The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2951
- Question
- Answer
- CISA Question 2952
- Question
- Answer
- CISA Question 2953
- Question
- Answer
- CISA Question 2954
- Question
- Answer
- CISA Question 2955
- Question
- Answer
- CISA Question 2956
- Question
- Answer
- CISA Question 2957
- Question
- Answer
- CISA Question 2958
- Question
- Answer
- CISA Question 2959
- Question
- Answer
- CISA Question 2960
- Question
- Answer
CISA Question 2951
Question
Which of the following findings should be of MOST concern to an IS auditor when evaluating information security governance within an organization?
A. The data center manager has final sign-off on security projects.
B. The information security oversight committee meets quarterly.
C. The information security department has difficulty filling vacancies.
D. Information security policies were last updated two years ago.
Answer
C. The information security department has difficulty filling vacancies.
CISA Question 2952
Question
Which of the following is MOST important for an IS auditor to consider during a review of the IT governance of an organization?
A. Funding allocations
B. Risk management methodology
C. Defined service levels
D. Decision making responsibilities
Answer
C. Defined service levels
CISA Question 2953
Question
Which of the following is the MOST appropriate action to formalize IT governance in an organization?
A. Evaluating the IT strategy
B. Modifying IT goals and strategy
C. Establishing an IT steering committee
D. Implementing risk management
Answer
C. Establishing an IT steering committee
CISA Question 2954
Question
Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?
A. Identifying relevant roles for an enterprise IT governance framework
B. Verifying that legal, regulatory and contractual requirements are being met
C. Making decisions regarding risk response and monitoring of residual risk
D. Providing independent and objective feedback to facilitate improvement of IT processes
Answer
D. Providing independent and objective feedback to facilitate improvement of IT processes
CISA Question 2955
Question
When reviewing an organization’s IT governance processes, which of the following provides the BEST indication that information security expectations are being met at all levels?
A. Achievement of established security metrics
B. Approval of the security program by senior management
C. Utilization of an internationally recognized security standard
D. Implementation of a comprehensive security awareness program
Answer
A. Achievement of established security metrics
CISA Question 2956
Question
Which of the following findings would have the GREATEST impact on the objective of a business intelligence system?
A. Key control have not been tested in a year.
B. Decision support queries use database functions proprietary to the vendor.
C. The hot site for disaster recovery does not include the decision support system.
D. Management reports have not been evaluated since implementation.
Answer
D. Management reports have not been evaluated since implementation.
CISA Question 2957
Question
Which of the following is the FIRST step when conducting a business impact analysis (BIA)?
A. Identifying critical information resources
B. Identifying events impacting continuity of operations
C. Analyzing past transaction volumes
D. Creating a data classification scheme
Answer
A. Identifying critical information resources
CISA Question 2958
Question
Which of the following would BEST enable alignment of IT with business objectives?
A. Leveraging an IT framework
B. Completing an IT risk assessment
C. Adopting industry best practices
D. Monitoring key performance indicators (KPIs)
Answer
D. Monitoring key performance indicators (KPIs)
CISA Question 2959
Question
Which of the following human resources management practices BEST leads to the detection of fraudulent activity?
A. Background checks
B. Time reporting
C. Employee code of ethics
D. Mandatory time off
Answer
D. Mandatory time off
CISA Question 2960
Question
Which of the following is MOST important to ensure when planning a black box penetration test?
A. The test results will be documented and communicated to management.
B. Diagrams of the organization’s network architecture are available.
C. The environment and penetration test scope have been determined.
D. The management of the client organization is aware of the testing.
Answer
C. The environment and penetration test scope have been determined.