Test your knowledge of IT auditing, control, and information security with these 15 questions. This free practice quiz includes real CISA questions that you will face on the real CISA exam. Take the ISACA CISA practice test on our exam dumps and study ISACA CISA exam questions anytime. Do the quiz now! 

1.An organization performs nightly backups but does not have a formal policy. An IS auditor should FIRST:

A. escalate to senior management.

B. document a policy for the organization.

C. evaluate current backup procedures.

D. recommend automated backup.

Answer: 

2.What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

A. Restricting a local user to necessary resources on a local platform

B. Restricting a local user to necessary resources on the host server

C. Maintaining consistency throughout all platforms

D. Creating new user IDs valid only on a few hosts.

Answer: 

3.Which of the following sampling methods is the BEST approach for drawing conclusions based on the frequency of occurrence?

A. Attribute sampling

B. Monetary estimation sampling

C. Stratified sampling

D. Difference estimation sampling

Answer: 

4.What is the purpose of using a write blocker during the acquisition phase of a digital forensics investigation?

A. To preserve the chain of custody.

B. To protect against self-destruct utilities.

C. To prevent the activation of installed malware.

D. To prevent evidence alteration.

Answer: 

5.When using a wireless device, which of the following BEST ensures confidential access to email via webmail?

A. Simple object access protocol (SOAP)

B. Hypertext transfer protocol secure (HTTPS)

C. Extensible markup language (XML)

D. Wired equivalent privacy (WEP)

Answer: 

6.The PRIMARY purpose of an internal audit department’s quality assurance improvement program is to evaluate the following?

A. The adequacy and qualifications of internal audit personnel

B. The effectiveness of the internal audit function

C. The efficiency of internal audit processes

D. The accuracy of prior-year internal audit results

Answer: 

ISACA-CISA-Questions

7.Which of the following is an indication of possible hacker activity involving voice communications?

A. A significant percentage of lines are busy during early morning and late afternoon hours.

B. Outbound calls are found to increase in frequency during non-business hours significantly.

C. Inbound calls experience significant fluctuations based on time-of-day and day-of-week.

D. Direct inward system access (DISA) is found to be disabled on the company’s exchange.

Answer:

Also read: Top 5 Tips for CISA Exam Success and Get CISA Certification

8.Which of the following is the BEST recommendation for the establishment of an information security policy?

A. The policy should be developed by IS management.

B. The development and approval should be overseen by business area management.

C. The policy and guidelines should be developed by the human resources department.

D. The policy should be developed by the security administrator.

Answer: 

9.The final acceptance testing of a new application system should be the responsibility of the:

A. quality assurance team.

B. IS management.

C. user group.

D. IS audit team.

Answer: 

10.Which of the following presents the GREATEST security risk in a virtualized computing environment?

A. Passwords for the software that controls the operations of virtual machines are set to default.

B. Backups for sensitive data formats are not stored at an offsite location.

C. Some business users have not received appropriate training on the virtual desktop environment.

D. Physical access to the data center that hosts hardware for virtual machines is not logged.

Answer: 

11.A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques is that CSA:

A. can identify high-risk areas for detailed review.

B. allows IS auditors to assess risk independently.

C. can be used as a replacement for traditional audits.

D. allows management to relinquish responsibility for control.

Answer: 

12.An organization with high-security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?

A. False-identification rate (FIR).

B. Equal-error rate (EER).

C. False-rejection rate (FRR).

D. False-acceptance rate (FAR).

Answer: 

13.Which of the following is the GREATEST advantage of implementing an IT enterprise architecture framework within an organization?

A. It better equips an organization to adopt innovative and emerging technologies.

B. It helps to identify security issues in systems across the organization.

C. It reduces the overlap of infrastructure technologies within the organization.

D. It improves the organization’s ability to meet service level agreements (SLAs).

Answer: 

14.Which of the following is the BEST way to increase the effectiveness of security incident detection?

A. Educating end users on identifying suspicious activity.

B. Determining containment activities based on the type of incident.

C. Establishing service level agreements (SLAs) with appropriate forensic service providers.

D. Documenting root cause analysis procedures.

Answer: 

15.What is the FIRST step an auditor should take when beginning a follow-up audit?

A. Review work papers from the previous audit.

B. Gather evidence of remediation to conduct tests of controls.

C. Review previous findings and action plans.

D. Meet with the auditee to discuss remediation progress.

Answer: 

Note: If you need answers, you can contact us for more details! Thanks.

Overview of our CISA Dumps

Still want to know more about CISA exam questions after the quiz. Don’t worry! Here you are in the right place. our offers 100% real and valid CISA dumps to help you prepare & pass the CISA exam fully with less time.

With our CISA practice tests, you can know about the real CISA exam structures and topics and find out where you lack it easily! Thousands of candidates pass the CISA exam on the first try with our CISA Practice Tests!

Advantages of our CISA Practice Tests100% Accurate CISA QuestionsReal CISA Exam EnvironmentAverage 7 Days to Practice & PassUpdate Latest CISA QAs Timely100% Cover Real CISA Exam100% Verified CISA Exam AnswersLatest CISA Exam FeedbacksAverage 4 CISA Pass every day

Acquiring the certification isn’t going to be an easy task, but if you have the expertise help of the ISACA CISA Questions offered at the ITCertDumps, you would be able to achieve it in a single attempt.

Comments

Leave a comment