The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2871
- Question
- Answer
- CISA Question 2872
- Question
- Answer
- CISA Question 2873
- Question
- Answer
- CISA Question 2874
- Question
- Answer
- CISA Question 2875
- Question
- Answer
- CISA Question 2876
- Question
- Answer
- CISA Question 2877
- Question
- Answer
- CISA Question 2878
- Question
- Answer
- CISA Question 2879
- Question
- Answer
- CISA Question 2880
- Question
- Answer
CISA Question 2871
Question
Which of the following is the BEST compensating control for a lack of proper segregation of duties in an IT department?
A. Authorization forms
B. Audit trail reviews
C. System activity logging
D. Control self-assessment (CSA)
Answer
C. System activity logging
CISA Question 2872
Question
Which of the following will MOST effectively help to manage the challenges associated with end user-developed application systems?
A. Developing classifications based on risk
B. Introducing redundant support capacity
C. Prohibiting creation of executable files
D. Applying control practices used by IT
Answer
D. Applying control practices used by IT
CISA Question 2873
Question
Which of the following would BEST provide executive management with current information on IT-related costs and IT performance indicators?
A. IT dashboard
B. Risk register
C. IT service-management plan
D. Continuous audit reports
Answer
A. IT dashboard
CISA Question 2874
Question
Which of the following should be reviewed as part of a data integrity test?
A. Completeness
B. Confidentiality
C. Data backup
D. Redundancy
Answer
A. Completeness
CISA Question 2875
Question
When testing segregation of duties, which of the following audit techniques provides the MOST reliable evidence?
A. Observing daily operations for the area in scope
B. Evaluating the department structure via the organizational chart
C. Reviewing departmental procedure handbooks
D. Interviewing managers and end users
Answer
A. Observing daily operations for the area in scope
CISA Question 2876
Question
Which of the following roles combined with the role of a database administrator (DBA) will create a segregation of duties conflict?
A. Quality assurance
B. Systems analyst
C. Application end user
D. Security administrator
Answer
D. Security administrator
CISA Question 2877
Question
The MOST effective way to determine if IT is meeting business requirements is to establish:
A. industry benchmarks.
B. organizational goals.
C. a capability model.
D. key performance indicators (KPIs).
Answer
D. key performance indicators (KPIs).
CISA Question 2878
Question
For mission-critical applications with a low recovery time objective (RTO), which of the following is the BEST backup strategy?
A. Frequent back-ups to tape
B. Mirroring
C. Use of virtual tape libraries
D. Archiving to conventional disk
Answer
B. Mirroring
CISA Question 2879
Question
Which of the following controls will BEST ensure that the board of directors receives sufficient information about IT?
A. The CIO reports on performance and corrective actions in a timely manner.
B. Regular meetings occur between the board, the CIO, and a technology committee.
C. The CIO regularly sends IT trend reports to the board.
D. Board members are knowledgeable about IT, and the CIO is consulted on IT issues.
Answer
D. Board members are knowledgeable about IT, and the CIO is consulted on IT issues.
CISA Question 2880
Question
Which of the following is the PRIMARY role of an IS auditor with regard to data privacy?
A. Ensuring compliance with data privacy laws
B. Communicating data privacy requirements to the organization
C. Drafting the organization’s data privacy policy
D. Verifying that privacy practices match privacy statements
Answer
A. Ensuring compliance with data privacy laws