Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Isaca
  3. Isaca Certification
  4. CISA - Certified Information Systems Auditor

CISA Exam Dumps - Certified Information Systems Auditor

Go to page:
Question # 129

During which process is regression testing MOST commonly used?

A.

System modification

B.

Unit testing

C.

Stress testing

D.

Program development

Full Access
Question # 130

Which of the following should be an IS auditor's GREATEST concern when reviewing an organization's security controls for policy compliance?

A.

The security policy has not been reviewed within the past year.

B.

Security policy documents are available on a public domain website.

C.

Security policies are not applicable across all business units.

D.

End users are not required to acknowledge security policy training.

Full Access
Question # 131

Which of the following should be the GREATEST concern for an IS auditor assessing an organization's disaster recovery plan (DRP)?

A.

The DRP was developed by the IT department.

B.

The DRP has not been tested during the past three years.

C.

The DRP has not been updated for two years.

D.

The DRP does not include the recovery the time objective (RTO) for a key system.

Full Access
Question # 132

Which of the following should be the GREATEST concern to an IS auditor reviewing the information security framework of an organization?

A.

The information security policy has not been updated in the last two years.

B.

Senior management was not involved in the development of the information security policy.

C.

A list of critical information assets was not included in the information security policy.

D.

The information security policy is not aligned with regulatory requirements.

Full Access
Question # 133

Which of the following findings related to segregation of duties should be of GREATEST concern to an IS auditor?

A.

The person who tests source code also approves changes.

B.

The person who administers servers is also part of the infrastructure management team.

C.

The person who creates new user accounts also modifies user access levels.

D.

The person who edits source code also has write access to production.

Full Access
Question # 134

An organization is implementing a new data loss prevention (DLP) tool. Which of the following will BEST enable the organization to reduce false positive alerts?

A.

Using the default policy and tool rule sets

B.

Configuring a limited set of rules

C.

Deploying the tool in monitor mode

D.

Reducing the number of detection points

Full Access
Question # 135

An IS auditor is reviewing a data conversion project. Which of the following is the auditor's BEST recommendation prior to go-live?

A.

Conduct a mock conversion test.

B.

Review test procedures and scenarios.

C.

Automate the test scripts.

D.

Establish a configuration baseline.

Full Access
Question # 136

Which of the following is the MOST important success factor for implementing a data loss prevention (DLP) tool?

A.

Implementing the tool in monitor mode to avoid unnecessary blocking of communication

B.

Defining and configuring policies and tool rule sets to monitor sensitive data movement

C.

Testing the tool in a test environment before moving to the production environment

D.

Assigning responsibilities for maintaining the tool to applicable data owners and stakeholders

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps