The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2411
- Question
- Answer
- CISA Question 2412
- Question
- Answer
- CISA Question 2413
- Question
- Answer
- CISA Question 2414
- Question
- Answer
- CISA Question 2415
- Question
- Answer
- CISA Question 2416
- Question
- Answer
- CISA Question 2417
- Question
- Answer
- CISA Question 2418
- Question
- Answer
- CISA Question 2419
- Question
- Answer
- CISA Question 2420
- Question
- Answer
CISA Question 2411
Question
A validated patch to address a new vulnerability that may affect a mission-critical server has been released. What should be done immediately?
A. Add mitigating controls.
B. Check the server’s security and install the patch.
C. Conduct an impact analysis.
D. Take the server off-line and install the patch.
Answer
C. Conduct an impact analysis.
CISA Question 2412
Question
Which of the following external entities would provide the BEST guidance to an organization facing advanced attacks?
A. Recognized threat intelligence communities
B. Open-source reconnaissance
C. Disaster recovery consultants widely endorsed in industry forums
D. Incident response experts from highly regarded peer organizations
Answer
A. Recognized threat intelligence communities
CISA Question 2413
Question
An organization has detected sensitive data leakage caused by an employee of a third-party contractor. What is the BEST course of action to address this issue?
A. Include security requirements in outsourcing contracts.
B. Activate the organization’s incident response plan.
C. Limit access to the third-party contractor.
D. Terminate the agreement with the third-party contractor.
Answer
B. Activate the organization’s incident response plan.
CISA Question 2414
Question
When recommending a preventive control against cross-site scripting in web applications, an information security manager is MOST likely to suggest:
A. using https in place of http.
B. hardening of the web server’s operating system.
C. consolidating multiple sites into a single portal.
D. coding standards and code review.
Answer
D. coding standards and code review.
CISA Question 2415
Question
The MOST important reason to use a centralized mechanism to identify information security incidents is to:
A. prevent unauthorized changes to networks.
B. comply with corporate policies.
C. detect potential fraud.
D. detect threats across environments.
Answer
D. detect threats across environments.
CISA Question 2416
Question
Which of the following is the PRIMARY purpose of red team testing?
A. To determine the organization’s preparedness for an attack
B. To confirm the risk profile of the organization
C. To assess the vulnerability of employees to social engineering
D. To establish a baseline incident response program
Answer
A. To determine the organization’s preparedness for an attack
CISA Question 2417
Question
Which of the following is the BEST way to improve the timely reporting of information security incidents?
A. Perform periodic simulations with the incident response team.
B. Incorporate security procedures in help desk processes.
C. Integrate an intrusion detection system (IDS) in the DMZ.
D. Regularly reassess and update the incident response plan.
Answer
D. Regularly reassess and update the incident response plan.
CISA Question 2418
Question
During an annual security review of an organization’s servers, it was found that the customer service team’s file server, which contains sensitive customer data, is accessible to all user IDs in the organization. Which of the following should the information security manager do FIRST?
A. Report the situation to the data owner.
B. Remove access privileges to the folder containing the data.
C. Train the customer service team on properly controlling file permissions.
D. Isolate the server from the network.
Answer
A. Report the situation to the data owner.
CISA Question 2419
Question
What is the MOST effective way to ensure information security incidents will be managed effectively and in a timely manner?
A. Obtain senior management commitment.
B. Test incident response procedures regularly.
C. Communicate incident response procedures to staff.
D. Establish and measure key performance indicators (KPIs).
Answer
B. Test incident response procedures regularly.
CISA Question 2420
Question
Which of the following should be PRIMARILY included in a security training program for business process owners?
A. Application vulnerabilities
B. List of security incidents reported
C. Application recovery time
D. Impact of security risks
Answer
D. Impact of security risks