Free Isaca CISA Exam Questions
Absolute Free CISA Exam Practice for Comprehensive Preparation
-
Isaca CISA Exam Questions
-
Provided By: Isaca
- Exam: Certified Information Systems Auditor
- Certification: CISA
-
Total Questions: 1524
-
Updated On: Jan 26, 2025
-
Rated: 4.9 |
-
Online Users: 3048
-
Question 1
-
An IS auditor reviewing an information processing environment decides to conduct external penetration testing. Which of the following is MOST
appropriate to include in the audit scope for the organization to distinguish between the auditor's penetration attacks and actual attacks?
Answer: C
-
An IS auditor reviewing an information processing environment decides to conduct external penetration testing. Which of the following is MOST
appropriate to include in the audit scope for the organization to distinguish between the auditor's penetration attacks and actual attacks?
-
Question 2
-
During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that
several risks to project benefits have not been addressed. Who should be accountable for managing these risks?
Answer: C
-
During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that
several risks to project benefits have not been addressed. Who should be accountable for managing these risks?
-
Question 3
-
How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?
Answer: D
-
How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?
-
Question 4
-
During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following
should be the auditor’s GREATEST concern with this situation?
Answer: B
-
During a project assessment, an IS auditor finds that business owners have been removed from the project initiation phase. Which of the following
should be the auditor’s GREATEST concern with this situation?
-
Question 5
-
During an information security review, an IS auditor learns an organizational policy requires all employees to attend information security training
during the first week of each new year What is the auditor's BEST recommendation to ensure employees hired after January receive adequate
guidance regarding security awareness?
Answer: D
-
During an information security review, an IS auditor learns an organizational policy requires all employees to attend information security training
during the first week of each new year What is the auditor's BEST recommendation to ensure employees hired after January receive adequate
guidance regarding security awareness?