Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 27

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2821

Question

What is the PRIMARY benefit to executive management when audit, risk, and security functions are aligned?

A. More efficient incident handling
B. Reduced number of assurance reports
C. More effective decision making
D. More timely risk reporting

Answer

C. More effective decision making

CISA Question 2822

Question

Which of the following is MOST likely to be included in computer operating procedures in a large data center?

A. Instructions for job scheduling
B. Procedures for resequencing source code
C. Procedures for utility configuration
D. Guidance on setting security parameters

Answer

A. Instructions for job scheduling

CISA Question 2823

Question

Which of the following security processes will BEST prevent the exploitation of system vulnerabilities?

A. Patch management
B. Log monitoring
C. Antivirus software
D. Intrusion detection

Answer

A. Patch management

CISA Question 2824

Question

A critical server for a hospital has been encrypted by ransomware. The hospital is unable to function effectively without this server. Which of the following would MOST effectively allow the hospital to avoid paying the ransom?

A. A continual server replication process
B. A property tested offline backup system
C. A property configured firewall
D. Employee training on ransomware

Answer

A. A continual server replication process

CISA Question 2825

Question

Which of the following would BEST enable effective decision-making?

A. Annualized loss estimates determined from past security events.
B. A universally applied list of generic threats impacts, and vulnerabilities
C. Formalized acceptance of risk analysis by business management
D. A consistent process to analyze new and historical information risk

Answer

D. A consistent process to analyze new and historical information risk

CISA Question 2826

Question

A core business unit relies on an effective legacy system that does not meet the current security standards and threatens the enterprise network.
Which of the following is the BEST course of action to address the situation?

A. Require that new systems that can meet the standards be implemented.
B. Document the deficiencies in the risk register.
C. Develop processes to compensate for the deficiencies.
D. Disconnect the legacy system from the rest of the network.

Answer

C. Develop processes to compensate for the deficiencies.

CISA Question 2827

Question

The PRIMARY objective of IT service level management is to:

A. improve IT cost control.
B. increase awareness of IT services.
C. manage computer operations activities.
D. satisfy customer requirements.

Answer

D. satisfy customer requirements.

CISA Question 2828

Question

Which of the following is the BEST indicator of the effectiveness of an organization’s portfolio management program?

A. Percentage of investments achieving their forecasted value
B. Maturity levels of the value management processes
C. Experience of the portfolio management personnel
D. Stakeholder’s perception of IT’s value

Answer

B. Maturity levels of the value management processes

CISA Question 2829

Question

When assessing whether an organization’s IT performance measures are comparable to other organizations in the same industry, which of the following would be MOST helpful to review?

A. Utilization reports
B. Balanced scorecard
C. Benchmarking surveys
D. IT governance frameworks

Answer

C. Benchmarking surveys

CISA Question 2830

Question

Which of the following is MOST important to review when evaluating the performance of a critical web application?

A. Business-defined application response times
B. Feedback from customer satisfaction surveys
C. Roles and responsibilities for reporting
D. Strategy for application performance monitoring in the cloud

Answer

A. Business-defined application response times

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.