Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 28

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2911

Question

Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

A. Network segmentation
B. Software as a Service (SaaS) provider
C. Dynamic localization
D. Infrastructure as a Service (IaaS) provider

Answer

B. Software as a Service (SaaS) provider

CISA Question 2912

Question

Which of the following is MOST helpful when establishing the authenticity of digital evidence collected from a hard disk?

A. Bit-by-bit image of the hard disk
B. Hash of the files on the hard disk
C. Chain of custody documentation
D. Confirmation by witnesses

Answer

A. Bit-by-bit image of the hard disk

CISA Question 2913

Question

Which of the following poses the GREATEST risk to the enforceability of networking policies in a virtualized environment?

A. Transmission of data on public networks
B. Lack of encryption for data at rest
C. Use of a public key infrastructure
D. Lack of visibility into the networks

Answer

D. Lack of visibility into the networks

CISA Question 2914

Question

Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERP) system?

A. Goods delivery notification
B. Purchase requisition
C. Bank confirmation
D. Purchase order

Answer

D. Purchase order

CISA Question 2915

Question

Which of the following controls MOST efficiently ensures that orders transmitted from a sales office to a production warehouse are received accurately and completely?

A. Transaction totals and record counts should be sent and reconciled before transaction processing.
B. Parity checking should be incorporated into all data transmissions.
C. Data should be sent back to the originating site and compared to what was sent to production.
D. Continuity of numerical sequences for all sales orders should be checked.

Answer

B. Parity checking should be incorporated into all data transmissions.

CISA Question 2916

Question

Which of the following is the BEST way for an IT forensics investigator to detect evidence of steganography?

A. Compare file hashes between original and modified image files.
B. Identify and analyze emergent properties within a file system’s metadata.
C. Recover deleted files from a suspected hard drive utilizing forensics software.
D. Scan computer operating systems using administrative tools.

Answer

A. Compare file hashes between original and modified image files.

CISA Question 2917

Question

Which function in the purchasing module of an enterprise resource planning (ERP) system ensures payments are not issued for incorrect invoices?

A. Sequential payment numbers
B. Three-way match
C. Purchasing authority levels
D. Management workflow approval

Answer

B. Three-way match

CISA Question 2918

Question

An IS auditor is assigned to review the IS department’s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards. Which of the following should be the auditor’s NEXT action?

A. Finalize the audit and report the finding.
B. Make recommendations to IS management as to appropriate quality standards.
C. Postpone the audit until IS management implements written standards.
D. Document and test compliance with the informal standards.

Answer

D. Document and test compliance with the informal standards.

CISA Question 2919

Question

An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:

A. detailed mitigating steps.
B. a list of audit staff who will oversee remediation.
C. cost estimates for remediation.
D. target dates for remediation.

Answer

A. detailed mitigating steps.

CISA Question 2920

Question

Which of the following is the BEST way to increase end-user compliance with information security policies?

A. Regular awareness training
B. Periodic audit and review
C. Use of monitoring software
D. Establishing a whistle-blower policy

Answer

A. Regular awareness training

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.