Isaca Updated CISA Exam Questions and Answers by khalil

The correct answer is D. Maintenance procedures should be considered when examining fire suppression systems as part of a data center environmental controls review. Fire suppression systems are critical for protecting the data center equipment and personnel from fire hazards. Therefore, they should be regularly maintained and tested to ensure their proper functioning and compliance with safety standards. Maintenance procedures should include inspection, cleaning, replacement, and repair of the fire suppression system components, as well as documentation of the maintenance activities and results. Installation manuals, onsite replacement availability, and insurance coverage are notdirectly related to the fire suppression system performance and effectiveness, and therefore are not relevant for the audit review. References: CISA Review Manual (Digital Version)1, page 403.

 The best method to safeguard data on an organization’s laptop computers is full disk encryption. Full disk encryption is a technique that encrypts all the data stored on a harddrive, including the operating system, applications, files, and folders. This means that if the laptop is lost, stolen, or accessed by an unauthorized person, they will not be able to read or modify any data without knowing the encryption key or password. Full disk encryption provides a strong level of protection for data at rest, as it prevents data leakage or exposure in case of physical theft or loss of the device.

Quantum algorithms, such as Shor’s algorithm, can factor large prime numbers exponentially faster than classical computers, threatening the security of RSA and elliptic-curve cryptography. Similarly, Grover’s algorithm reduces the effective strength of symmetric key algorithms by half, requiring larger key sizes. While post-quantum cryptography is being developed, current algorithms may become obsolete once practical quantum computers exist. Options B, C, and D are incorrect because quantum does not inherently improve encryption, nor is training the key issue—it is the fundamental breakage of cryptographic assumptions.

References (ISACA): ISACA Journal – Cryptographic Risks and Quantum Computing; CISA Review Manual, Cryptography.