The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2901
- Question
- Answer
- CISA Question 2902
- Question
- Answer
- CISA Question 2903
- Question
- Answer
- CISA Question 2904
- Question
- Answer
- CISA Question 2905
- Question
- Answer
- CISA Question 2906
- Question
- Answer
- CISA Question 2907
- Question
- Answer
- CISA Question 2908
- Question
- Answer
- CISA Question 2909
- Question
- Answer
- CISA Question 2910
- Question
- Answer
CISA Question 2901
Question
An IS auditor is performing a business continuity plan (BCP) audit and identifies that the plan has not been tested for five years. However, the plan was successfully activated during a recent extended power outage. Which of the following is the IS auditor’s BEST course of action?
A. Determine if lessons learned from the activation were incorporated into the plan.
B. Determine if the business impact analysis (BIA) is still accurate.
C. Determine if a follow-up BCP audit is required to identify future gaps.
D. Determine if the annual BCP training program is in need of a review.
Answer
C. Determine if a follow-up BCP audit is required to identify future gaps.
CISA Question 2902
Question
An organization wants to test business continuity using a scenario in which there are many remote workers trying to access production data at the same time.
Which of the following is the BEST testing method in this situation?
A. Application failover testing.
B. Network stress testing.
C. Alternate site testing.
D. Network penetration testing.
Answer
B. Network stress testing.
CISA Question 2903
Question
Which of the following is MOST important to include in a business continuity plan (BCP)?
A. Vendor contact information
B. Documentation of critical systems
C. Documentation of data center floor plans
D. Backup site location information
Answer
B. Documentation of critical systems
CISA Question 2904
Question
In an environment where most IT services have been outsourced, continuity planning is BEST controlled by:
A. outsourced service provider management.
B. business management.
C. continuity planning specialists.
D. IT management.
Answer
C. continuity planning specialists.
CISA Question 2905
Question
The MAJOR reason for replacing checks with electronic funds transfer (EFT) systems in the accounts payable area is to:
A. increase organizational credibility.
B. decrease the risk of unauthorized changes to payment transactions.
C. decrease the number of paper-based payment forms.
D. increase the efficiency of the payment process.
Answer
D. increase the efficiency of the payment process.
CISA Question 2906
Question
Which of the following would BEST facilitate the successful implementation of an IT-related framework?
A. Aligning the framework to industry best practices
B. Involving appropriate business representation within the framework
C. Establishing committees to support and oversee framework activities
D. Documenting IT-related policies and procedures
Answer
B. Involving appropriate business representation within the framework
CISA Question 2907
Question
An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization’s objectives?
A. Periodic audits of controls by an independent auditor
B. Adequacy of the service provider’s insurance
C. Assessment of the personnel training processes of the provider
D. Review of performance against service level agreements (SLAs)
Answer
A. Periodic audits of controls by an independent auditor
CISA Question 2908
Question
During an investigation of transactions in a core banking system, fraudulent transactions are discovered that will require the involvement of law enforcement.
Which of the following should be done FIRST?
A. Ensure evidence is preserved.
B. Initiate incident response procedures.
C. Evaluate the business impact.
D. Notify internal audit management.
Answer
B. Initiate incident response procedures.
CISA Question 2909
Question
What is the BEST way to control updates to the vendor master file in an accounts payable system?
A. Using prenumbered and authorized request forms
B. Having only one person updating the master file
C. Periodically reviewing the entire vendor master file
D. Comparing updates against authorization
Answer
A. Using prenumbered and authorized request forms
CISA Question 2910
Question
The IS department is evaluated monthly on its cost-revenue ratio, user satisfaction rate, and computer downtime. This can BEST be characterized as an application of:
A. control self-assessment (CSA).
B. balanced scorecard.
C. value chain analysis.
D. risk control framework.
Answer
B. balanced scorecard.