The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2381
- Question
- Answer
- CISA Question 2382
- Question
- Answer
- CISA Question 2383
- Question
- Answer
- CISA Question 2384
- Question
- Answer
- CISA Question 2385
- Question
- Answer
- CISA Question 2386
- Question
- Answer
- CISA Question 2387
- Question
- Answer
- CISA Question 2388
- Question
- Answer
- CISA Question 2389
- Question
- Answer
- CISA Question 2390
- Question
- Answer
CISA Question 2381
Question
What is the PRIMARY reason for hardening new devices before introducing into a corporate network?
A. To comply with organizational rules
B. To ease maintenance of devices
C. To reduce exposure to attacks
D. To avoid software licensing conflicts
Answer
C. To reduce exposure to attacks
CISA Question 2382
Question
Which of the following would BEST prevent data from being orphaned?
A. Referential integrity
B. Table partitioning
C. Input validation checks
D. Table indexes
Answer
A. Referential integrity
CISA Question 2383
Question
Which of the following provides for the GREATEST cost reduction in a large data center?
A. Server consolidation
B. Staff rotation
C. Power conditioning
D. Job-scheduling software
Answer
A. Server consolidation
CISA Question 2384
Question
During an external assessment of network vulnerability, which of the following activities should be performed FIRST?
A. Collect network information
B. Implement an intrusion detection system (IDS)
C. Monitor the network
D. Review policies
Answer
A. Collect network information
CISA Question 2385
Question
An advantage of installing a thin client architecture in a local area network (LAN) is that this would:
A. stabilize network bandwidth requirements
B. facilitate the updating of software versions
C. ensure application availability when the server is down
D. reduce the risk of a single point of failure
Answer
B. facilitate the updating of software versions
CISA Question 2386
Question
Which of the following should be performed immediately after a computer security incident has been detected and analyzed by an incident response team?
A. Assess the impact of the incident on critical systems
B. Categorize the incident
C. Eradicate the component that caused the incident
D. Contain the incident before it spreads
Answer
B. Categorize the incident
CISA Question 2387
Question
A data breach has occurred at a third-party vendor used by an organization to outsource the processing of its customer data. What should be management’s FIRST course of action?
A. Activate the disaster recovery plan
B. Notify the insurance company of the potential claim
C. Activate the incident management process
D. Take legal action against the service provider for reputation damage
Answer
C. Activate the incident management process
CISA Question 2388
Question
A recent audit concluded that an organization’s information security system was weak and that monitoring would likely fail to detect penetration.
Which of the following would be the MOST appropriate recommendation?
A. Look continually for new criminal behavior and attacks on sensitive data
B. Establish a clear policy related to security and the handling of sensitive data
C. Encrypt sensitive data while strengthening the system
D. Identify and periodically remove sensitive data that is no longer needed
Answer
C. Encrypt sensitive data while strengthening the system
CISA Question 2389
Question
An organization is within a jurisdiction where new regulations have recently been announced to restrict cross-border data transfer of personally identifiable information (PII). Which of the following IT decisions will MOST likely need to be assessed in the context of this change?
A. Hosting the payroll system at an external cloud service provider
B. Purchasing cyber insurance from an overseas insurance company
C. Applying encryption to database hosting PII data
D. Hiring IT consultants from overseas
Answer
A. Hosting the payroll system at an external cloud service provider
CISA Question 2390
Question
A firewall has been installed on the company’s web server. Which concern does the firewall address?
A. Availability of the information
B. Unauthorized modification of information by internal users
C. Accessing information by the outside world
D. Connectivity to the Internet
Answer
C. Accessing information by the outside world