Enjoy 15% Discount With Coupon 15off

ISACA CISA Certified Information Systems Auditor Online Training

ISACA CISA Certified Information Systems Auditor Online Training

ISACA CISA Online Training

The questions for CISA were last updated at Sep 07,2025.
  • Exam Code: CISA
  • Exam Name: Certified Information Systems Auditor
  • Certification Provider: ISACA
  • Latest update: Sep 07,2025
Question #91

When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor’s BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:

  • A . the Internet.
  • B . the demilitarized zone (DMZ).
  • C . the organization’s web server.
  • D . the organization’s network.

Reveal Solution Hide Solution

Question #92

An IS auditor is reviewing an organization’s information asset management process.

Which of the following would be of GREATEST concern to the auditor?

  • A . The process does not require specifying the physical locations of assets.
  • B . Process ownership has not been established.
  • C . The process does not include asset review.
  • D . Identification of asset value is not included in the process.

Reveal Solution Hide Solution

Question #93

An IS audit reveals that an organization is not proactively addressing known vulnerabilities.

Which of the following should the IS auditor recommend the organization do FIRST?

  • A . Verify the disaster recovery plan (DRP) has been tested.
  • B . Ensure the intrusion prevention system (IPS) is effective.
  • C . Assess the security risks to the business.
  • D . Confirm the incident response team understands the issue.

Reveal Solution Hide Solution

Question #94

Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?

  • A . Rotate job duties periodically.
  • B . Perform an independent audit.
  • C . Hire temporary staff.
  • D . Implement compensating controls.

Reveal Solution Hide Solution

Question #95

An organization’s security policy mandates that all new employees must receive appropriate security awareness training.

Which of the following metrics would BEST assure compliance with this policy?

  • A . Percentage of new hires that have completed the training.
  • B . Number of new hires who have violated enterprise security policies.
  • C . Number of reported incidents by new hires.
  • D . Percentage of new hires who report incidents

Reveal Solution Hide Solution

Question #96

An IS auditor is following up on prior period items and finds management did not address an audit finding.

Which of the following should be the IS auditor’s NEXT course of action?

  • A . Note the exception in a new report as the item was not addressed by management.
  • B . Recommend alternative solutions to address the repeat finding.
  • C . Conduct a risk assessment of the repeat finding.
  • D . Interview management to determine why the finding was not addressed.

Reveal Solution Hide Solution

Question #97

Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?

  • A . Compliance with action plans resulting from recent audits
  • B . Compliance with local laws and regulations
  • C . Compliance with industry standards and best practice
  • D . Compliance with the organization’s policies and procedures

Reveal Solution Hide Solution

Question #98

An organization allows employees to retain confidential data on personal mobile devices.

Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?

  • A . Require employees to attend security awareness training.
  • B . Password protect critical data files.
  • C . Configure to auto-wipe after multiple failed access attempts.
  • D . Enable device auto-lock function.

Reveal Solution Hide Solution

Question #99

Which of the following demonstrates the use of data analytics for a loan origination process?

  • A . Evaluating whether loan records are included in the batch file and are validated by the servicing system
  • B . Comparing a population of loans input in the origination system to loans booked on the servicing system
  • C . Validating whether reconciliations between the two systems are performed and discrepancies are investigated
  • D . Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure

Reveal Solution Hide Solution

Question #100

Which of the following BEST indicates the effectiveness of an organization’s risk management program?

  • A . Inherent risk is eliminated.
  • B . Residual risk is minimized.
  • C . Control risk is minimized.
  • D . Overall risk is quantified.

Reveal Solution Hide Solution

Previous Questions
Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

28Oct

ISACA CRISC Certified in Risk and Information Systems Control Online Training

Question #1 The PRIMARY objective for selecting risk response options is to: A . reduce risk 10 an acceptable level.B . identify... read more

23Jan

ISACA CCAK Certificate of Cloud Auditing Knowledge Online Training

Question #1 Which of the following should be an assurance requirement when an organization is migrating to a Software as a... read more

04Oct

ISACA CISM Certified Information Security Manager Online Training

Question #1 Which of the following MOST effectively prevents internal users from modifying sensitive data? A . Network segmentationB . Role-based access... read more

31Aug

ISACA CGEIT ISACA CGEIT Certification Practice Test Online Training

Question #1 A newly established IT steering committee is concerned whether a system is meeting availability objectives. Which of the following... read more

14Sep

ISACA CDPSE Certified Data Privacy Solutions Engineer Online Training

Question #1 What should be the PRIMARY consideration of a multinational organization deploying a user and entity behavior analytics (UEBA) tool... read more

18Feb

ISACA COBIT Design and Implementation ISACA COBIT Design and Implementation Certificate Online Training

Question #1 A CEO of a domestic enterprise plans to expand its operations globally. The CEO has selected enterprise goals using... read more

12Oct

ISACA COBIT 5 COBIT® 5 Foundation Online Training

Question #1 Which principle is key for the governance and management of enterprise IT? A . Managing IT OperationsB . Insure Resource... read more

05Oct

ISACA COBIT 2019 COBIT 2019 Foundation Online Training

Question #1 Who is responsible for the oversight of structures and mechanisms that drive enterprise governance of information and technology (EGIT)? A... read more

24Jan

ISACA IT Risk Fundamentals IT Risk Fundamentals CertificateExam Online Training

Question #1 Which of the following is considered an exploit event? A . An attacker takes advantage of a vulnerabilityB . Any... read more

19Sep

ISACA Cybersecurity Audit Certificate ISACA Cybersecurity Audit Certificate Exam Online Training

Question #1 The second line of defense in cybersecurity includes: A . conducting organization-wide control self-assessments.B . risk management monitoring, and measurement... read more