ISACA CISA Übungsprüfungen
Zuletzt aktualisiert am 11.09.2025- Prüfungscode: CISA
- Prüfungsname: Certified Information Systems Auditor
- Zertifizierungsanbieter: ISACA
- Zuletzt aktualisiert am: 11.09.2025
Which of the following statements appearing in an organization’s acceptable use policy BEST demonstrates alignment with data classification standards related to the protection of information assets?
- A . Any information assets transmitted over a public network must be approved by executive management.
- B . All information assets must be encrypted when stored on the organization’s systems.
- C . Information assets should only be accessed by persons with a justified need.
- D . All information assets will be assigned a clearly defined level to facilitate proper employee handling.
Which of the following be of GREATEST concern to an IS auditor reviewing on-site preventive maintenance for an organization’s business-critical server hardware?
- A . Preventive maintenance costs exceed the business allocated budget.
- B . Preventive maintenance has not been approved by the information system
- C . Preventive maintenance is outsourced to multiple vendors without requiring nondisclosure agreements (NDAs)
- D . The preventive maintenance schedule is based on mean time between failures (MTBF)
parameters.
An incident response team has been notified of a virus outbreak in a network subnet.
Which of the following should be the NEXT step?
- A . Focus on limiting the damage.
- B . Remove and restore the affected systems.
- C . Verify that the compromised systems are fully functional.
- D . Document the incident.
Which of the following is MOST important to consider when assessing the scope of privacy concerns for an IT project?
- A . Applicable laws and regulations
- B . Business requirements and data flows
- C . Data ownership
- D . End-user access rights
Which of the following is the PRIMARY reason for an IS audit manager to review the work performed by a senior IS auditor prior to presentation of a report?
- A . To ensure the conclusions are adequately supported
- B . To ensure adequate sampling methods were used during fieldwork
- C . To ensure the work is properly documented and filed
- D . To ensure the work is conducted according to industry standards
In data warehouse (DW) management, what is the BEST way to prevent data quality issues caused by changes from a source system?
- A . Configure data quality alerts to check variances between the data warehouse and the source system
- B . Require approval for changes in the extract/Transfer/load (ETL) process between the two systems
- C . Include the data warehouse in the impact analysis (or any changes m the source system
- D . Restrict access to changes in the extract/transfer/load (ETL) process between the two systems
Which of the following is the MOST significant risk to an organization migrating its onsite application servers to a public cloud service provider?
- A . Service provider access to organizational data
- B . Account hacking from other clients using the same provider
- C . Increased dependency on an external provider
- D . Service provider limiting the right to audit
Which of the following is the PRIMARY advantage of using an automated security log monitoring tool over a manual review to monitor the use of privileged access?
- A . Increased likelihood of detecting suspicious activity
- B . Reduced costs associated with automating the review
- C . Improved incident response time
- D . Reduced manual effort of reviewing logs
Which of the following is the MAJOR advantage of automating internal controls?
- A . To enable the review of large value transactions
- B . To efficiently test large volumes of data
- C . To help identity transactions with no segregation of duties
- D . To assist in performing analytical reviews
Which of the following is the BEST evidence that an organization’s IT strategy is aligned lo its business objectives?
- A . The IT strategy is modified in response to organizational change.
- B . The IT strategy is approved by executive management.
- C . The IT strategy is based on IT operational best practices.
- D . The IT strategy has significant impact on the business strategy