Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. ISACA
  5. CISA

ISACA CISA Exam Questions
Certified Information Systems Auditor (Page 45 )

Updated On: 27-Feb-2026
Page 45 of 366
PDF with 1823 Questions

An organization sends daily backup media by courier to an offsite location. Which of the following provides the BEST evidence that the media is transported reliably?

  1. Documented backup media transport procedures
  2. Signed acknowledgments by offsite manager
  3. Certification of the courier company
  4. Delivery schedule of the backup media

Answer(s): B



As part of a recent business-critical initiative, an organization is re-purposing its customer data. However, its customers are unaware that their data is being used for another purpose What is the BEST recommendation to address the associated data privacy risk to the organization?

  1. Ensure the data processing activity remains onshore.
  2. Maintain an audit trail of the data analysis activity.
  3. Obtain customer consent for secondary use of the data.
  4. Adjust the existing data retention requirements.

Answer(s): C



An organization has adopted a backup and recovery strategy that involves copying on-premise virtual machine (VM) images to a cloud service provider. Which of the following provides the BEST assurance that VMs can be recovered in the event of a disaster?

  1. Existence of a disaster recovery plan (DRP) with specified roles for emergencies
  2. Periodic on-site restoration of VM images obtained from the cloud provider
  3. Procurement of adequate storage for the VM images form the cloud service provider
  4. Inclusion of the right to audit in the cloud service provider contract

Answer(s): B



During the implementation of an enterprise resource planning (ERP) system, an IS auditor is reviewing the results of user acceptance testing (UAT). The auditor's
PRIMARY focus should be to determine if:

  1. application interfaces have been satisfactorily tested.
  2. all errors found in the testing process have been corrected.
  3. the business process owner has signed off on the results.
  4. system integration testing was performed.

Answer(s): C



A help desk has been contacted regarding a lost business mobile device. The FIRST course of action should be to:

  1. consult the legal team regarding the impact of intellectual property loss.
  2. verify the user's identity through a challenge response system.
  3. involve the security response team to launch an investigation.
  4. attempt to locate the device remotely.

Answer(s): B






Post your Comments and Discuss ISACA CISA exam dumps with other Community members:

Join the CISA Discussion