The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2461
- Question
- Answer
- CISA Question 2462
- Question
- Answer
- CISA Question 2463
- Question
- Answer
- CISA Question 2464
- Question
- Answer
- CISA Question 2465
- Question
- Answer
- CISA Question 2466
- Question
- Answer
- CISA Question 2467
- Question
- Answer
- CISA Question 2468
- Question
- Answer
- CISA Question 2469
- Question
- Answer
- CISA Question 2470
- Question
- Answer
CISA Question 2461
Question
In an organization that has undergone an expansion through an acquisition, which of the following would BEST secure the enterprise network?
A. Business or role-based segmentation
B. Using security groups
C. Log analysis of system access
D. Encryption of data traversing networks.
Answer
B. Using security groups
CISA Question 2462
Question
As part of an international expansion plan, an organization has acquired a company located in another jurisdiction. Which of the following would be the BEST way to maintain an effective information security program?
A. Determine new factors that could influence the information security strategy.
B. Implement the current information security program in the acquired company.
C. Merge the two information security programs to establish continuity.
D. Ensure information security is included in any change control efforts.
Answer
A. Determine new factors that could influence the information security strategy.
CISA Question 2463
Question
An employee of an organization has reported losing a smartphone that contains sensitive information. The BEST step to address this situation should be to:
A. terminate the device connectivity
B. escalated to the user’s management
C. disable the user’s access to corporate resources
D. remotely wipe the device
Answer
D. remotely wipe the device
CISA Question 2464
Question
An existing system is being replaced with a new application package. User acceptance testing (UAT) should ensure that:
A. data from the old system has been converted correctly
B. the new system functions as expected
C. the new system is better than the old system
D. there is a business need for the new system
Answer
B. the new system functions as expected
CISA Question 2465
Question
One advantage of monetary unit sampling is the fact that:
A. results are stated in terms of the frequency of items in error
B. it can easily be applied manually when computer resources are not available
C. it increases the likelihood of selecting material items from the population
D. large-value population items are segregated and audited separately
Answer
A. results are stated in terms of the frequency of items in error
CISA Question 2466
Question
Which of the following is the client organization’s responsibility in a Software as a Service (SaaS) environment?
A. Detecting unauthorized access
B. Ensuring that users are properly authorized
C. Ensuring the data is available when needed
D. Preventing insertion of malicious code
Answer
B. Ensuring that users are properly authorized
CISA Question 2467
Question
A company converted its payroll system from an external service to an internal package. Payroll processing in April was run in parallel. To validate the completeness of data after the conversion, which of the following comparisons from the old to the new system would be MOST effective?
A. Turnaround time for payroll processing
B. Employee counts and year-to-date payroll totals
C. Master file employee data to payroll journals
D. Cut-off dates and overwrites for a sample of employees
Answer
C. Master file employee data to payroll journals
CISA Question 2468
Question
Which of the following is MOST important for an organization to complete when planning a new marketing platform that targets advertising based on customer behavior?
A. Data privacy impact assessment
B. Data quality assessment
C. Cross-border data transfer assessment
D. Security vulnerability assessment
Answer
A. Data privacy impact assessment
CISA Question 2469
Question
An employee who denies accusations of sending inappropriate images to other employees has been discharged. For evidential purposes, the mail database for the discharged employee’s computer should be:
A. deleted as it could subject the organization to further legal liability
B. impounded by physically removing the disk drive
C. backed up to the server, where its access can be tightly restricted
D. copied to write-once, read-many media using the computer’s OS tools
Answer
C. backed up to the server, where its access can be tightly restricted
CISA Question 2470
Question
A design company has multiple name and address files for its customers in several of its independent systems. Which of the following is the BEST control to ensure that the customer name and address agree across all files?
A. Use of hash totals on customer records
B. Periodic review of each master file by management
C. Matching of records and review of exception reports
D. Use of authorized master file change forms
Answer
A. Use of hash totals on customer records