CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISA

Free CISA Exam Braindumps

A small startup organization does not have the resources to implement segregation of duties. Which of the following is the MOST effective compensating control?

  1. Rotation of log monitoring and analysis responsibilities
  2. Additional management reviews and reconciliations
  3. Mandatory vacations
  4. Third-party assessments

Answer(s): B



When planning an audit to assess application controls of a cloud-based system, it is MOST important for the IS auditor to understand the:

  1. availability reports associated with the cloud-based system.
  2. architecture and cloud environment of the system.
  3. policies and procedures of the business area being audited.
  4. business process supported by the system.

Answer(s): B



Which of the following data would be used when performing a business impact analysis (BIA)?

  1. Projected impact of current business on future business
  2. Expected costs for recovering the business
  3. Cost of regulatory compliance
  4. Cost-benefit analysis of running the current business

Answer(s): B



Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?

  1. Number of successful penetration tests
  2. Percentage of protected business applications
  3. Number of security vulnerability patches
  4. Financial impact per security event

Answer(s): D






Post your Comments and Discuss ISACA CISA exam with other Community members:

CISA Exam Discussions & Posts