Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 8

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 731

Question

Due to the cost restrains, a company defers the replacement of hardware supporting core application. Which of the following represents the GREATEST risk?

A. Maintenance costs may rise.
B. Future upgrades may not be possible.
C. Systems availability may suffer.
D. Eventual replacement may be more expensive.

Answer

C. Systems availability may suffer.

CISA Question 732

Question

Which of the following would BEST detect that a distributed-denial-of-service attack (DDoS) is occurring?

A. Server crashes
B. Automated monitoring of logs
C. Penetration testing
D. Customer service complaints

Answer

B. Automated monitoring of logs

CISA Question 733

Question

The PRIMARY benefit of using secure shell (SSH) to access a server on a network is that it:

A. provides better session reliability.
B. prevents man-in-the-middle attacks.
C. provides confidentiality of transmitted data.
D. facilitates communication across platforms.

Answer

C. provides confidentiality of transmitted data.

CISA Question 734

Question

Reorganization of databases is undertaken PRIMARILY to:

A. reduce backout and recovery times.
B. eliminate duplicates and perform data backup.
C. reduce simultaneous update time and index validation.
D. improve data access and retrieval times.

Answer

D. improve data access and retrieval times.

CISA Question 735

Question

To ensure the integrity of a recovered database, which of the following would be MOST useful?

A. Before-and-after transaction images
B. Database defragmentation tools
C. A copy of the data dictionary
D. Application transaction logs

Answer

A. Before-and-after transaction images

CISA Question 736

Question

A sales representative is reviewing the organization’s feedback blog and gets redirected to a site that sells illegal prescription drugs. The blog site is MOST likely susceptible to which of the following types of attacks?

A. Directory harvesting
B. SQL injection
C. Cross-site scripting
D. Phishing attack.

Answer

C. Cross-site scripting

CISA Question 737

Question

Nonrepudiation of the client for e-commerce transactions is accomplished through which of the following control mechanisms?

A. Password security
B. Internet protocol (IP) address verification
C. Public key infrastructure (PKI)
D. Secure Sockets Layer (SSL)

Answer

C. Public key infrastructure (PKI)

CISA Question 738

Question

Which of the following provides the BEST audit evidence that a firewall is configured in compliance with the organization’s security policy?

A. Analyzing how the configuration changes are performed
B. Performing penetration testing
C. Analyzing log files
D. Reviewing the rule base

Answer

B. Performing penetration testing

CISA Question 739

Question

An enterprise receiving email should have procedures to control:

A. insufficient end-points.
B. unsolicited executable code.
C. outdated protocols.
D. insufficient connectivity.

Answer

B. unsolicited executable code.

CISA Question 740

Question

The lack of which of the following represents the GREATEST risk to the quality of developed software?

A. Code reviews
B. Periodic internal audits
C. Load testing
D. An enterprise architecture

Answer

A. Code reviews

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.