Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 23

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2421

Question

Which of the following BEST reduces the likelihood of leakage of private information via email?

A. Strong user authentication protocols
B. Email encryption
C. Prohibition on the personal use of email
D. User awareness training

Answer

D. User awareness training

CISA Question 2422

Question

Which of the following is the BEST method to defend against social engineering attacks?

A. Periodically perform antivirus scans to identify malware.
B. Communicate guidelines to limit information posted to public sites.
C. Monitor for unauthorized access attempts and failed logins.
D. Employ the use of a web-content filtering solution.

Answer

D. Employ the use of a web-content filtering solution.

CISA Question 2423

Question

What should the information security manager do FISRT when end users express that new security controls are too restrictive?

A. Perform a risk assessment on modifying the control environment.
B. Perform a cost-benefit analysis on modifying the control environment.
C. Conduct a business impact analysis (BIA).
D. Obtain process owner buy-in to remove the controls.

Answer

A. Perform a risk assessment on modifying the control environment.

CISA Question 2424

Question

When information security management is receiving an increased number of false positive incident reports, which of the following is MOST important to review?

A. The security awareness programs
B. Post-incident analysis results
C. The risk management processes
D. Firewall logs

Answer

C. The risk management processes

CISA Question 2425

Question

Which of the following would present the GREATEST need to revise information security policies?

A. An increase in reported incidents
B. A merger with a competing company
C. Implementation of a new firewall
D. Changes in standards and procedures

Answer

B. A merger with a competing company

CISA Question 2426

Question

Which of the following is the PRIMARY benefit to an organization using an automated event monitoring solution?

A. Enhanced forensic analysis
B. Improved response time to incidents
C. Improved network protection
D. Reduced need for manual analysis

Answer

B. Improved response time to incidents

CISA Question 2427

Question

Which of the following MOST effectively prevents internal users from modifying sensitive data?

A. Network segmentation
B. Multi-factor authentication
C. Acceptable use policies
D. Role-based access controls

Answer

D. Role-based access controls

CISA Question 2428

Question

Labeling information according to its security classification:

A. reduces the need to identify baseline controls for each classification.
B. reduces the number and type of countermeasures required.
C. enhances the likelihood of people handling information securely.
D. affects the consequences if information is handled insecurely.

Answer

D. affects the consequences if information is handled insecurely.

CISA Question 2429

Question

Which of the following functions is MOST critical when initiating the removal of system access for terminated employees?

A. Legal
B. Help desk
C. Human resources
D. Information security

Answer

D. Information security

CISA Question 2430

Question

A contract bid is digitally signed and electronically mailed. The PRIMARY advantage to using a digital signature is that:

A. the bid cannot be forged even if the keys are compromised.
B. the bid and the signature can be copied from one document to another.
C. the signature can be authenticated even if no encryption is used.
D. any alteration of the bid will invalidate the signature.

Answer

C. the signature can be authenticated even if no encryption is used.

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.