The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 311
- Question
- Answer
- CISA Question 312
- Question
- Answer
- CISA Question 313
- Question
- Answer
- CISA Question 314
- Question
- Answer
- CISA Question 315
- Question
- Answer
- CISA Question 316
- Question
- Answer
- CISA Question 317
- Question
- Answer
- CISA Question 318
- Question
- Answer
- CISA Question 319
- Question
- Answer
- CISA Question 320
- Question
- Answer
CISA Question 311
Question
Which of the following is the BEST reason to utilize blockchain technology to record accounting transactions?
A. Integrity of records
B. Confidentiality of records
C. Availability of records
D. Distribution of records
Answer
A. Integrity of records
CISA Question 312
Question
When reviewing a contract for a disaster recovery hot site, which of the following would be the MOST significant omission?
A. Audit rights
B. Testing procedures
C. Exposure coverage
D. Equipment provided
Answer
C. Exposure coverage
CISA Question 313
Question
During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be performed by the organization’s information security team?
A. Gap analysis
B. Business impact analysis (BIA)
C. Qualitative risk analysis
D. Root cause analysis
Answer
B. Business impact analysis (BIA)
CISA Question 314
Question
Which of the following is the BEST way to mitigate the impact of ransomware attacks?
A. Backing up data frequently
B. Invoking the disaster recovery plan (DRP)
C. Requiring password changes for administrative accounts
D. Paying the ransom
Answer
A. Backing up data frequently
CISA Question 315
Question
Which of the following threats is MOST effectively controlled by a firewall?
A. Network congestion
B. Denial of service (DoS) attack
C. Network sniffing
D. Password cracking
Answer
B. Denial of service (DoS) attack
CISA Question 316
Question
An organization is designing an application programming interface (API) for business-to-business data sharing with a vendor. Which of the following is the BEST way to reduce the potential risk of data leakage?
A. Implement a policy to require data transfer over hypertext transfer protocol (HTTP)
B. Implement the API on a secure server and encrypt traffic between both organizations
C. Restrict the allowable number of API calls within a specified period
D. Conduct an independent review of the application architecture and service level agreements (SLAs)
Answer
B. Implement the API on a secure server and encrypt traffic between both organizations
CISA Question 317
Question
Which of the following is the BEST way to transmit documents classified as confidential over the Internet?
A. Hashing the document contents and destroying the hash value
B. Sending documents as multiple packets over different network routes
C. Converting documents to proprietary format before transmission
D. Using a virtual private network (VPN)
Answer
D. Using a virtual private network (VPN)
CISA Question 318
Question
To mitigate the risk of exposing data through application programming interface (API) queries, which of the following design considerations is MOST important?
A. Data minimalization
B. Data quality
C. Data retention
D. Data integrity
Answer
A. Data minimalization
CISA Question 319
Question
Which of the following test approaches would utilize data analytics to test a dual approval payment control?
A. Review payments completed in the past month that do not have a unique approver.
B. Attempt to complete a payment without a secondary approval.
C. Review users within the payment application who are assigned an approver role.
D. Evaluate configuration settings for the secondary approval requirements.
Answer
A. Review payments completed in the past month that do not have a unique approver.
CISA Question 320
Question
When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:
A. cross-platform security authentication.
B. time synchronization of databases.
C. network traffic levels between platforms.
D. time-stamping of transactions to facilitate recovery.
Answer
A. cross-platform security authentication.