Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA Certified Information Systems Auditor CISA Exam Questions in PDF

Free ISACA CISA Dumps Questions (page: 36)

CISA PDF — 1823 Questions

In the case of a disaster where the data center is no longer available, which of the following tasks should be done FIRST?

  1. Arrange for a secondary site.
  2. Analyze risk.
  3. Perform data recovery.
  4. Activate the call tree

Answer(s): D



An organization shares some of its customers' personally identifiable information (PII) with third-party suppliers for business purposes. What is MOST important for the IS auditor to evaluate to ensure that risk associated with leakage of privacy-related data during transmission is effectively managed?

  1. Encrypting and masking of customer data
  2. The third party's privacy and data security policies
  3. Nondisclosure and indemnity agreements
  4. Service and operational level agreements

Answer(s): A



Following an internal audit of a database, management has committed to enhance password management controls. Which of the following provides the BEST evidence that management has remediated the audit finding?

  1. Screenshots from end users showing updated password settings
  2. Interviews with management about remediation completion
  3. Change tickets of recent password configuration updates
  4. Observation of updated password settings with database administrators (DBAs)

Answer(s): C



Reviewing project plans and status reports throughout the development life cycle will:

  1. eliminate the need to perform a risk assessment.
  2. postpone documenting the project's progress until the final phase.
  3. guarantee that the project will meet its intended deliverables.
  4. facilitate the optimal use of resources over the life of the project.

Answer(s): D



An organization is experiencing a large number of phishing attacks targeting employees and executives following a press release announcing an acquisition.
Which of the following would provide the BEST defense against these attacks?

  1. Conduct organization-wide awareness training.
  2. Deploy intrusion detection and prevention systems.
  3. Install spam filters on the acquired systems.
  4. Require signed acknowledgment of the organization's security policy.

Answer(s): A



Viewing page 36 of 366

Share your comments for ISACA CISA exam with other users:

M
Mike
8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.

UNITED STATES
S
Sam
8/31/2023 10:32:00 AM

not bad but you question database from isaca

MALAYSIA
D
Deno
10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.

Anonymous
AI Tutor 👋 I’m here to help!