Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 23

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2401

Question

What is the MOST important role of a Certificate Authority (CA) when a private key becomes compromised?

A. Issue a new private key to the user
B. Refresh the key information database in the certificate publishing server
C. Publish the certificate revocation lists (CRL) into the repository
D. Refresh the metadata of the certificates

Answer

C. Publish the certificate revocation lists (CRL) into the repository

CISA Question 2402

Question

The members of an emergency incident response team should be:

A. selected from multiple departments
B. assigned at the time of each incident
C. restricted to IT personnel
D. appointed by the CISO

Answer

A. selected from multiple departments

CISA Question 2403

Question

Which of the following could provide an organization with the fastest resumption of processing following a disk failure?

A. Server load balancing
B. Mirroring
C. Open database connectivity (ODBC) of the backup server
D. Replication

Answer

B. Mirroring

CISA Question 2404

Question

The BEST test to determine whether an application’s internal security controls are configured in compliance with the organization’s security standards is an evaluation of the:

A. availability and frequency of security reports
B. intrusion detection system (IDS) logs
C. application’s user accounts and passwords
D. business application’s security parameter settings

Answer

D. business application’s security parameter settings

CISA Question 2405

Question

Which of the following is the GREATEST concern associated with control self-assessments?

A. Employees may have insufficient awareness of controls
B. Controls may not be assessed objectively
C. Communication between operational management and senior management may not be effective
D. The assessment may not provide sufficient assurance to stakeholders

Answer

B. Controls may not be assessed objectively

CISA Question 2406

Question

An IS auditor observes that routine backups of operational databases are taking longer than before. Which of the following would MOST effectively help to reduce backup and recovery times for operational databases?

A. Utilizing database technologies to achieve efficiencies
B. Using solid storage device (SSD) media
C. Requiring a combination of weekly full backups and daily differential backups
D. Archiving historical data in accordance with the data retention policy

Answer

C. Requiring a combination of weekly full backups and daily differential backups

CISA Question 2407

Question

During an IS audit of a data center, it was found that programmers are allowed to make emergency fixes to operational programs. Which of the following should be the IS auditor’s PRIMARY recommendation?

A. Bypass use ID procedures should be put in place to ensure that the changes are subject to after-the-event approval and testing
B. The ability to undertake emergency fixes should be restricted to selected key personnel
C. Programmers should be allowed to implement emergency fixes only after obtaining verbal agreement from the application owner
D. Emergency program changes should be subject to program migration and testing procedures before they are applied to operational systems

Answer

B. The ability to undertake emergency fixes should be restricted to selected key personnel

CISA Question 2408

Question

Which of the following is the MOST effective way to verify an organization’s ability to continue its essential business operations after a disruption event?

A. Analysis of end-to-end recovery flow
B. Analysis of recovery point objectives (RPOs)
C. Analysis of call tre
D. Analysis of business impact

Answer

D. Analysis of business impact

CISA Question 2409

Question

Which of the following is the MOST significant risk associated with the use of virtualization?

A. Insufficient network bandwidth
B. Single point of failure
C. Inadequate configuration
D. Performance issues of hosts

Answer

D. Performance issues of hosts

CISA Question 2410

Question

Which of the following would be an information security manager’s PRIMARY challenge when deploying a bring your own device (BYOD) mobile program in an enterprise?

A. End user acceptance
B. Mobile application control
C. Configuration management
D. Disparate device security

Answer

B. Mobile application control

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker