) was not negotiated.
C. The contract does not contain a right-to-audit clause.
D. Several vendor deliverables missed the commitment date.
Answer
C. The contract does not contain a right-to-audit clause.
CISA Question 2367
Question
The MOST important reason for documenting all aspects of a digital forensic investigation is that documentation:
A. provides traceability for independent investigation by third parties.
B. ensures compliance with corporate incident response policies.
C. ensures the process will be repeatable in future investigations.
D. meets IT audit documentation standards.
Answer
A. provides traceability for independent investigation by third parties.
CISA Question 2368
Question
Which of the following could be used to evaluate the effectiveness of IT operations?
A. Total cost of ownership
B. Net present value
C. Balanced scorecard
D. Internal rate of return
Answer
C. Balanced scorecard
CISA Question 2369
Question
The operations team of an organization has reported an IS security attack. Which of the following should be the NEXT step for the security incident response team?
A. Document lessons learned.
B. Prioritize resources for corrective action.
C. Perform a damage assessment.
D. Report results to management.
Answer
B. Prioritize resources for corrective action.
CISA Question 2370
Question
The risk of communication failure in an e-commerce environment is BEST minimized through the use of:
A. alternative or diverse routing
B. compression software to minimize transmission duration
C. a packet filtering firewall to reroute messages
D. functional or message acknowledgments
Answer
A. alternative or diverse routing