Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 24

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2501

Question

Which of the following is a challenge in developing a service level agreement (SLA) for network services?

A. Reducing the number of entry points into the network
B. Ensuring that network components are not modified by the client
C. Establishing a well-designed framework for network services
D. Finding performance metrics that can be measured properly

Answer

B. Ensuring that network components are not modified by the client

CISA Question 2502

Question

During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

A. proposed functionality of the application.
B. development methodology employed.
C. future compatibility of the design.
D. controls incorporated into the system specifications.

Answer

D. controls incorporated into the system specifications.

CISA Question 2503

Question

The results of an IS audit indicating the need to strengthen controls has been communicated to the appropriate stakeholders. Which of the following is the BEST way for management to enforce implementation of the recommendations?

A. Copy senior management on communications related to the audit
B. Have stakeholders develop a business case for control changes
C. Assign ownership to each remediation activity
D. Request auditors to design a roadmap for closure

Answer

C. Assign ownership to each remediation activity

CISA Question 2504

Question

Which of the following is MOST important to verify when implementing an organization’s information security program?

A. The IT department has developed and implemented training programs.
B. The security program is adequately funded in the budget.
C. The organization’s security strategy is documented and approved.
D. The security program has been benchmarked to industry standards.

Answer

C. The organization’s security strategy is documented and approved.

CISA Question 2505

Question

An incorrect version of source code was amended by a development team. This MOST likely indicates a weakness in:

A. project management.
B. quality assurance (QA).
C. change management.
D. incident management.

Answer

B. quality assurance (QA).

CISA Question 2506

Question

Which of the following is the MOST likely to ensure that an organization’s systems development meets its business objectives?

A. A focus on strategic projects
B. Segregation of systems development and testing
C. Business owner involvement
D. A project plan with clearly identified requirements

Answer

D. A project plan with clearly identified requirements

CISA Question 2507

Question

Which of the following should be done FIRST when planning a penetration test?

A. Determine reporting requirements for vulnerabilities.
B. Define the testing scope.
C. Obtain management consent for the testing.
D. Execute nondisclosure agreements (NDAs).

Answer

B. Define the testing scope.

CISA Question 2508

Question

An IS auditor is reviewing the implementation of an international quality management standard. Which of the following provides the BEST evidence that quality management objectives have been achieved?

A. Reduction in risk profile
B. Quality assurance (QA) documentation
C. Measurable processes
D. Enhanced compliance with laws and regulations

Answer

C. Measurable processes

CISA Question 2509

Question

Which of the following MUST be completed before selecting and deploying a biometric system that uses facial recognition software?

A. Image interference review
B. Vulnerability assessment
C. Privacy impact analysis
D. False acceptance testing

Answer

D. False acceptance testing

CISA Question 2510

Question

Which of the following provides the MOST assurance over the completeness and accuracy of loan application processing with respect to the implementation of a new system?

A. Loading balance and transaction data to the new system
B. Comparing code between old and new systems
C. Reviewing quality assurance (QA) procedures
D. Running historical transactions through the new system

Answer

A. Loading balance and transaction data to the new system

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.