Weekend Sale 70% Discount Offer - Ends in 1d 9h 54m 18s - Coupon code: save70

Selected CISA Isaca Certification Questions Answers

Page: 48 / 105
Total 1404 questions

Certified Information Systems Auditor Questions and Answers

Question 189

Which type of testing is used to identify security vulnerabilities in source code in the development environment?

Options:

A.

Interactive application security testing (IAST)

B.

Runtime application self-protection (RASP)

C.

Dynamic analysis security testing (DAST)

D.

Static analysis security testing (SAST)

Question 190

Which of the following is the BEST way to mitigate risk to an organization's network associated with devices permitted under a bring your own device (BYOD) policy?

Options:

A.

Require personal devices to be reviewed by IT staff.

B.

Enable port security on all network switches.

C.

Implement a network access control system.

D.

Ensure the policy requires antivirus software on devices.

Question 191

An organization is enhancing the security of a client-facing web application following a proposal to acquire personal information for a business purpose. Which of the following is MOST important to review before implementing this initiative?

Options:

A.

Regulatory compliance requirements

B.

Data ownership assignments

C.

Encryption capabilities

D.

Customer notification procedures

Question 192

During a closing meeting, the IT manager disagrees with a valid audit finding presented by the IS auditor and requests the finding be excluded from the final report. Which of the following is the auditor's BEST course of action?

Options:

A.

Request that the IT manager be removed from the remaining meetings and future audits.

B.

Modify the finding to include the IT manager's comments and inform the audit manager of the changes.

C.

Remove the finding from the report and continue presenting the remaining findings.

D.

Provide the evidence which supports the finding and keep the finding in the report.

Page: 48 / 105
Total 1404 questions