Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA Certified Information Systems Auditor CISA Exam Questions in PDF

Free ISACA CISA Dumps Questions (page: 21)

CISA PDF — 1823 Questions

An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available. What should the auditor recommend be done
FIRST?

  1. Implement additional firewalls to protect the system.
  2. Decommission the server.
  3. Implement a new system that can be patched.
  4. Evaluate the associated risk.

Answer(s): D



During a review of an organization's network threat response process, the IS auditor noticed that the majority of alerts were closed without resolution.
Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the BEST way for the auditor to address this situation?

  1. Further review closed unactioned alerts to identify mishandling of threats.
  2. Reopen unactioned alerts and report to the audit committee.
  3. Recommend that management enhance the policy and improve threat awareness training.
  4. Omit the finding from the report as this practice is in compliance with the current policy.

Answer(s): A



Which of the following BEST helps to ensure data integrity across system interfaces?

  1. Reconciliations
  2. Environment segregation
  3. Access controls
  4. System backups

Answer(s): A



Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system. Which of the following is the IS auditor's BEST recommendation for a compensating control?

  1. Require written authorization for all payment transactions.
  2. Review payment transaction history.
  3. Reconcile payment transactions with invoices.
  4. Restrict payment authorization to senior staff members.

Answer(s): A



Spreadsheets are used to calculate project cost estimates. Totals for each cost category are then keyed into the job-costing system. What is the BEST control to ensure that data is accurately entered into the system?

  1. Display back of project detail after entry
  2. Reconciliation of total amounts by project
  3. Reasonableness checks for each cost type
  4. Validity checks, preventing entry of character data

Answer(s): B



Viewing page 21 of 366

Share your comments for ISACA CISA exam with other users:

M
Mike
8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.

UNITED STATES
S
Sam
8/31/2023 10:32:00 AM

not bad but you question database from isaca

MALAYSIA
D
Deno
10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.

Anonymous
AI Tutor 👋 I’m here to help!