Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 32

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3371

Question

During audit planning, an IS auditor walked through the design of controls related to a new data loss prevention (DLP) tool. It was noted that the tool will be configured to alert IT management when large files are sent outside of the organization via email. What type of control will be tested?
A. Detective
B. Corrective
C. Directive
D. Preventive

Answer

A. Detective

CISA Question 3372

Question

To test the integrity of the data in the accounts receivable master file, an IS auditor is particularly interested in reviewing customers with balances over $400,000.
The selection technique the IS auditor would use to obtain such a sample is called:
A. random selection.
B. systematic selection.
C. discovery selection.
D. stratification.

Answer

D. stratification.

CISA Question 3373

Question

The MOST effective method for an IS auditor to determine which controls are functioning in an operating system is to:
A. compare the current configuration to the corporate standard.
B. consult with the systems programmer.
C. consult with the vendor of the system.
D. compare the current configuration to the default configuration.

Answer

A. compare the current configuration to the corporate standard.

CISA Question 3374

Question

Which of the following findings should be an IS auditor’s GREATEST concern when reviewing an organization’s purchase of new IT infrastructure hardware?
A. The new infrastructure arrived with default system settings.
B. The new infrastructure has residual risk within the organization’s risk tolerance.
C. The new infrastructure’s hardening requirements are stronger than required by policy.
D. The new infrastructure has compatibility issues with existing systems.

Answer

D. The new infrastructure has compatibility issues with existing systems.

CISA Question 3375

Question

Which of the following would be MOST critical for an IS auditor to look for when evaluating fire precautions in a manned data center located in the upper floor of a multi-story building?
A. Existence of handheld fire extinguishers in highly visible locations
B. Documentation of regular inspections by the local fire department
C. Adequacy of the HVAC system throughout the facility
D. Documentation of tested emergency evacuation plans

Answer

D. Documentation of tested emergency evacuation plans

CISA Question 3376

Question

Performance monitoring tools report that servers are consistently above the recommended utilization capacity. Which of the following is the BEST recommendation of the IS auditor?
A. Develop a capacity plan based on usage projections.
B. Deploy load balancers.
C. Monitor activity logs.
D. Add servers until utilization is at target capacity.

Answer

A. Develop a capacity plan based on usage projections.

CISA Question 3377

Question

Which of the following should be of GREATEST concern to an IS auditor conducting an audit of an organization’s backup processes?
A. A written backup policy is not available.
B. Backup failures are not resolved in a timely manner.
C. The restoration process is slow due to connectivity issues.
D. The service levels are not achieved.

Answer

D. The service levels are not achieved.

CISA Question 3378

Question

Following a security breach in which a hacker exploited a well-known vulnerability in the domain controller, an IS auditor has been asked to conduct a control assessment. The auditor’s BEST course of action would be to determine if:
A. the domain controller was classified for high availability.
B. the network traffic was being monitored.
C. the patches were updated.
D. the logs were monitored.

Answer

D. the logs were monitored.

CISA Question 3379

Question

An employee transfers from an organization’s risk management department to become the lead IS auditor. While in the risk management department, the employee helped develop the key performance indicators (KPIs) now used by the organization. Which of the following would pose the GREATEST threat to the independence of this auditor?
A. Evaluating the effectiveness of IT risk management processes
B. Recommending controls to address the IT risks identified by KPIs
C. Developing KPIs to measure the internal audit team
D. Training the IT audit team on IT risk management processes

Answer

B. Recommending controls to address the IT risks identified by KPIs

CISA Question 3380

Question

An IS auditor discovers a recurring software control process issue that severely impacts the efficiency of a critical business process. Which of the following is the BEST recommendation?
A. Replace the malfunctioning system.
B. Determine the compensating controls.
C. Identify other impacted processes.
D. Determine the root cause of the issue.

Answer

D. Determine the root cause of the issue.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker