Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA Certified Information Systems Auditor CISA Exam Questions in PDF

Free ISACA CISA Dumps Questions (page: 20)

CISA PDF — 1823 Questions

Which of the following is the BEST control to mitigate attacks that redirect Internet traffic to an unauthorized website?

  1. Utilize a network-based firewall.
  2. Conduct regular user security awareness training.
  3. Enforce a strong password policy meeting complexity requirements.
  4. Perform domain name system (DNS) server security hardening.

Answer(s): D



During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

  1. Retest the control.
  2. Notify the audit manager.
  3. Close the audit finding.
  4. Notify the chair of the audit committee

Answer(s): B



An organization wants to classify database tables according to its data classification scheme. From an IS auditor's perspective, the tables should be classified based on the:

  1. specific functional contents of each single table.
  2. frequency of updates to the table.
  3. number of end users with access to the table.
  4. descriptions of column names in the table.

Answer(s): A



Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?

  1. Provide notification to employees about possible email monitoring.
  2. Develop an information classification scheme.
  3. Develop an acceptable use policy for end-user computing (EUC).
  4. Require all employees to sign nondisclosure agreements (NDAs).

Answer(s): B



While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?

  1. Conduct awareness presentations and seminars for information classification policies.
  2. Use automatic document classification based on content.
  3. Have IT security staff conduct targeted training for data owners.
  4. Publish the data classification policy on the corporate web portal.

Answer(s): C



Viewing page 20 of 366

Share your comments for ISACA CISA exam with other users:

M
Mike
8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.

UNITED STATES
S
Sam
8/31/2023 10:32:00 AM

not bad but you question database from isaca

MALAYSIA
D
Deno
10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.

Anonymous
AI Tutor 👋 I’m here to help!