Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 24

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2501

Question

Which of the following is a challenge in developing a service level agreement (SLA) for network services?

A. Reducing the number of entry points into the network
B. Ensuring that network components are not modified by the client
C. Establishing a well-designed framework for network services
D. Finding performance metrics that can be measured properly

Answer

B. Ensuring that network components are not modified by the client

CISA Question 2502

Question

During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

A. proposed functionality of the application.
B. development methodology employed.
C. future compatibility of the design.
D. controls incorporated into the system specifications.

Answer

D. controls incorporated into the system specifications.

CISA Question 2503

Question

The results of an IS audit indicating the need to strengthen controls has been communicated to the appropriate stakeholders. Which of the following is the BEST way for management to enforce implementation of the recommendations?

A. Copy senior management on communications related to the audit
B. Have stakeholders develop a business case for control changes
C. Assign ownership to each remediation activity
D. Request auditors to design a roadmap for closure

Answer

C. Assign ownership to each remediation activity

CISA Question 2504

Question

Which of the following is MOST important to verify when implementing an organization’s information security program?

A. The IT department has developed and implemented training programs.
B. The security program is adequately funded in the budget.
C. The organization’s security strategy is documented and approved.
D. The security program has been benchmarked to industry standards.

Answer

C. The organization’s security strategy is documented and approved.

CISA Question 2505

Question

An incorrect version of source code was amended by a development team. This MOST likely indicates a weakness in:

A. project management.
B. quality assurance (QA).
C. change management.
D. incident management.

Answer

B. quality assurance (QA).

CISA Question 2506

Question

Which of the following is the MOST likely to ensure that an organization’s systems development meets its business objectives?

A. A focus on strategic projects
B. Segregation of systems development and testing
C. Business owner involvement
D. A project plan with clearly identified requirements

Answer

D. A project plan with clearly identified requirements

CISA Question 2507

Question

Which of the following should be done FIRST when planning a penetration test?

A. Determine reporting requirements for vulnerabilities.
B. Define the testing scope.
C. Obtain management consent for the testing.
D. Execute nondisclosure agreements (NDAs).

Answer

B. Define the testing scope.

CISA Question 2508

Question

An IS auditor is reviewing the implementation of an international quality management standard. Which of the following provides the BEST evidence that quality management objectives have been achieved?

A. Reduction in risk profile
B. Quality assurance (QA) documentation
C. Measurable processes
D. Enhanced compliance with laws and regulations

Answer

C. Measurable processes

CISA Question 2509

Question

Which of the following MUST be completed before selecting and deploying a biometric system that uses facial recognition software?

A. Image interference review
B. Vulnerability assessment
C. Privacy impact analysis
D. False acceptance testing

Answer

D. False acceptance testing

CISA Question 2510

Question

Which of the following provides the MOST assurance over the completeness and accuracy of loan application processing with respect to the implementation of a new system?

A. Loading balance and transaction data to the new system
B. Comparing code between old and new systems
C. Reviewing quality assurance (QA) procedures
D. Running historical transactions through the new system

Answer

A. Loading balance and transaction data to the new system

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.