The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 3031
- Question
- Answer
- CISA Question 3032
- Question
- Answer
- CISA Question 3033
- Question
- Answer
- CISA Question 3034
- Question
- Answer
- CISA Question 3035
- Question
- Answer
- CISA Question 3036
- Question
- Answer
- CISA Question 3037
- Question
- Answer
- CISA Question 3038
- Question
- Answer
- CISA Question 3039
- Question
- Answer
- CISA Question 3040
- Question
- Answer
CISA Question 3031
Question
To address the issue that performance pressures on IT may conflict with information security controls, it is MOST important that:
A. the security policy is changed to accommodate IT performance pressure
B. noncompliance issues are reported senior management
C. senior management provides guidance and dispute resolution
D. information security management understands business performance issues
Answer
D. information security management understands business performance issues
CISA Question 3032
Question
A policy has been established requiring users to install mobile device management (MDM) software on their personal devices. Which of the following would BEST mitigate the risk created by noncompliance with this policy?
A. Issuing warnings and documenting noncompliance
B. Disabling remote access from the mobile device
C. Issuing company-configured mobile devices
D. Requiring users to sign-off on terms and conditions
Answer
B. Disabling remote access from the mobile device
CISA Question 3033
Question
An information security team has discovered that users are sharing a login account to an application with sensitive information, in violation of the access policy.
Business management indicates that the practice creates operational efficiencies. The information security manager’s BEST course of action should be to:
A. modify the policy
B. present the risk to senior management
C. enforce the policy
D. create an exception for the deviation
Answer
B. present the risk to senior management
CISA Question 3034
Question
An objective of capacity management is to ensure that:
A. organizational resources are used efficiently.
B. available resources are fully utilized.
C. new resources are allocated for new applications.
D. resource utilization does not drop below 85%.
Answer
A. organizational resources are used efficiently.
CISA Question 3035
Question
An information systems security officer’s PRIMARY responsibility for business process applications is to:
A. create role-based rules for each business process.
B. ensure access rules agree with policies.
C. authorize secured emergency access.
D. approve the organization’s security policy.
Answer
B. ensure access rules agree with policies.
CISA Question 3036
Question
Which of the following methods would BEST ensure that IT strategy is in line with business strategy?
A. Break-even analysis
B. Value analysis
C. Critical path analysis
D. Business impact analysis (BIA)
Answer
B. Value analysis
CISA Question 3037
Question
An external audit team is deciding whether to rely on internal audit’s work for an annual compliance audit. Which of the following is the GREATEST consideration when making this decision?
A. Independence of the internal audit department from management’s influence
B. Professional certifications held by the internal audit team members
C. Years of experience each of the internal auditors have in performing compliance audits
D. The level of documentation maintained by internal audit and the methods used to collect evidence
Answer
A. Independence of the internal audit department from management’s influence
CISA Question 3038
Question
What is the BEST method to determine if IT resource spending is aligned with planned project spending?
A. Earned value analysis (EVA)
B. Gantt chart
C. Return on investment (ROI) analysis
D. Critical path analysis
Answer
A. Earned value analysis (EVA)
CISA Question 3039
Question
Which of the following is the BEST key performance indicator (KPI) for determining how well the IT policy is aligned to the business requirements?
A. Number of approved exceptions to the policy
B. Total cost of policy breaches
C. Total cost to support the policy
D. Number of inquiries regarding the policy
Answer
A. Number of approved exceptions to the policy
CISA Question 3040
Question
Communicating which of the following would BEST encourage management to initiate appropriate actions following the receipt of report findings?
A. Risk implications of the observations
B. Strict deadlines to close all observations
C. Statistical sampling used to derive observations
D. Recommendations that align with the business strategy
Answer
D. Recommendations that align with the business strategy