Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 4

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 301

Question

Which type of review is MOST important to conduct when an IS auditor is informed that a recent internal exploitation of a bug has been discovered in a business application?

A. Forensic audit
B. Penetration testing
C. Server security audit
D. Application security testing

Answer

D. Application security testing

CISA Question 302

Question

Which of the following controls MOST effectively reduces the risk associated with use of instant messaging (IM) in the workplace?

A. Traffic encryption
B. Session border controllers
C. Network address translation
D. Blocking peer-to-peer (P2P) clients

Answer

D. Blocking peer-to-peer (P2P) clients

CISA Question 303

Question

An organization has implemented application whitelisting in response to the discovery of a large amount of unapproved software. Which type of control has been deployed?

A. Directive
B. Preventive
C. Detective
D. Corrective

Answer

B. Preventive

CISA Question 304

Question

Which of the following attacks is BEST detected by an intrusion detection system (IDS)?

A. Spamming
B. Spoofing
C. Logic bomb
D. System scanning

Answer

D. System scanning

CISA Question 305

Question

The recovery time objective (RTO) is normally determined on the basis of the:

A. criticality of the systems affected
B. risk of occurrence
C. acceptable downtime of the alternate site
D. cost of recovery of all systems

Answer

A. criticality of the systems affected

CISA Question 306

Question

Which of the following is the BEST way to minimize leakage of data in transit?

A. Virtual local area network (VLAN)
B. Storage encryption
C. Virtual private network (VPN)
D. Digital signature

Answer

C. Virtual private network (VPN)

CISA Question 307

Question

Which of the following would provide the BEST evidence for use in a forensic investigation of an employee’s hard drive?

A. A file level copy of the hard drive
B. Bit-stream copy of the hard drive
C. Memory dump to an external hard drive
D. Prior backups

Answer

B. Bit-stream copy of the hard drive

CISA Question 308

Question

Which of the following is an indication of possible hacker activity involving voice communications?

A. A significant percentage of lines are busy during early morning and late afternoon hours.
B. Outbound calls are found to significantly increase in frequency during non-business hours.
C. Inbound calls experience significant fluctuations based on time-of-day and day-of-week.
D. Direct inward system access (DISA) is found to be disabled on the company’s exchange.

Answer

B. Outbound calls are found to significantly increase in frequency during non-business hours.

CISA Question 309

Question

When using a wireless device, which of the following BEST ensures confidential access to email via web mail?

A. Simple object access protocol (SOAP)
B. Hypertext transfer protocol secure (HTTPS)
C. Extensible markup language (XML)
D. Wired equivalent privacy (WEP)

Answer

B. Hypertext transfer protocol secure (HTTPS)

CISA Question 310

Question

Which of the following is the GREATEST risk associated with instant messaging?

A. Data governance may become ineffective.
B. Data classification procedures may not be followed.
C. Data logging is more difficult.
D. Data exfiltration is more likely to occur.

Answer

D. Data exfiltration is more likely to occur.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker