Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 7

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 691

Question

Effective IT governance requires organizational structures and processes to ensure that:

A. the organization’s strategies and objectives extend the IT strategy.
B. the business strategy is derived from an IT strategy.
C. IT governance is separate and distinct from the overall governance.
D. the IT strategy extends the organization’s strategies and objectives.

Answer

D. the IT strategy extends the organization’s strategies and objectives.

Explanation

Effective IT governance requires that board and executive management extend governance to IT and provide the leadership, organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives, and that the strategy is aligned with business strategy. Choice A is incorrect because it is the IT strategy that extends the organizational objectives, not the opposite. IT governance is not an isolated discipline; it must become an integral part of the overall enterprise governance.

CISA Question 692

Question

Loading of illegal software packages onto a network by an employee is MOST effectively detected by:

A. diskless workstations.
B. regular scanning of hard drives
C. maintaining current antivirus software.
D. logging of activity on network drives.

Answer

B. regular scanning of hard drives

CISA Question 693

Question

Which of the following is BEST enabled by following a configuration management process for new applications?

A. Deploying approved emergency changes to production
B. Ensuring proper testing of code before deployment
C. Managing successful implementation of acquired software
D. Maintaining adequate control over changes to production

Answer

D. Maintaining adequate control over changes to production

CISA Question 694

Question

Which of the following would MOST effectively aid executive management in achieving IT and business alignment?

A. Risk assessment
B. Value delivery assessment
C. Balanced scorecard
D. Performance measurement

Answer

C. Balanced scorecard

CISA Question 695

Question

Which of the following provides the MOST comprehensive description of IT’s role in an organization?

A. IT organizational chart
B. IT project portfolio
C. IT charter
D. IT job descriptions

Answer

C. IT charter

CISA Question 696

Question

The GREATEST risk of database denormalization is:

A. decreased performance.
B. loss of data confidentiality.
C. loss of database integrity.
D. incorrect metadata.

Answer

A. decreased performance.

CISA Question 697

Question

Which of the following is an example of audit risk?

A. Audit work may be lost due to a malware attack.
B. Management may disagree with audit conclusions.
C. Sampling methods may not detect a material error.
D. Newer auditors may require additional supervision and training.

Answer

C. Sampling methods may not detect a material error.

CISA Question 698

Question

An organization is running servers with critical business applications that are in an area subject to frequent but brief power outages. Knowledge of which of the following would allow the organization’s management to monitor the ongoing adequacy of the uninterruptible power supply (UPS)?

A. Duration and interval of the power outages
B. Business impact of server downtime
C. Number of servers supported by the UPS
D. Mean time to recover servers after failure

Answer

B. Business impact of server downtime

CISA Question 699

Question

Which of the following is the MOST important consideration when deploying closed-circuit television (CCTV) systems that use wireless communication links to transmit images between cameras and a receiver?

A. Encryption of transmissions
B. Monitoring by security guards
C. Retention period of recordings
D. Strategic placement of cameras

Answer

B. Monitoring by security guards

CISA Question 700

Question

Which of the following is the BEST detective control for a job scheduling process involving data transmission?

A. Metrics denoting the volume of monthly job failures are reported and reviewed by senior management.
B. Job failure alerts are automatically generated and routed to support personnel.
C. Jobs are scheduled and a log of this activity is retained for subsequent review.
D. Jobs are scheduled to be completed daily and data is transmitted using a secure File Transfer Protocol (FTP).

Answer

B. Job failure alerts are automatically generated and routed to support personnel.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker