Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 8

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 751

Question

A retirement system verifies that the field for employee status has either a value of A (for active) or R (for retired). This is an example of which type of check?

A. Validity
B. Existence
C. Limit
D. Completeness

Answer

A. Validity

CISA Question 752

Question

Which of the following BEST indicates the effectiveness of an organization’s risk management program?

A. Control risk is minimized.
B. Inherent risk is eliminated.
C. Residual risk is minimized.
D. Overall risk is quantified.

Answer

C. Residual risk is minimized.

CISA Question 753

Question

Which of the following is the MOST effective way to assess whether an outsourcer’s controls are following the service level agreement (SLA)?

A. Perform an onsite review of the outsourcer.
B. Review the outsourcer’s monthly service reports.
C. Perform a review of penalty clauses for non-performance.
D. Review an internal audit report from the outsourcer’s auditor.

Answer

A. Perform an onsite review of the outsourcer.

CISA Question 754

Question

Which of the following features can be provided only by asymmetric encryption?

A. 128-bit key length
B. Information privacy
C. Data confidentiality
D. Nonrepudiation

Answer

D. Nonrepudiation

CISA Question 755

Question

An airline’s online booking system uses an automated script that checks whether fares are within the defined threshold of what is reasonable before the fares are displayed on the website. Which type of control is in place?

A. Compensating control
B. Preventive control
C. Detective control
D. Corrective control

Answer

C. Detective control

CISA Question 756

Question

Which of the following provides the MOST assurance that a newly developed web application does not have IT security issues?

A. Server hardening
B. Business impact analysis (BIA)
C. Application whitelisting
D. Penetration testing

Answer

D. Penetration testing

CISA Question 757

Question

The control that MOST effectively addresses the risk of piggybacking/tailgating into a restricted area without a dead man door is:

A. using biometric door locks.
B. security awareness training.
C. requiring employees to wear ID badges.
D. using two-factor authentication.

Answer

B. security awareness training.

CISA Question 758

Question

Which of the following is the MOST effective control for a utility program?

A. Renaming the versions in the programmers’ libraries
B. Installing the program on a separate server
C. Storing the program in a production library
D. Allowing only authorized personnel to use the program

Answer

D. Allowing only authorized personnel to use the program

CISA Question 759

Question

Which of the following is the PRIMARY advantage of using virtualization technology for corporate applications?

A. Better utilization of resources
B. Stronger data security
C. Increased application performance
D. Improved disaster recovery

Answer

A. Better utilization of resources

CISA Question 760

Question

Which of the following would BEST facilitate the detection of internal fraud perpetrated by an individual?

A. Corporate fraud hotline
B. Segregation of duties
C. Mandatory leave
D. Flexible time

Answer

C. Mandatory leave

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.