The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2501
- Question
- Answer
- CISA Question 2502
- Question
- Answer
- CISA Question 2503
- Question
- Answer
- CISA Question 2504
- Question
- Answer
- CISA Question 2505
- Question
- Answer
- CISA Question 2506
- Question
- Answer
- CISA Question 2507
- Question
- Answer
- CISA Question 2508
- Question
- Answer
- CISA Question 2509
- Question
- Answer
- CISA Question 2510
- Question
- Answer
CISA Question 2501
Question
Which of the following is a challenge in developing a service level agreement (SLA) for network services?
A. Reducing the number of entry points into the network
B. Ensuring that network components are not modified by the client
C. Establishing a well-designed framework for network services
D. Finding performance metrics that can be measured properly
Answer
B. Ensuring that network components are not modified by the client
CISA Question 2502
Question
During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:
A. proposed functionality of the application.
B. development methodology employed.
C. future compatibility of the design.
D. controls incorporated into the system specifications.
Answer
D. controls incorporated into the system specifications.
CISA Question 2503
Question
The results of an IS audit indicating the need to strengthen controls has been communicated to the appropriate stakeholders. Which of the following is the BEST way for management to enforce implementation of the recommendations?
A. Copy senior management on communications related to the audit
B. Have stakeholders develop a business case for control changes
C. Assign ownership to each remediation activity
D. Request auditors to design a roadmap for closure
Answer
C. Assign ownership to each remediation activity
CISA Question 2504
Question
Which of the following is MOST important to verify when implementing an organization’s information security program?
A. The IT department has developed and implemented training programs.
B. The security program is adequately funded in the budget.
C. The organization’s security strategy is documented and approved.
D. The security program has been benchmarked to industry standards.
Answer
C. The organization’s security strategy is documented and approved.
CISA Question 2505
Question
An incorrect version of source code was amended by a development team. This MOST likely indicates a weakness in:
A. project management.
B. quality assurance (QA).
C. change management.
D. incident management.
Answer
B. quality assurance (QA).
CISA Question 2506
Question
Which of the following is the MOST likely to ensure that an organization’s systems development meets its business objectives?
A. A focus on strategic projects
B. Segregation of systems development and testing
C. Business owner involvement
D. A project plan with clearly identified requirements
Answer
D. A project plan with clearly identified requirements
CISA Question 2507
Question
Which of the following should be done FIRST when planning a penetration test?
A. Determine reporting requirements for vulnerabilities.
B. Define the testing scope.
C. Obtain management consent for the testing.
D. Execute nondisclosure agreements (NDAs).
Answer
B. Define the testing scope.
CISA Question 2508
Question
An IS auditor is reviewing the implementation of an international quality management standard. Which of the following provides the BEST evidence that quality management objectives have been achieved?
A. Reduction in risk profile
B. Quality assurance (QA) documentation
C. Measurable processes
D. Enhanced compliance with laws and regulations
Answer
C. Measurable processes
CISA Question 2509
Question
Which of the following MUST be completed before selecting and deploying a biometric system that uses facial recognition software?
A. Image interference review
B. Vulnerability assessment
C. Privacy impact analysis
D. False acceptance testing
Answer
D. False acceptance testing
CISA Question 2510
Question
Which of the following provides the MOST assurance over the completeness and accuracy of loan application processing with respect to the implementation of a new system?
A. Loading balance and transaction data to the new system
B. Comparing code between old and new systems
C. Reviewing quality assurance (QA) procedures
D. Running historical transactions through the new system
Answer
A. Loading balance and transaction data to the new system