CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISA

Free CISA Exam Braindumps (page: 42)

Page 42 of 457
PDF with 1823 Questions

An IS auditor is reviewing a recent security incident and is seeking information about the approval of a recent modification to a database system's security settings. Where would the auditor MOST likely find this information?

  1. Security incident and event management (SIEM) report
  2. Change log
  3. System event correlation report
  4. Database log

Answer(s): B



A review of an organization's IT portfolio revealed several applications that are not in use. The BEST way to prevent this situation from recurring would be to implement:

  1. an information asset acquisition policy.
  2. business case development procedures.
  3. a formal request for proposal (RFP) process.
  4. asset life cycle management.

Answer(s): D



In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?

  1. Periodically running and reviewing test data against production programs
  2. Verifying user management approval of modifications
  3. Reviewing the last compile date of production programs
  4. Manually comparing code in production programs to controlled copies

Answer(s): C



An IS auditor is observing transaction processing and notes that a high-priority update job ran out of sequence. What is the MOST significant risk from this observation?

  1. Daily schedules lack change control.
  2. Previous jobs may have failed.
  3. The job may not have run to completion.
  4. The job completes with invalid data.

Answer(s): D






Post your Comments and Discuss ISACA CISA exam with other Community members:

CISA Exam Discussions & Posts