Which of the following is the MOST important consideration when defining an operational log management strategy?
Correct Answer: D
The most important consideration when defining an operational log management strategy is understanding and meeting stakeholder requirements. This ensures that the strategy aligns with organizational needs and regulatory requirements, providing relevant and actionable information for security and compliance. References * ISACA CISA Review Manual 27th Edition, Page 273-274 (Log Management)
CISA Exam Question 182
Which of the following is the GREATEST risk associated with security patches being automatically downloaded and applied to production servers?
Correct Answer: D
The greatest risk associated with security patches being automatically downloaded and applied to production servers is that patches may result in major service failures, as they may introduce new bugs, conflicts, or incompatibilities that could affect the functionality, performance, or availability of the servers12. Automatic patching may also bypass the testing and validationprocesses that are necessary to ensure the quality and reliability of the patches34. References 1: Do you leave Windows Automatic Updates enabled on your production IIS server? - Server Fault1 2: Azure now installs security updates on Windows VMs automatically3 3: Server Patch Management | Process of Server Patching - ManageEngine2 4: Windows Security Updates | Microsoft Patch Updates Guide - ManageEngine4
CISA Exam Question 183
During a routine internal software licensing review, an IS auditor discovers instances where employees shared license keys to critical pieces of business software. Which of the following would be the auditor's BEST course of action?
Correct Answer: D
The auditor's best course of action after discovering instances where employees shared license keys to critical pieces of business software is to verify whether the licensing agreement allows shared use. A licensing agreement is a contract between the software provider and the user that defines the terms and conditions of using the software, including the number, type, and scope of licenses granted. Some licensing agreements may allow shared use of license keys among multiple users or devices, while others may prohibit or restrict such use. By verifying the licensing agreement, the auditor can determine whether the employees violated the contract or not, and whether there are any legal or financial risks or implications for the organization. The other options are not as appropriate as option D, as they may not address the root cause of the issue or provide a comprehensive solution. Recommending the utilization of software licensing monitoring tools may help prevent or detect future instances of license key sharing, but it does not resolve the current situation or ensure compliance with the licensing agreement. Recommending the purchase of additional software license keys may be unnecessary or wasteful if the licensing agreement already allows shared use or if there are unused licenses available. Validating user need for shared software licenses may help identify the reasons or motivations behind license key sharing, but it does not justify or excuse such behavior if it violates the licensing agreement. References: * 9: Best License Management Software 2023 | Capterra * 10: Best 10 Software License Management Tools in 2023 | Zluri * 11: Top 10 Software License Tracking Tools | Zluri * 12: Top 5 Software License Tracking Solutions in 2023 - DNSstuff
CISA Exam Question 184
Which of the following is the MOST effective control over visitor access to highly secured areas?
Correct Answer: A
The most effective control over visitor access to highly secured areas is to require visitors to be escorted by authorized personnel. This control ensures that visitors are supervised at all times and do not enter any restricted or sensitive areas without permission. It also allows authorized personnel to verify the identity, purpose, and clearance of the visitors, and to monitor their behavior and activities. Escorting visitors also reduces the risk of tailgating, piggybacking, or unauthorized duplication of access credentials. Requiring visitors to use biometric authentication, monitoring visitors online by security cameras, and requiring visitors to enter through dead-man doors are all examples of technical controls that can enhance visitor access control, but they are not as effective as escorting visitors. Biometric authentication can provide a high level of identity verification, but it does not prevent visitors from accessing unauthorized areas or compromising security in other ways. Security cameras can provide a record of visitor movements and actions, but they may not deter or detect security breaches in real time. Dead-man doors can prevent unauthorized entry by requiring two-factor authentication, but they do not ensure that visitors are accompanied by authorized personnel. References: ISC Best Practices for Facility Access Control1 Visitor Management Best Practices From Top Organizations2 8 Best Practices for Setting Up a Visitor Management System3
CISA Exam Question 185
Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's IT process performance reports over the last quarter?
