Free ISACA CISA Exam Dumps Questions & Answers


Exam Code/Number:	CISAJoin the discussion
Exam Name:	Certified Information Systems Auditor
Certification:	ISACA
Question Number:	1588
Publish Date:	Jun 02, 2026
Rating 100%

Page: 1 / 318
Total 1588 questions

Question 1

Using swipe cards to limit employee access to restricted areas requires implementing which additional control?

A. Installation of closed-circuit television (CCTV)
B. Implementation of additional PIN pads
C. Physical sign-in of all employees for access to restricted areas
D. Periodic review of access profiles by management

Question 2

Internal audit is evaluating an organization's IT portfolio management. Which of the following would be the BEST recommendation for prioritizing the funding of IT projects?

A. Direct funds toward projects that reduce the organization's technology risk exposure.
B. Group projects into portfolios based on their potential to increase market share and reduce costs.
C. Group projects with common themes into portfolios and assess them against strategic objectives.
D. Direct funds toward projects that increase the availability of the organization's technology infrastructure.

Question 3

An IS auditor observes that an organization ' s systems are being used for cryptocurrency mining on a regular basis. Which of the following is the auditor ' s FIRST course of action?

A. Recommend changing the organization ' s firewall settings.
B. Report the incident immediately.
C. Consult the organization ' s acceptable use policy.
D. Require mining software to be uninstalled.

Question 4

What should be an IS auditor ' s PRIMARY focus when reviewing a patch management procedure in an environment where availability is a top priority?

A. Deployment automation to all servers
B. Validity certification prior to deployment
C. Comprehensive testing prior to deployment
D. Technical skills of the deployment team

Question 5

Which of the following is the PRIMARY objective of cyber resiliency?

A. To efficiently and effectively recover from an incident with limited operational impact
B. To prevent potential attacks or disruptions in operations
C. To resume normal operations after service disruptions
D. To limit the severity of security breaches and maintain continuous operations