Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 8

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 711

Question

An organization has installed blade server technology in its data center. To determine whether higher cooling demands are maintained, which of the following should the IS auditor review?

A. Ventilation systems
B. Uninterruptible power supply (UPS) systems
C. Air conditioning capacity
D. Duct maintenance

Answer

C. Air conditioning capacity

CISA Question 712

Question

An IS auditor is unable to directly test privacy controls for a client’s cloud-based application. The MOST effective alternative to direct testing is to review:

A. the provider’s internal audit reports.
B. the provider’s statement of assurance.
C. formal privacy certification.
D. independent audit reports.

Answer

D. independent audit reports.

CISA Question 713

Question

The demilitarized zone (DMZ) is the part of a network where servers that are placed are:

A. running internal department applications.
B. running mission-critical, non-web applications.
C. interacting with the public Internet.
D. external to the organization.

Answer

C. interacting with the public Internet.

CISA Question 714

Question

Which of the following provides the GREATEST assurance that any confidential information on a disk is no longer accessible but the device is still usable by other internal users?

A. Reformatting the disk
B. Erasing the disk
C. Degaussing the disk
D. Password-protecting the disk

Answer

A. Reformatting the disk

CISA Question 715

Question

The quality assurance (QA) function should be prevented from:

A. developing naming conventions.
B. establishing analysis techniques.
C. amending review procedures.
D. changing programs for business functions.

Answer

C. amending review procedures.

CISA Question 716

Question

Based on the guidance of internal audit, an IT steering committee is considering the use of a balanced scorecard to evaluate its project management process.
Which of the following is the GREATEST advantage to using this approach?

A. Project schedule and budget management will improve.
B. Performance is measured from different perspectives.
C. Information is provided in a consistent and timely manner.
D. Project will be prioritized based on value.

Answer

B. Performance is measured from different perspectives.

CISA Question 717

Question

Which of the following is the MOST significant concern when backup tapes are encrypted?

A. Loss of the encryption key
B. Lack of physical security over the tapes
C. Incompatibility with future software versions
D. Inaccurate data due to encryption processing

Answer

A. Loss of the encryption key

CISA Question 718

Question

Which of the following is the MOST critical step prior to performing a network penetration test?

A. Informing management of the potential risk involved with penetration testing
B. Identifying a scanning tool for use in identifying vulnerabilities
C. Communicating the location of the penetration test targets to management
D. Reviewing the results of previous penetration tests

Answer

A. Informing management of the potential risk involved with penetration testing

CISA Question 719

Question

Due to the small size of the payroll department, an organization is unable to segregate the employee setup and payroll processing functions.
Which of the following would be the BEST compensating control for the lack of segregation of duties?

A. An independent payroll disbursement review is conducted.
B. The system is configured to require secondary approval for changes to the employee master file.
C. A review is conducted to verify that terminated employees are removed from the employee master file.
D. A payroll variance report is reviewed for anomalies every pay period.

Answer

D. A payroll variance report is reviewed for anomalies every pay period.

CISA Question 720

Question

Privileged account access is required to start an ad hoc batch job. Which of the following would MOST effectively detect unauthorized job execution?

A. Requiring manual approval by an authorized user
B. Executing the job through two-factor authentication
C. Introducing job execution request procedures
D. Reconciling user activity logs against authorizations

Answer

B. Executing the job through two-factor authentication

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.