ISACA CISA Exam Questions Simulate Actual CISA Exam

Category:

Comments:

Post Date:


CISA exam dumps questions are designed to simulate the actual exam. This means that you will get a feel for the types of questions you can expect to see on the exam, as well as the format and difficulty level. In addition, CISA Certification CISA dumps are often accompanied by detailed explanations and answers. This means that if you get a question wrong, you can learn from your mistake and understand why the correct answer is the right one. Test free online CISA exam dumps below.

Page 1 of 41

1. Which of the following provides the MOST useful information to an IS auditor when selecting projects for inclusion in an IT audit plan?

A. Project charter

B. Project plan

C. Project issue log

D. Project business case

2. An IS auditor discovers from patch logs that some in-scope systems are not compliant with the regular patching schedule.

What should the auditor do NEXT?

3. An IS auditor finds that application servers had inconsistent security settings leading to potential vulnerabilities.

Which of the following is the BEST recommendation by the IS auditor?

A. Improve the change management process

B. Establish security metrics.

C. Perform a penetration test

D. Perform a configuration review

4. The decision to accept an IT control risk related to data quality should be the responsibility of the:

5. which of the following is a core functionality of a configuration and release management system?

6. A company has implemented an IT segregation of duties policy.

In a role-based environment, which of the following roles may be assigned to an application developer?

7. Which type of attack targets security vulnerabilities in web applications to gain access to data sets?

8. Several unattended laptops containing sensitive customer data were stolen from personnel offices Which of the following would be an IS auditor's BEST recommendation to protect data in case of recurrence?

9. An organization establishes capacity utilization thresholds and monitors for instances when thresholds are exceeded.

Which of the following is BEST supported by this activity?

10. During the planning phase of a data loss prevention (DLP) audit, management expresses a concern about mobile computing.

Which of the following should the IS auditor identity as the associated risk?

A. The use of the cloud negatively impacting IT availably

B. Increased need for user awareness training

C. Increased vulnerability due to anytime, anywhere accessibility

D. Lack of governance and oversight for IT infrastructure and applications


 

TAGS:

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Related

Posts