Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 21)
ISACA Certified Information Systems Auditor
Updated on: 25-Dec-2025

Viewing Page 21 of 366
CISA PDF 1823 Questions

An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available. What should the auditor recommend be done
FIRST?

  1. Implement additional firewalls to protect the system.
  2. Decommission the server.
  3. Implement a new system that can be patched.
  4. Evaluate the associated risk.

Answer(s): D



During a review of an organization's network threat response process, the IS auditor noticed that the majority of alerts were closed without resolution.
Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the BEST way for the auditor to address this situation?

  1. Further review closed unactioned alerts to identify mishandling of threats.
  2. Reopen unactioned alerts and report to the audit committee.
  3. Recommend that management enhance the policy and improve threat awareness training.
  4. Omit the finding from the report as this practice is in compliance with the current policy.

Answer(s): A



Which of the following BEST helps to ensure data integrity across system interfaces?

  1. Reconciliations
  2. Environment segregation
  3. Access controls
  4. System backups

Answer(s): A



Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system. Which of the following is the IS auditor's BEST recommendation for a compensating control?

  1. Require written authorization for all payment transactions.
  2. Review payment transaction history.
  3. Reconcile payment transactions with invoices.
  4. Restrict payment authorization to senior staff members.

Answer(s): A



Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?

  1. Display back of project detail after entry
  2. Reconciliation of total amounts by project
  3. Reasonableness checks for each cost type
  4. Validity checks, preventing entry of character data

Answer(s): B



Viewing Page 21 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous