Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 36)
ISACA Certified Information Systems Auditor
Updated on: 25-Dec-2025

Viewing Page 36 of 366
CISA PDF 1823 Questions

In the case of a disaster where the data center is no longer available, which of the following tasks should be done FIRST?

  1. Arrange for a secondary site.
  2. Analyze risk.
  3. Perform data recovery.
  4. Activate the call tree

Answer(s): D



An organization shares some of its customers' personally identifiable information (PII) with third-party suppliers for business purposes. What is MOST important for the IS auditor to evaluate to ensure that risk associated with leakage of privacy-related data during transmission is effectively managed?

  1. Encrypting and masking of customer data
  2. The third party's privacy and data security policies
  3. Nondisclosure and indemnity agreements
  4. Service and operational level agreements

Answer(s): A



Following an internal audit of a database, management has committed to enhance password management controls. Which of the following provides the BEST evidence that management has remediated the audit finding?

  1. Screenshots from end users showing updated password settings
  2. Interviews with management about remediation completion
  3. Change tickets of recent password configuration updates
  4. Observation of updated password settings with database administrators (DBAs)

Answer(s): C



Reviewing project plans and status reports throughout the development life cycle will:

  1. eliminate the need to perform a risk assessment.
  2. postpone documenting the project's progress until the final phase.
  3. guarantee that the project will meet its intended deliverables.
  4. facilitate the optimal use of resources over the life of the project.

Answer(s): D



An organization is experiencing a large number of phishing attacks targeting employees and executives following a press release announcing an acquisition.
Which of the following would provide the BEST defense against these attacks?

  1. Conduct organization-wide awareness training.
  2. Deploy intrusion detection and prevention systems.
  3. Install spam filters on the acquired systems.
  4. Require signed acknowledgment of the organization's security policy.

Answer(s): A



Viewing Page 36 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous