Palo Alto












Test your knowledge of IT auditing, control, and information security with these 15 questions. This free practice quiz includes real CISA questions that you will face on the real CISA exam. Take the ISACA CISA practice test on SPOTO exam dumps and study ISACA CISA exam questions anytime. Do the quiz now! 

CategoriesExam Code100% Pass Dumps
CISA/CISM/CRISC proxy serviceCISA/CISM/CRISC proxy service

get 100% pass dumps

1.An organization performs nightly backups but does not have a formal policy. An IS auditor should FIRST:

A. escalate to senior management.

B. document a policy for the organization.

C. evaluate current backup procedures.

D. recommend automated backup.


2.What is the MOST difficult aspect of access control in a multiplatform, multiple-site client/server environment?

A. Restricting a local user to necessary resources on a local platform

B. Restricting a local user to necessary resources on the host server

C. Maintaining consistency throughout all platforms

D. Creating new user IDs valid only on a few hosts.


3.Which of the following sampling methods is the BEST approach for drawing conclusions based on the frequency of occurrence?

A. Attribute sampling

B. Monetary estimation sampling

C. Stratified sampling

D. Difference estimation sampling


4.What is the purpose of using a write blocker during the acquisition phase of a digital forensics investigation?

A. To preserve the chain of custody.

B. To protect against self-destruct utilities.

C. To prevent the activation of installed malware.

D. To prevent evidence alteration.


5.When using a wireless device, which of the following BEST ensures confidential access to email via webmail?

A. Simple object access protocol (SOAP)

B. Hypertext transfer protocol secure (HTTPS)

C. Extensible markup language (XML)

D. Wired equivalent privacy (WEP)


6.The PRIMARY purpose of an internal audit department’s quality assurance improvement program is to evaluate the following?

A. The adequacy and qualifications of internal audit personnel

B. The effectiveness of the internal audit function

C. The efficiency of internal audit processes

D. The accuracy of prior-year internal audit results


7.Which of the following is an indication of possible hacker activity involving voice communications?

A. A significant percentage of lines are busy during early morning and late afternoon hours.

B. Outbound calls are found to increase in frequency during non-business hours significantly.

C. Inbound calls experience significant fluctuations based on time-of-day and day-of-week.

D. Direct inward system access (DISA) is found to be disabled on the company’s exchange.


Also read: Top 5 Tips for CISA Exam Success and Get CISA Certification

8.Which of the following is the BEST recommendation for the establishment of an information security policy?

A. The policy should be developed by IS management.

B. The development and approval should be overseen by business area management.

C. The policy and guidelines should be developed by the human resources department.

D. The policy should be developed by the security administrator.


9.The final acceptance testing of a new application system should be the responsibility of the:

A. quality assurance team.

B. IS management.

C. user group.

D. IS audit team.


10.Which of the following presents the GREATEST security risk in a virtualized computing environment?

A. Passwords for the software that controls the operations of virtual machines are set to default.

B. Backups for sensitive data formats are not stored at an offsite location.

C. Some business users have not received appropriate training on the virtual desktop environment.

D. Physical access to the data center that hosts hardware for virtual machines is not logged.


11.A PRIMARY benefit derived by an organization employing control self-assessment (CSA) techniques is that CSA:

A. can identify high-risk areas for detailed review.

B. allows IS auditors to assess risk independently.

C. can be used as a replacement for traditional audits.

D. allows management to relinquish responsibility for control.


12.An organization with high-security requirements is evaluating the effectiveness of biometric systems. Which of the following performance indicators is MOST important?

A. False-identification rate (FIR).

B. Equal-error rate (EER).

C. False-rejection rate (FRR).

D. False-acceptance rate (FAR).


13.Which of the following is the GREATEST advantage of implementing an IT enterprise architecture framework within an organization?

A. It better equips an organization to adopt innovative and emerging technologies.

B. It helps to identify security issues in systems across the organization.

C. It reduces the overlap of infrastructure technologies within the organization.

D. It improves the organization’s ability to meet service level agreements (SLAs).


14.Which of the following is the BEST way to increase the effectiveness of security incident detection?

A. Educating end users on identifying suspicious activity.

B. Determining containment activities based on the type of incident.

C. Establishing service level agreements (SLAs) with appropriate forensic service providers.

D. Documenting root cause analysis procedures.


15.What is the FIRST step an auditor should take when beginning a follow-up audit?

A. Review work papers from the previous audit.

B. Gather evidence of remediation to conduct tests of controls.

C. Review previous findings and action plans.

D. Meet with the auditee to discuss remediation progress.


Note: If you need answers, you can contact us for more details! Thanks.

Overview of SPOTO CISA Dumps

Still want to know more about CISA exam questions after the quiz. Don’t worry! Here you are in the right place. SPOTO offers 100% real and valid CISA dumps to help you prepare & pass the CISA exam fully with less time.

With SPOTO CISA practice tests, you can know about the real CISA exam structures and topics and find out where you lack it easily! Thousands of candidates pass the CISA exam on the first try with SPOTO CISA Practice Tests!

Advantages of SPOTO CISA Practice Tests

  • 100% Accurate CISA Questions
  • Real CISA Exam Environment
  • Average 7 Days to Practice & Pass
  • Update Latest CISA QAs Timely
  • 100% Cover Real CISA Exam
  • 100% Verified CISA Exam Answers
  • Latest CISA Exam Feedbacks
  • Average 4 CISA Pass every day

get 100% pass dumps

Latest passing report-100% pass guarantee

Recommend CISA exam study materials:

How to pass the CISA exam in the First Try
CISA VS CISM-What are the differences? Which is better for me?
Which Is the Best Online Source to Get CISA Dumps?
[Oct.21 Updated] Free Download SPOTO Latest CISA Practice Test 2020
Where can I get the CISA practice test?
What Would Be the Eligibility to Take up the CISA Certification Exam?
Join Now-SPOTO Proxy Service Makes IT Exam Easily and Smoothly!
Which site to download CISA exam study materials?
Please follow and like us:
Last modified: October 25, 2021



Write a Reply or Comment

Your email address will not be published.