The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 711
- Question
- Answer
- CISA Question 712
- Question
- Answer
- CISA Question 713
- Question
- Answer
- CISA Question 714
- Question
- Answer
- CISA Question 715
- Question
- Answer
- CISA Question 716
- Question
- Answer
- CISA Question 717
- Question
- Answer
- CISA Question 718
- Question
- Answer
- CISA Question 719
- Question
- Answer
- CISA Question 720
- Question
- Answer
CISA Question 711
Question
An organization has installed blade server technology in its data center. To determine whether higher cooling demands are maintained, which of the following should the IS auditor review?
A. Ventilation systems
B. Uninterruptible power supply (UPS) systems
C. Air conditioning capacity
D. Duct maintenance
Answer
C. Air conditioning capacity
CISA Question 712
Question
An IS auditor is unable to directly test privacy controls for a client’s cloud-based application. The MOST effective alternative to direct testing is to review:
A. the provider’s internal audit reports.
B. the provider’s statement of assurance.
C. formal privacy certification.
D. independent audit reports.
Answer
D. independent audit reports.
CISA Question 713
Question
The demilitarized zone (DMZ) is the part of a network where servers that are placed are:
A. running internal department applications.
B. running mission-critical, non-web applications.
C. interacting with the public Internet.
D. external to the organization.
Answer
C. interacting with the public Internet.
CISA Question 714
Question
Which of the following provides the GREATEST assurance that any confidential information on a disk is no longer accessible but the device is still usable by other internal users?
A. Reformatting the disk
B. Erasing the disk
C. Degaussing the disk
D. Password-protecting the disk
Answer
A. Reformatting the disk
CISA Question 715
Question
The quality assurance (QA) function should be prevented from:
A. developing naming conventions.
B. establishing analysis techniques.
C. amending review procedures.
D. changing programs for business functions.
Answer
C. amending review procedures.
CISA Question 716
Question
Based on the guidance of internal audit, an IT steering committee is considering the use of a balanced scorecard to evaluate its project management process.
Which of the following is the GREATEST advantage to using this approach?
A. Project schedule and budget management will improve.
B. Performance is measured from different perspectives.
C. Information is provided in a consistent and timely manner.
D. Project will be prioritized based on value.
Answer
B. Performance is measured from different perspectives.
CISA Question 717
Question
Which of the following is the MOST significant concern when backup tapes are encrypted?
A. Loss of the encryption key
B. Lack of physical security over the tapes
C. Incompatibility with future software versions
D. Inaccurate data due to encryption processing
Answer
A. Loss of the encryption key
CISA Question 718
Question
Which of the following is the MOST critical step prior to performing a network penetration test?
A. Informing management of the potential risk involved with penetration testing
B. Identifying a scanning tool for use in identifying vulnerabilities
C. Communicating the location of the penetration test targets to management
D. Reviewing the results of previous penetration tests
Answer
A. Informing management of the potential risk involved with penetration testing
CISA Question 719
Question
Due to the small size of the payroll department, an organization is unable to segregate the employee setup and payroll processing functions.
Which of the following would be the BEST compensating control for the lack of segregation of duties?
A. An independent payroll disbursement review is conducted.
B. The system is configured to require secondary approval for changes to the employee master file.
C. A review is conducted to verify that terminated employees are removed from the employee master file.
D. A payroll variance report is reviewed for anomalies every pay period.
Answer
D. A payroll variance report is reviewed for anomalies every pay period.
CISA Question 720
Question
Privileged account access is required to start an ad hoc batch job. Which of the following would MOST effectively detect unauthorized job execution?
A. Requiring manual approval by an authorized user
B. Executing the job through two-factor authentication
C. Introducing job execution request procedures
D. Reconciling user activity logs against authorizations
Answer
B. Executing the job through two-factor authentication