CISA Exam Name: Isaca CISA Full Version: 2290 Q&As
Full version of CISA Dumps Share CISA exam dumps below. 1. Which of the following is the most important consideration item when patching a business-critical application server from the vulnerability of a known vulnerability? A. Perform a network vulnerability scan after implementing the patch. B. Implement the patch in the test environment before promoting to the production environment C. Regular vulnerability assessments according to a defined timeline D. Define the roles and responsibilities for implementing the patch. Answer: B 2.Which of the following is the most effective way to reduce the risk of leaking information through social media? A. Regular review of data classification policies
B. Using the keystroke logger C. Restrict access to social media in the workplace D. Conduct security awareness training Answer: D 3.Which of the following should be considered first by the information system auditor when evaluating firewall rules? A. Organizational security policy B. Default settings for the firewall C. Physical location of the firewall D. Number of remote nodes Answer: B 4.The information systems auditor found that the early audit results were not closed at the end of the follow-up audit. Which of the following is the most appropriate course of action that an information systems auditor should take in this situation? A. Assess and report on risks associated with audit results in the current environment B. Report the audit results to management and remove them from the audit report C. Record audit results without audit verification because they are still awaiting action D. Postponing the release of the audit report as the audit results are still awaiting Answer: A 5.Information systems auditors are assessing if the adequacy of the management remediation action plan is sufficient. Which of the following should be the most important consideration item? A. The key to the findings of the audit B. Approval of the plan by the Audit Committee C. Impact on future audit work D. Potential cost savings Answer: B 6.Which of the following is the biggest risk if enabled in a firewall rule? A. Hypertext Transfer Protocol (HTTP) B. Simple Object Access Protocol (SOAP) C. File Transfer Protocol (FTP) D. Simple Mail Transfer Protocol (SMTP) Answer: C
7.Who should first evaluate an audit report before sending it to the project steering committee? A. Audit Committee B. Project sponsor C. Business leader. D. Information Systems Audit Manageră€‚ Answer: C 8.In the follow-up audit, information system auditors found that some pending recommended actions have been delayed. Which is the auditor's best course of action? A. Require immediate remediation. B. Accept the delay and do not report it as a problem. C. Reason for reporting delay. D. Stop follow-up audit Answer: A 9.Newly hired information systems auditors have found that some of the company's business operations rely on legacy applications that vendors no longer support. Which of the following would be the best course of action for the auditor? A. Report the audit results and suggest ways to deactivate the daily application. B. Implement an appropriate backup strategy for legacy applications. C. Conduct a risk assessment of the legacy application. D. It is recommended to replace the old application Answer: C 10.Which of the following controls is most effective in ensuring that the board receives sufficient information about IT? A. Regular meetings between the board of directors, CIO, and technical committees B. The CIO regularly sends IT trend reports to the Board of Directors. C. CIO (CIO) reports on performance and corrective actions in a timely manner D. Board members are familiar with and consult the CIO on IT issues. Answer: C
11.In a database management system (DBMS), normalization is used to ( ). A. Standardize data names. B. Reduce access time. C. Eliminate processing deadlocks D. Reduce data redundancy. Answer: B 12.What does capacity management enable companies to? A. Forecast technology development trends. B. Determine the extent to which the component needs to be upgraded C. Determine the volume of business transactions. D. Develop the capacity of the network communication link. Answer: C 13.Which of the following audit procedures best guarantees that the application works as expected? A. Using the continuous audit module B. Review process documentation C. Confirm account D. Talking about the management level of the enterprise Answer: A 14.Which of the following is the best way to maintain an audit trail of changes made to the source code of the program? A. Embed the details in the source code B. Record details on the change register C. Standardized file naming convention D. Using automated version control Answer: D 15.Employees accidentally post confidential data to the company's social media page. Which of the following is the best control to prevent recurrence? A. Establish two-factor access control for social media accounts B. Perform regular audits of social media updates C. Require all updates by the marketing executive D. Implementation responsible person approval process Answer: D 16.Which of the following best helps management maintain the current effective Business Continuity Plan (BCP)? A. Verify that the supplier's recovery requirements are consistent
with the recovery plan B. Perform annual virtual walkthroughs and verify resources for recovery locations C. Perform recovery tests on a regular basis and summarize lessons learned D. Update the list of key business software every year Answer: C 17.After changing the function of a program in the system, it is necessary to perform an egression test on the system to check ( ). A. The program is working and efficient after the change. B. Whether the changed program runs according to the changes requested by the user. C. Is the changed program running according to the new program? D. Whether the changes made have a negative impact on the system. Answer: D 18.Which of the following is the biggest concern when using a cold backup center for a company's disaster recovery strategy? A. Power connection B. Appropriate environmental controls. C. Availability of hardware components. D. Network infrastructure Answer: C 19.Which of the following can best detect unauthorized data modifications by the database administrator? A. Audit database activity log B. Audit database change request C. Compare data with input records D. Review changes to editorial checks Answer: A 20.What are the best recommendations for information systems auditors to strengthen security guidelines to prevent data breaches caused by the use of smart devices? A. Limitations on the use of smart devices in security procedures B. Timely review access logs to company sensitive data C. Enforce strict security settings on smart devices D. Require employees to formally acknowledge compliance with safety procedures Answer: C
With CISA exam dumps questions, you can prepare and pass the test well.