Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Download Full Version CISA Isaca Exam

Page: 24 / 105
Total 1404 questions

Certified Information Systems Auditor Questions and Answers

Question 93

The FIRST step in an incident response plan is to:

Options:

A.

validate the incident.

B.

notify the head of the IT department.

C.

isolate systems impacted by the incident.

D.

initiate root cause analysis.

Question 94

A secure server room has a badge reader system that records name, date, and time information whenever a staff member uses a badge to enter or exit. When reviewing the system logs, an IS auditor notices records for some employees entering, but not exiting, the room. Which of the following would be the MOST effective compensating control to recommend?

Options:

A.

Installing security cameras at the doors

B.

Changing to a biometric access control system

C.

Implementing a monitored mantrap at entrance and exit points

D.

Requiring two-factor authentication at entrance and exit points

Question 95

An IS audit review identifies inconsistencies in privacy requirements across third-party service provider contracts. Which of the following is the BEST

recommendation to address this situation?

Options:

A.

Suspend contracts with third-party providers that handle sensitive data.

B.

Prioritize contract amendments for third-party providers.

C.

Review privacy requirements when contracts come up for renewal.

D.

Require third-party providers to sign nondisclosure agreements (NDAs).

Question 96

An IS audit manager is reviewing workpapers for a recently completed audit of the corporate disaster recovery test. Which of the following should the IS audit manager specifically review to substantiate the conclusions?

Options:

A.

Overviews of interviews between data center personnel and the auditor

B.

Prior audit reports involving other corporate disaster recovery audits

C.

Summary memos reflecting audit opinions regarding noted weaknesses

D.

Detailed evidence of the successes and weaknesses of all contingency testing

Page: 24 / 105
Total 1404 questions