Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 33)
ISACA Certified Information Systems Auditor
Updated on: 16-Feb-2026

Viewing Page 33 of 366
CISA PDF 1823 Questions

An IS auditor is reviewing a recent security incident and is seeking information about the approval of a recent modification to a database system's security settings. Where would the auditor MOST likely find this information?

  1. Security incident and event management (SIEM) report
  2. Change log
  3. System event correlation report
  4. Database log

Answer(s): B



A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement:

  1. an information asset acquisition policy.
  2. business case development procedures.
  3. a formal request for proposal (RFP) process.
  4. asset life cycle management.

Answer(s): D



In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

  1. Periodically running and reviewing test data against production programs
  2. Verifying user management approval of modifications
  3. Reviewing the last compile date of production programs
  4. Manually comparing code in production programs to controlled copies

Answer(s): C



An IS auditor is observing transaction processing and notes that a high-priority update job ran out of sequence. What is the MOST significant risk from this observation?

  1. Daily schedules lack change control.
  2. Previous jobs may have failed.
  3. The job may not have run to completion.
  4. The job completes with invalid data.

Answer(s): D



Which of the following is the BEST source of information for an IS auditor to use when determining whether an organization's information security policy is adequate?

  1. Risk assessment results
  2. Penetration test results
  3. Industry benchmarks
  4. Information security program plans

Answer(s): A



Viewing Page 33 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous