Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Isaca
  3. Isaca Certification
  4. CISA - Certified Information Systems Auditor

CISA Exam Dumps - Certified Information Systems Auditor

Go to page:
Question # 121

An IS auditor can BEST evaluate the business impact of system failures by:

A.

assessing user satisfaction levels.

B.

interviewing the security administrator.

C.

analyzing equipment maintenance logs.

D.

reviewing system-generated logs.

Full Access
Question # 122

Which of the following is the BEST way to ensure a vendor complies with system security requirements?

A.

Require security training for vendor staff.

B.

Review past incidents reported by the vendor.

C.

Review past audits on the vendor's security compliance.

D.

Require a compliance clause in the vendor contract.

Full Access
Question # 123

An IS auditor is conducting an IT governance audit and notices many initiatives are managed informally by isolated project managers. Which of the following recommendations would have the GREATEST impact on improving the maturity of the IT team?

A.

Schedule a follow-up audit in the next year to confirm whether IT processes have matured.

B.

Create an interdisciplinary IT steering committee to oversee IT prioritization and spending.

C.

Document and track all IT decisions in a project management tool.

D.

Discontinue all current IT projects until formal approval is obtained and documented.

Full Access
Question # 124

While reviewing the effectiveness of an incident response program, an IS auditor notices a high number of reported incidents involving malware originating from removable media found by employees. Which of the following is the MOST appropriate recommendation to management?

A.

Restrict access to removable media ports on company devices.

B.

Install an additional antivirus program to increase protection.

C.

Ensure the antivirus program contains up-to-date signature files for all company devices.

D.

Implement an organization-wide removable media policy.

Full Access
Question # 125

An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of

GREATEST concern to the auditor?

A.

End-user managers determine who should access what information.

B.

The organization has created a dozen different classification categories.

C.

The compliance manager decides how the information should be classified.

D.

The organization classifies most of its information as confidential.

Full Access
Question # 126

A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

A.

the audit committee.

B.

audit management.

C.

auditee line management.

D.

the police.

Full Access
Question # 127

Which of the following tasks would cause the GREATEST segregation of duties (SoD) concern if performed by the person who reconciles the organization's device inventory?

A.

Tracking devices used for spare parts

B.

Creating the device policy

C.

vIssuing devices to employees

D.

Approving the issuing of devices

Full Access
Question # 128

Which of the following is MOST likely to be reduced when implementing optimal risk management strategies?

A.

Sampling risk

B.

Residual risk

C.

Detection risk

D.

Inherent risk

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps