The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 331
- Question
- Answer
- CISA Question 332
- Question
- Answer
- CISA Question 333
- Question
- Answer
- CISA Question 334
- Question
- Answer
- CISA Question 335
- Question
- Answer
- CISA Question 336
- Question
- Answer
- CISA Question 337
- Question
- Answer
- CISA Question 338
- Question
- Answer
- CISA Question 339
- Question
- Answer
- CISA Question 340
- Question
- Answer
CISA Question 331
Question
A digital signature addresses which of the following concerns?
A. Message copying
B. Message theft
C. Unauthorized reading
D. Message alteration
Answer
D. Message alteration
CISA Question 332
Question
Which of the following roles is ULTIMATELY accountable for the protection of an organization’s information?
A. The board of directors
B. The chief information security officer (CISO)
C. The data owner
D. The chief information officer (CIO)
Answer
C. The data owner
CISA Question 333
Question
Which of the following features of a library control software package would protect against unauthorized updating of source code?
A. Access controls for source libraries
B. Required approvals at each life cycle step
C. Date and time stamping of source and object code
D. Release-to-release comparison of source code
Answer
A. Access controls for source libraries
CISA Question 334
Question
Which of the following is a PRIMARY purpose of a privacy notice?
A. To obtain permission from users for the organization to use personal information as it sees fit
B. To indemnify the organization against litigation by users for the appropriation of personal information
C. To establish the organization’s accountability for the use and protection of personal information
D. To ensure that the organization’s privacy controls comply with the privacy laws of the user’s region
Answer
C. To establish the organization’s accountability for the use and protection of personal information
CISA Question 335
Question
What is the PRIMARY objective of implementing data classification?
A. Employ data leakage prevention tools.
B. Establish appropriate data protection methods.
C. Create awareness among users.
D. Establish appropriate encryption methods.
Answer
B. Establish appropriate data protection methods.
CISA Question 336
Question
Which of the following would protect the confidentiality of information sent in email messages?
A. Encryption
B. Digital certificates
C. Digital signatures
D. Secure Hash Algorithm 1 (SHA-1)
Answer
A. Encryption
CISA Question 337
Question
Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?
A. Reduce the risk of data leakage that could lead to an attack.
B. Comply with business continuity best practice.
C. Ensure compliance with the data classification policy.
D. Protect the plan from unauthorized alteration.
Answer
D. Protect the plan from unauthorized alteration.
CISA Question 338
Question
Which of the following roles is BEST suited to assign classification to an information asset?
A. The data owner
B. The information security manager
C. The data custodian
D. The senior manager
Answer
A. The data owner
CISA Question 339
Question
Which of the following should an IS auditor expect to find when reviewing IT security policy?
A. Assigned responsibility for safeguarding company assets
B. A risk-based classification of systems
C. An inventory of information assets
D. Virus protection implementation strategies
Answer
A. Assigned responsibility for safeguarding company assets
CISA Question 340
Question
Which of the following would be of MOST concern when determining if information assets are adequately safeguard during transport and disposal?
A. Lack of password protection
B. Lack of recent awareness training
C. Lack of appropriate data classification
D. Lack of appropriate labeling
Answer
C. Lack of appropriate data classification