Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 23

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2471

Question

Which of the following would BEST provide an information security manager with sufficient assurance that a service provider complies with organization’s information security requirements?

A. A live demonstration of the third-party supplier’s security capabilities
B. Third-party security control self-assessment results
C. An independent review report indicating compliance with industry standards
D. The ability to audit the third-party supplier’s IT systems and processes

Answer

C. An independent review report indicating compliance with industry standards

CISA Question 2472

Question

Which of the following is the GREATEST risk associated with the lack of an effective data privacy program?

A. Failure to prevent fraudulent transactions
B. Inability to manage access to private or sensitive data
C. Inability to obtain customer confidence
D. Failure to comply with data-related regulations

Answer

D. Failure to comply with data-related regulations

CISA Question 2473

Question

Which of the following would provide the STRONGEST indication that senior management commitment to information security is lacking within an organization?

A. Inconsistent enforcement of information security policies
B. A reduction in information security investment
C. A high of information security risk acceptance
D. The information security manager reports to the chief risk officer

Answer

A. Inconsistent enforcement of information security policies

CISA Question 2474

Question

Which of the following sites would be MOST appropriate in the case of a very short recovery time objective (RTO)?

A. Mobile
B. Redundant
C. Shared
D. Warm

Answer

B. Redundant

CISA Question 2475

Question

Which of the following is the MOST important security consideration when using infrastructure as a Service (IaaS)?

A. User access management
B. Compliance with internal standards
C. Segmentation among guests
D. Backup and recovery strategy

Answer

A. User access management

CISA Question 2476

Question

A risk analysis for a new system is being performed. For which of the following is business knowledge MORE important than IT knowledge?

A. Vulnerability analysis
B. Cost-benefit analysis
C. Impact analysis
D. Balanced scorecard

Answer

B. Cost-benefit analysis

CISA Question 2477

Question

Which of the following is the BEST approach to reduce unnecessary duplication of compliance activities?

A. Integrating of assurance efforts
B. Automation of controls
C. Standardization of compliance requirements
D. Documentation of control procedures

Answer

C. Standardization of compliance requirements

CISA Question 2478

Question

Which of the following is the MOST likely reason an organization would use Platform as a Service (PaaS)?

A. To operate third-party hosted applications
B. To install and manage operating systems
C. To establish a network and security architecture
D. To develop and integrate its applications

Answer

D. To develop and integrate its applications

CISA Question 2479

Question

When implementing a new risk assessment methodology, which of the following is the MOST important requirement?

A. The methodology must be approved by the chief executive officer.
B. Risk assessments must be reviewed annually.
C. Risk assessments must be conducted by certified staff.
D. The methodology used must be consistent across the organization.

Answer

D. The methodology used must be consistent across the organization.

CISA Question 2480

Question

Which of the following is the MOST important control to implement when senior managers use smartphones to access sensitive company information?

A. Mandatory virtual private network (VPN) connectivity
B. Centralized device administration
C. Strong passwords
D. Anti-malware on the devices

Answer

D. Anti-malware on the devices

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.