Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 4

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 311

Question

Which of the following is the BEST reason to utilize blockchain technology to record accounting transactions?

A. Integrity of records
B. Confidentiality of records
C. Availability of records
D. Distribution of records

Answer

A. Integrity of records

CISA Question 312

Question

When reviewing a contract for a disaster recovery hot site, which of the following would be the MOST significant omission?

A. Audit rights
B. Testing procedures
C. Exposure coverage
D. Equipment provided

Answer

C. Exposure coverage

CISA Question 313

Question

During a post-incident review of a security breach, what type of analysis should an IS auditor expect to be performed by the organization’s information security team?

A. Gap analysis
B. Business impact analysis (BIA)
C. Qualitative risk analysis
D. Root cause analysis

Answer

B. Business impact analysis (BIA)

CISA Question 314

Question

Which of the following is the BEST way to mitigate the impact of ransomware attacks?

A. Backing up data frequently
B. Invoking the disaster recovery plan (DRP)
C. Requiring password changes for administrative accounts
D. Paying the ransom

Answer

A. Backing up data frequently

CISA Question 315

Question

Which of the following threats is MOST effectively controlled by a firewall?

A. Network congestion
B. Denial of service (DoS) attack
C. Network sniffing
D. Password cracking

Answer

B. Denial of service (DoS) attack

CISA Question 316

Question

An organization is designing an application programming interface (API) for business-to-business data sharing with a vendor. Which of the following is the BEST way to reduce the potential risk of data leakage?

A. Implement a policy to require data transfer over hypertext transfer protocol (HTTP)
B. Implement the API on a secure server and encrypt traffic between both organizations
C. Restrict the allowable number of API calls within a specified period
D. Conduct an independent review of the application architecture and service level agreements (SLAs)

Answer

B. Implement the API on a secure server and encrypt traffic between both organizations

CISA Question 317

Question

Which of the following is the BEST way to transmit documents classified as confidential over the Internet?

A. Hashing the document contents and destroying the hash value
B. Sending documents as multiple packets over different network routes
C. Converting documents to proprietary format before transmission
D. Using a virtual private network (VPN)

Answer

D. Using a virtual private network (VPN)

CISA Question 318

Question

To mitigate the risk of exposing data through application programming interface (API) queries, which of the following design considerations is MOST important?

A. Data minimalization
B. Data quality
C. Data retention
D. Data integrity

Answer

A. Data minimalization

CISA Question 319

Question

Which of the following test approaches would utilize data analytics to test a dual approval payment control?

A. Review payments completed in the past month that do not have a unique approver.
B. Attempt to complete a payment without a secondary approval.
C. Review users within the payment application who are assigned an approver role.
D. Evaluate configuration settings for the secondary approval requirements.

Answer

A. Review payments completed in the past month that do not have a unique approver.

CISA Question 320

Question

When implementing a software product (middleware) to pass data between local area network (LAN) servers and the mainframe, the MOST critical control consideration is:

A. cross-platform security authentication.
B. time synchronization of databases.
C. network traffic levels between platforms.
D. time-stamping of transactions to facilitate recovery.

Answer

A. cross-platform security authentication.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker