Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 24)
ISACA Certified Information Systems Auditor
Updated on: 25-Dec-2025

Viewing Page 24 of 366
CISA PDF 1823 Questions

An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?

  1. Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees
  2. Monitoring employees' social networking usage
  3. Establishing strong access controls on confidential data
  4. Providing education and guidelines to employees on use of social networking sites

Answer(s): D



Which of the following is the MOST efficient way to assess the controls in a service provider's environment?

  1. Review testing performed by the service provider's internal audit department.
  2. Require the service provider to conduct control self-assessments (CSAs).
  3. Review the service provider's master service agreement (MSA).
  4. Obtain an independent auditor's report from the service provider.

Answer(s): D



The PRIMARY focus of audit follow-up reports should be to:

  1. assess if new risks have developed.
  2. determine if audit recommendations have been implemented.
  3. determine if past findings are still relevant.
  4. verify the completion date of the implementation.

Answer(s): B



Which of the following is the BEST way to mitigate the risk associated with technology obsolescence?

  1. Create tactical and strategic IS plans.
  2. Make provisions in the budgets for potential upgrades.
  3. Invest in current technology.
  4. Create a technology watch team that evaluates emerging trends.

Answer(s): A



Which of the following is MOST important to ensure when reviewing a global organization's controls to protect data held on its IT infrastructure across all of its locations?

  1. The capacity of underlying communications infrastructure in the host locations is sufficient.
  2. The threat of natural disasters in each location hosting infrastructure has been accounted for.
  3. Relevant data protection legislation and regulations for each location are adhered to.
  4. Technical capabilities exist in each location to manage the data and recovery operations.

Answer(s): C



Viewing Page 24 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous