Palo Alto












Best CISA exam dumps 2021 you should get to 100% pass CISA exam!  SPOTO offers you 100% real CISA exam demo with real CISA exam questions. ISACA CISA Exam Demo You can easily find all kinds of IT exam Q&As on SPOTO.

CategoriesExam Code100% Pass Dumps
CISA/CISM/CRISC proxy serviceCISA/CISM/CRISC proxy service

get 100% pass dumps

1.An external audit team is deciding whether to rely on internal audit’s work for an annual compliance audit. Which of the following is the GREATEST consideration when making this decision?

  1. Professional certifications held by the internal audit team members.
  2. Years of experience each of the internal auditors have in performing compliance audits.
  3. The level of documentation maintained by internal audit and the methods used to collect evidence.
  4. Independence of the internal audit department from management’s influence


2.Which of the following is a KEY consideration to ensure the availability of nodes in an active-active application cluster configuration?

  1. The cluster agent software used is open source.
  2. Some of the nodes are located in the same city.
  3. Adequate storage exists across all nodes.
  4. Network encryption exists between nodes.


3.Which of the following is found in an audit charter?

  1. Audit objectives and scope.
  2. Required training for audit staff.
  3. The process of developing the annual audit plan.
  4. The authority given to the audit function.


4.Which of the following would be MOST time and cost efficient when performing a control self -assessment (CSA) for an organization with a large number of widely dispersed employees?

  1. Top-down and bottom-up analysis
  2. Facilitated workshops
  3. Survey questionnaire
  4. Face-to-face interviews


5.A lower recovery point objective (RPO) results in:

  1. lower overall cost.
  2. higher backup frequency.
  3. wider interruption windows.
  4. higher disaster tolerance.


6.With a properly implemented public key infrastructure (PKI) in use, person A wishes to ensure that an outgoing message can be read only by person B. To achieve this, the message should be encrypted using which of the following?

  1. Person B’s public key
  2. Person A’s private key
  3. Person A’s public key
  4. Person B’s private key


7.When developing a business continuity plan (BCP), which of the following should be performed FIRST?

  1. Develop business continuity training.
  2. Classify operations.
  3. Conduct a business impact analysis (BIA).
  4. Establish a disaster recovery plan (DRP)


8.An IS auditor discovers that a security information and event management (SIEM) system is not monitored outside of business hours.

Which of the following is the auditor’s BEST course of action?

  1. Perform a business impact analysis (BIA).
  2. Recommend a third-party monitored SIEM service.
  3. Determine whether an alert system has been established
  4. Notify the chief information security officer (CISO).


9.An IS auditor is planning to review an organization’s information security program and wants to determine the minimum standards for securing the IT technical infrastructure. Which of the following is the BEST source for the auditor to consult?

  1. Information security risk assessment report
  2. Information security architecture
  3. Information security guidelines
  4. Information security strategic plan


10.The results of an IS audit indicating the need to strengthen controls has been communicated to the appropriate stakeholders Which of the following is the BEST way for management to enforce implementation of the recommendations?

  1. Request auditors to design a roadmap for closure
  2. Copy senior management on communications related to the audit
  3. Have stakeholders develop a business case for control changes.
  4. Assign ownership to each remediation activity.


11.Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?

  1. Frequent testing of backups
  2. Annual walk-through testing
  3. Full operational test
  4. Periodic risk assessment


12.An organization has recently acquired another organization. When reviewing both IS departments, the IS auditor discovers two redundant IT applications Which of the following would be the auditor’s BEST recommendation for management?

  1. Assess the gaps on both applications to determine further steps.
  2. Develop an initiative to integrate both applications.
  3. Keep the most comprehensive application as approved by senior management.
  4. Submit a request for proposal (RFP) to replace the applications.


13. During an audit of an organization’s intranet, it is discovered that users are not deleting their local web browser caches on a regular basis. This practice will result in the risk of:

  1. disclosure of information.
  2. repudiation
  3. data incompleteness.
  4. lack of data integrity


14. Following an unauthorized disclosure of data an organization needs to implement data loss prevention (DLP) measures. What is the IS auditor’s BEST recommendation?

  1. Establish a risk and control framework
  2. Monitor and block outgoing emails based on common DLP criteria
  3. Restrict removable media access on all computer systems
  4. Install DLP software on corporate servers to prevent recurrence


15. Which of the following BEST indicates that an organization has effective governance in place?

  1. The organization regularly updates governance-related policies and procedures.
  2. The organization’s board of directors executes on the management strategy.
  3. The organization is compliant with local government regulations.
  4. The organization’s board of directors reviews metrics for strategic initiatives.



Want more SPOTO CISA exam questions? Want to check the answers? Please contact us for the real CISA exam dumps and technical guidance!

get 100% pass dumps

Latest passing report-100% pass guarantee

Recommend CISA exam study materials:

[Dec.10, 2020, Updated] Try SPOTO Free CISA Practice Tests to Prep Your CISA Exam 
How to pass the CISA exam in the First Try
CISA VS CISM-What are the differences? Which is better for me?
Which Is the Best Online Source to Get CISA Dumps?
[Oct.21 Updated] Free Download SPOTO Latest CISA Practice Test 2020
Where can I get the CISA practice test?
What Would Be the Eligibility to Take up the CISA Certification Exam?
Join Now-SPOTO Proxy Service Makes IT Exam Easily and Smoothly!
Which site to download CISA exam study materials?
CISA Books Comparison: Best CISA Study Materials
How To Prepare For CISA Exam?
Please follow and like us:
Last modified: October 27, 2021



Write a Reply or Comment

Your email address will not be published.