Special Summer Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Isaca Certification CISA Updated Exam

Page: 10 / 105
Total 1404 questions

Certified Information Systems Auditor Questions and Answers

Question 37

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?

Options:

A.

Number of successful penetration tests

B.

Percentage of protected business applications

C.

Financial impact per security event

D.

Number of security vulnerability patches

Question 38

Which of the following is the MAIN purpose of an information security management system?

Options:

A.

To identify and eliminate the root causes of information security incidents

B.

To enhance the impact of reports used to monitor information security incidents

C.

To keep information security policies and procedures up-to-date

D.

To reduce the frequency and impact of information security incidents

Question 39

An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?

Options:

A.

An imaging process was used to obtain a copy of the data from each computer.

B.

The legal department has not been engaged.

C.

The chain of custody has not been documented.

D.

Audit was only involved during extraction of the Information

Question 40

Which of the following observations would an IS auditor consider the GREATEST risk when conducting an audit of a virtual server farm tor potential software vulnerabilities?

Options:

A.

Guest operating systems are updated monthly

B.

The hypervisor is updated quarterly.

C.

A variety of guest operating systems operate on one virtual server

D.

Antivirus software has been implemented on the guest operating system only.

Page: 10 / 105
Total 1404 questions