Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. ISACA
  3. CISA

ISACA CISA Exam (page: 56)
ISACA Certified Information Systems Auditor
Updated on: 02-Jan-2026

Viewing Page 56 of 366
CISA PDF 1823 Questions

A new regulation in one country of a global organization has recently prohibited cross-border transfer of personal data. An IS auditor has been asked to determine the organization's level of exposure in the affected country. Which of the following would be MOST helpful in making this assessment?

  1. Identifying data security threats in the affected jurisdiction
  2. Reviewing data classification procedures associated with the affected jurisdiction
  3. Identifying business processes associated with personal data exchange with the affected jurisdiction
  4. Developing an inventory of all business entities that exchange personal data with the affected jurisdiction

Answer(s): C



When responding to an ongoing denial of service (DoS) attack, an organization's FIRST course of action should be to:

  1. minimize impact.
  2. investigate damage.
  3. analyze the attack path.
  4. restore service.

Answer(s): A



Which of the following BEST describes an audit risk?

  1. The financial report may contain undetected material errors.
  2. Employees have been misappropriating funds.
  3. The company is being sued for false accusations.
  4. Key employees have not taken vacation for 2 years.

Answer(s): A



In an IT organization where many responsibilities are shared, which of the following is the BEST control for detecting unauthorized data changes?

  1. Users are required to periodically rotate responsibilities.
  2. Segregation of duties conflicts are periodically reviewed.
  3. Data changes are logged in an outside application.
  4. Data changes are independently reviewed by another group.

Answer(s): D



End users have been demanding the ability to use their own devices for work, but want to keep personal information out of corporate control. Which of the following would be MOST effective at reducing the risk of security incidents while satisfying end user requirements?

  1. Encrypt corporate data on the devices.
  2. Enable remote wipe capabilities for the devices.
  3. Require complex passwords.
  4. Implement an acceptable use policy.

Answer(s): A



Viewing Page 56 of 366



Share your comments for ISACA CISA exam with other users:

Mike 8/20/2023 5:12:00 PM

the exam dumps are helping me get a solid foundation on the practical techniques and practices needed to be successful in the auditing world.
UNITED STATES


Sam 8/31/2023 10:32:00 AM

not bad but you question database from isaca
MALAYSIA


Deno 10/25/2023 1:14:00 AM

i failed the cisa exam today. but i have found all the questions that were on the exam to be on this site.
Anonymous