The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2401
- Question
- Answer
- CISA Question 2402
- Question
- Answer
- CISA Question 2403
- Question
- Answer
- CISA Question 2404
- Question
- Answer
- CISA Question 2405
- Question
- Answer
- CISA Question 2406
- Question
- Answer
- CISA Question 2407
- Question
- Answer
- CISA Question 2408
- Question
- Answer
- CISA Question 2409
- Question
- Answer
- CISA Question 2410
- Question
- Answer
CISA Question 2401
Question
What is the MOST important role of a Certificate Authority (CA) when a private key becomes compromised?
A. Issue a new private key to the user
B. Refresh the key information database in the certificate publishing server
C. Publish the certificate revocation lists (CRL) into the repository
D. Refresh the metadata of the certificates
Answer
C. Publish the certificate revocation lists (CRL) into the repository
CISA Question 2402
Question
The members of an emergency incident response team should be:
A. selected from multiple departments
B. assigned at the time of each incident
C. restricted to IT personnel
D. appointed by the CISO
Answer
A. selected from multiple departments
CISA Question 2403
Question
Which of the following could provide an organization with the fastest resumption of processing following a disk failure?
A. Server load balancing
B. Mirroring
C. Open database connectivity (ODBC) of the backup server
D. Replication
Answer
B. Mirroring
CISA Question 2404
Question
The BEST test to determine whether an application’s internal security controls are configured in compliance with the organization’s security standards is an evaluation of the:
A. availability and frequency of security reports
B. intrusion detection system (IDS) logs
C. application’s user accounts and passwords
D. business application’s security parameter settings
Answer
D. business application’s security parameter settings
CISA Question 2405
Question
Which of the following is the GREATEST concern associated with control self-assessments?
A. Employees may have insufficient awareness of controls
B. Controls may not be assessed objectively
C. Communication between operational management and senior management may not be effective
D. The assessment may not provide sufficient assurance to stakeholders
Answer
B. Controls may not be assessed objectively
CISA Question 2406
Question
An IS auditor observes that routine backups of operational databases are taking longer than before. Which of the following would MOST effectively help to reduce backup and recovery times for operational databases?
A. Utilizing database technologies to achieve efficiencies
B. Using solid storage device (SSD) media
C. Requiring a combination of weekly full backups and daily differential backups
D. Archiving historical data in accordance with the data retention policy
Answer
C. Requiring a combination of weekly full backups and daily differential backups
CISA Question 2407
Question
During an IS audit of a data center, it was found that programmers are allowed to make emergency fixes to operational programs. Which of the following should be the IS auditor’s PRIMARY recommendation?
A. Bypass use ID procedures should be put in place to ensure that the changes are subject to after-the-event approval and testing
B. The ability to undertake emergency fixes should be restricted to selected key personnel
C. Programmers should be allowed to implement emergency fixes only after obtaining verbal agreement from the application owner
D. Emergency program changes should be subject to program migration and testing procedures before they are applied to operational systems
Answer
B. The ability to undertake emergency fixes should be restricted to selected key personnel
CISA Question 2408
Question
Which of the following is the MOST effective way to verify an organization’s ability to continue its essential business operations after a disruption event?
A. Analysis of end-to-end recovery flow
B. Analysis of recovery point objectives (RPOs)
C. Analysis of call tre
D. Analysis of business impact
Answer
D. Analysis of business impact
CISA Question 2409
Question
Which of the following is the MOST significant risk associated with the use of virtualization?
A. Insufficient network bandwidth
B. Single point of failure
C. Inadequate configuration
D. Performance issues of hosts
Answer
D. Performance issues of hosts
CISA Question 2410
Question
Which of the following would be an information security manager’s PRIMARY challenge when deploying a bring your own device (BYOD) mobile program in an enterprise?
A. End user acceptance
B. Mobile application control
C. Configuration management
D. Disparate device security
Answer
B. Mobile application control