CISA考古題 Certified Information Systems Auditor－kaoguti的部落格

NO.1 Which of the following is the MOST important action in recovering from a cyberattack?
A. Execution of a business continuity plan
B. Filing an insurance claim
C. Use of cybenforensic investigators
D. Creation of an incident response team
Answer: A

CISA認證考試
Explanation:
The most important key step in recovering from cyberattacks is the execution of a business continuity
plan to quickly and cost-effectively recover critical systems, processes and datA. The incident
response team should exist prior to a cyberattack. When a cyberattack is suspected, cyberforensics
investigators should be used to set up alarms, catch intruders within the network, and track and trace
them over the Internet. After taking the above steps, an organization may have a residual risk
thatneeds to be insured and claimed for traditional and electronic exposures.

NO.2 Which of the following should an IS auditor recommend to BEST enforce alignment of an IT
project portfolio with strategic organizational priorities?
A. Modify the yearly process of defining the project portfolio
B. Define a balanced scorecard (BSC) for measuring performance
C. Consider user satisfaction in the key performance indicators (KPIs)
D. Select projects according to business benefits and risks
Answer: D

CISA考題
Explanation:
Prioritization of projects on the basis of their expected benefit(s) to business, and the related risks, is
the best measure for achieving alignment of the project portfolio to an organization's strategic
priorities. Modifying the yearly process of the projects portfolio definition might improve the
situation, but only if the portfolio definition process is currently not tied to the definition of corporate
strategies; however, this is unlikely since the difficulties are in maintaining the alignment, and not in
setting it up initially. Measures such as balanced scorecard (BSC) and key performance indicators
(KPIs) are helpful, but they do not guarantee that the projects are aligned with business strategy.

NO.3 Which of the following refers to a method of bypassing normal system authentication
procedures?
A. virus
B. spyware
C. worm
D. None of the choices.
E. trojan horse
F. rootkits
G. backdoor
Answer: G

CISA考題
Explanation:
A backdoor is a method of bypassing normal authentication procedures.
Many computer manufacturers used to preinstall backdoors on their systems to provide technical
support for customers. Hackers typically use backdoors to secure remote access to a computer,
while attempting to remain hidden from casual
inspection. To install backdoors, hackers prefer to use either Trojan horse or computer worm.

NO.4 Due to changes in IT, the disaster recovery plan of a large organization has been changed. What
is the PRIMARY risk if the new plan is not tested?
A. Catastrophic service interruption
B. Users and recovery teams may face severe difficulties when activating the plan
C. High consumption of resources
D. Total cost of the recovery may not be minimized
Answer: A

CISA學習指南 CISA最新題庫
Explanation:
Choices B, C and D are all possible problems that might occur, and would cause difficulties and
financial losses or waste of resources. However, if a new disaster recovery plan is not tested, the
possibility of a catastrophic service interruption is the most critical of all risks.

你在擔心如何通過可怕的ISACA的CISA考古題考試嗎？不用擔心，有TestPDF.NET ISACA的CISA考古題考試培訓資料在手，任何IT考試認證都變得很輕鬆自如。我們TestPDF.NET ISACA的CISA考古題考試培訓資料是ISACA的CISA考古題考試認證準備的先鋒。

我們TestPDF.NET ISACA的CISA考古題考試認證培訓資料，仿真度特別高，你可以在真實的考試中遇到一樣的題，這只能說明我們的IT精英團隊的能力實在是高。現在很多IT人員雄心勃勃，為了使自己的配置檔相容市場需求，通過這些熱門IT認證來實現自己的理想，在 ISACA的CISA考古題考試中取得優異的成績。TestPDF.NET ISACA的CISA考古題考試認證培訓資料能幫助你實現你的理想，它擁有眾多考生實踐的證明，有了TestPDF.NET ISACA的CISA考古題考試認證培訓資料，夢想之門將為你打開。