The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2761
- Question
- Answer
- CISA Question 2762
- Question
- Answer
- CISA Question 2763
- Question
- Answer
- CISA Question 2764
- Question
- Answer
- CISA Question 2765
- Question
- Answer
- CISA Question 2766
- Question
- Answer
- CISA Question 2767
- Question
- Answer
- CISA Question 2768
- Question
- Answer
- CISA Question 2769
- Question
- Answer
- CISA Question 2770
- Question
- Answer
CISA Question 2761
Question
When considering whether to adopt bring your own device (BYOD), it is MOST important for the information security manager to ensure that:
A. security controls are applied to each device when joining the network
B. business leaders have an understanding of security risks
C. users have read and signed acceptable use agreements
D. the applications are tested prior to implementation
Answer
A. security controls are applied to each device when joining the network
CISA Question 2762
Question
A finance department director has decided to outsource the organization’s budget application and has identified potential providers. Which of the following actions should be initiated FIRST by the information security manager?
A. Validate that connectivity to the service provider can be made securely.
B. Obtain audit reports on the service providers hosting environment.
C. Review the disaster recovery plans (DRP) of the providers.
D. Align the roles of the organization’s and the service providers’ staffs.
Answer
B. Obtain audit reports on the service providers hosting environment.
CISA Question 2763
Question
In a cloud technology environment, which of the following would pose the GREATEST challenge to the investigation of security incidents?
A. Data encryption
B. Access to the hardware
C. Compressed customer data
D. Non-standard event logs
Answer
B. Access to the hardware
CISA Question 2764
Question
The BEST way to obtain funding from senior management for a security awareness program is to:
A. meet regulatory requirements
B. produce an impact analysis report of potential breaches
C. demonstrate that the program will adequately reduce risk
D. produce a report of organizational risks
Answer
B. produce an impact analysis report of potential breaches
CISA Question 2765
Question
Which of the following BEST enables effective closure of noncompliance issues?
A. Insuring against the risk
B. Performing control self-assessments
C. Capturing issues in a risk register
D. Executing an approved mitigation plan
Answer
C. Capturing issues in a risk register
CISA Question 2766
Question
During a post-incident review. the sequence and correlation of actions must be analyzed PRIMARLY based on:
A. interviews with personnel
B. a consolidated event time line
C. logs from systems involved
D. documents created during the incident
Answer
C. logs from systems involved
CISA Question 2767
Question
Which of the following is MOST important for an information security manager to ensure is included in a business case for a new system?
A. Intangible benefits of the system
B. Risk associated with the system
C. Effectiveness of controls
D. Audit-logging capabilities
Answer
A. Intangible benefits of the system
CISA Question 2768
Question
An organization is MOST at risk from a new worm being introduced through the intranet when:
A. executable code is run from inside the firewall
B. system software does not undergo integrity checks
C. hosts have static IP addresses
D. desktop virus definition files are not up to date
Answer
D. desktop virus definition files are not up to date
CISA Question 2769
Question
An organization is deciding whether to outsource its customer relationship management systems to a provider located in another country. Which of the following should be the PRIMARY influence in the outsourcing decision?
A. Time zone differences
B. The service provider’s disaster recovery plan
C. Cross-border privacy laws
D. Current geopolitical conditions
Answer
C. Cross-border privacy laws
CISA Question 2770
Question
The use of a business case to obtain funding for an information security investment is MOST effective when the business case:
A. translates information security policies and standards into business requirements.
B. articulates management’s intent and information security directives in clear language.
C. relates the investment to the organization’s strategic plan.
D. realigns information security objectives to organizational strategy.
Answer
A. translates information security policies and standards into business requirements.