The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 761
- Question
- Answer
- CISA Question 762
- Question
- Answer
- CISA Question 763
- Question
- Answer
- CISA Question 764
- Question
- Answer
- CISA Question 765
- Question
- Answer
- CISA Question 766
- Question
- Answer
- CISA Question 767
- Question
- Answer
- CISA Question 768
- Question
- Answer
- CISA Question 769
- Question
- Answer
- CISA Question 770
- Question
- Answer
CISA Question 761
Question
The PRIMARY advantage of object-oriented technology is enhanced:
A. efficiency due to the re-use of elements of logic.
B. management of sequential program execution for data access.
C. management of a restricted variety of data types for a data object.
D. grouping of objects into methods for data access.
Answer
A. efficiency due to the re-use of elements of logic.
CISA Question 762
Question
Cross-site scripting (XSS) attacks are BEST prevented through:
A. use of common industry frameworks.
B. secure coding practices.
C. application firewall policy settings.
D. a three-tier web architecture.
Answer
B. secure coding practices.
CISA Question 763
Question
Both statistical and nonstatistical sampling techniques:
A. permit the auditor to quantify the probability of error.
B. permit the auditor to quantify and fix the level of risk.
C. require judgment when defining population characteristics.
D. provide each item an equal opportunity of being selected.
Answer
A. permit the auditor to quantify the probability of error.
CISA Question 764
Question
Which of the following is the GREATEST benefit of implementing an incident management process?
A. Opportunity for frequent reassessment of incidents
B. Reduction in security threats
C. Reduction in the business impact of incidents
D. Reduction of costs by the efficient use of resources
Answer
C. Reduction in the business impact of incidents
CISA Question 765
Question
Which of the following is MOST important for an IS auditor to consider when reviewing the effectiveness of an incident response program?
A. Incidents are categorized according to industry standards.
B. Lessons learned are incorporated into incident response processes.
C. Incidents are escalated to senior management in a timely manner.
D. The plan is reviewed and updated annually.
Answer
B. Lessons learned are incorporated into incident response processes.
CISA Question 766
Question
When an intrusion into an organization’s network is detected, which of the following should be performed FIRST?
A. Block all compromised network nodes.
B. Protect information in the compromised systems.
C. Develop a response to the incident.
D. Identify nodes that have been compromised.
Answer
C. Develop a response to the incident.
CISA Question 767
Question
An IS auditor learns a server administration team regularly applies workarounds to address repeated failures of critical data processing services.
Which of the following would BEST enable the organization to resolve this issue?
A. Service level management
B. Change management
C. Problem management
D. Incident management
Answer
C. Problem management
CISA Question 768
Question
Which of the following is the MAIN purpose of implementing an incident response process?
A. Provide substantial audit-trail evidence.
B. Assign roles and responsibilities.
C. Comply with policies and procedures.
D. Manage impact due to breaches.
Answer
D. Manage impact due to breaches.
CISA Question 769
Question
The PRIMARY reason an IS department should analyze past incidents and problems is to:
A. determine if all incidents and problems are reported.
B. assign responsibility for problems.
C. assess help desk performance.
D. identify the causes of recurring incidents and problems
Answer
D. identify the causes of recurring incidents and problems
CISA Question 770
Question
An IS auditor has discovered that unauthorized customer management software was installed on a workstation. The auditor determines the software has been uploading customer data to an external party. Which of the following is the IS auditor’s BEST course of action?
A. Review other workstations to determine the extent of the incident.
B. Determine the number of customer records that were uploaded.
C. Notify the incident response team.
D. Present the issue at the next audit progress meeting.
Answer
C. Notify the incident response team.