Download CISA Practice Exam 93 Questions with Verified Answers,100% CORRECT and more Exams Information and Communications Technology (ICT) in PDF only on Docsity! CISA Practice Exam 93 Questions with Verified Answers The objective of concurrency control in a database system is to: Select an answer: A. restrict updating of the database to authorized users. B. prevent integrity problems when two processes attempt to update the same data at the same time. C. prevent inadvertent or unauthorized disclosure of data in the database. D. ensure the accuracy, completeness and consistency of data. - CORRECT ANSWER B. prevent integrity problems when two processes attempt to update the same data at the same time. Which of the following security measures BEST ensures the integrity of information stored in a data warehouse? - CORRECT ANSWER a read-only restriction An organization has just completed its annual risk assessment. Regarding the business continuity plan, what should an IS auditor recommend as the next step for the organization? - CORRECT ANSWER Review and evaluate the business continuity plan for adequacy An IS auditor discovers that devices connected to the network are not included in a network diagram that had been used to develop the scope of the audit. The chief information officer explains that the diagram is being updated and awaiting final approval. The IS auditor should FIRST: - CORRECT ANSWER evaluate the impact of the undocumented devices on the audit scope. When auditing the archiving process of emails, the IS auditor should pay the MOST attention to: - CORRECT ANSWER the existence of a data retention policy. During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used when receiving communications from customers. To substantiate this, an IS auditor must prove that which of the following is used? - CORRECT ANSWER A hash of the data that is transmitted and encrypted with the customer's private key A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: - CORRECT ANSWER the users may not remember to manually encrypt the data before transmission. Which of the following choices would be the BEST source of information when developing a risk-based audit plan? - CORRECT ANSWER Senior management identify key business processes. An IS auditor performing a review of application controls would evaluate the: - CORRECT ANSWER impact of any exposures discovered. An IS auditor is reviewing Secure Sockets Layer enabled web sites for the company. Which of the following choices would be the HIGHEST risk? - CORRECT ANSWER Self-signed digital certificates A large chain of shops with electronic funds transfer at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? - CORRECT ANSWER Alternative standby processor at another network node Which of the following should an IS auditor review to understand project progress in terms of time, budget and deliverables for early detection of possible overruns and for projecting estimates at completion? - CORRECT ANSWER earned value analysis (This is an industry standard method for measuring a project's progress at any given point in time, forecasting its completion date and final cost, and analyzing variances in the schedule and budget as the project proceeds. It compares the planned amount of work with what has actually been completed to determine if the cost, schedule and work accomplished are progressing in accordance with the plan. EVA works most effectively if a well-formed work breakdown structure exists.) detective control - CORRECT ANSWER exist to detect and report when errors, omissions and unauthorized uses or entries occur. The BEST overall quantitative measure of the performance of biometric control devices is: - CORRECT ANSWER equal-error rate. equal-error rate. - CORRECT ANSWER This is a combination of a low false-rejection rate (FRR) and a low false-acceptance rate (FAR). EER, expressed as a percentage, is a measure of the number of times that the FRR and FAR are equal. A low EER is the measure of the more effective biometrics control device. An enterprise selected a vendor to develop and implement a new software system. To ensure that the enterprise's investment in software is protected, which of the following security clauses is MOST important to include in the master services agreement? - CORRECT ANSWER software escrow Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions? - CORRECT ANSWER cyclic redundancy check Cyclic Redundancy Check (CRC) - CORRECT ANSWER CRC can check for a block of transmitted data. The workstations generate the CRC and transmit it with the data. The receiving workstation computes a CRC and compares it to the transmitted CRC. If both of them are equal, then the block is assumed error free. In this case (such as in parity error or echo check), multiple errors can be detected. In general, CRC can detect all single-bit and double-bit errors. Although management has stated otherwise, an IS auditor has reasons to believe that the organization is using software that is not licensed. In this situation, the IS auditor should FIRST: - CORRECT ANSWER verify the software is in use through testing While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: - CORRECT ANSWER is behind schedule The database administrator suggests that database efficiency can be improved by denormalizing some tables. This would result in: - CORRECT ANSWER increased redundancy What is the BEST backup strategy for a large database with data supporting online sales? - CORRECT ANSWER mirrored hard disks A hot site should be implemented as a recovery strategy when the: - CORRECT ANSWER disaster downtime tolerance is low As part of the business continuity planning process, which of the following should be identified FIRST in the business impact analysis? - CORRECT ANSWER critical business processes for ascertaining the priority for recovery An IS auditor is performing a review of the disaster recovery hot site used by a financial institution. Which of the following would be the GREATEST concern? - CORRECT ANSWER disk space utilization are not kept current An IS auditor is reviewing an organization's disaster recovery plan (DRP) implementation. The project was completed on time and on budget. During the review, the auditor uncovers several areas of concern. Which of the following presents the GREATEST risk? - CORRECT ANSWER the business impact analysis was conducted, but the results were not used - The risk of not using the results of the BIA for disaster recovery planning means that the disaster recovery plan (DRP) may not be designed to recover the most critical assets in the correct order. As a result, the plan may not be adequate to allow the organization to recover from a disaster. During an IS risk assessment of a healthcare organization regarding protected healthcare information (PHI), an IS auditor interviews IS management. Which of the following findings from the interviews would be of MOST concern to the IS auditor? - CORRECT ANSWER Staff have to type "[PHI]" in the subject field of email messages to be encrypted. During which of the following phases in system development would user acceptance test plans normally be prepared? - CORRECT ANSWER requirements definition During an application audit, the IS auditor finds several problems related to corrupt data in the database. Which of the following is a corrective control that the IS auditor should recommend? - CORRECT ANSWER proceed with restore procedures By evaluating application development projects against the capability maturity model (CMM), an IS auditor should be able to verify that: - CORRECT ANSWER predictable software processes are followed An IS auditor evaluating the resilience of a high-availability network should be MOST concerned if: - CORRECT ANSWER the servers are clustered in one site A database administrator (DBA) who needs to make emergency changes to a database after normal working hours should log in: - CORRECT ANSWER with their named account to make the changes Which of the following types of firewalls provide the GREATEST degree and granularity of control? - CORRECT ANSWER application gateway application gateway - CORRECT ANSWER has specific proxies for each service. To handle web services, it has a Hypertext Transmission Protocol (HTTP) proxy that acts as an intermediary between externals and internals but is specifically for HTTP. This means that it not only checks the packet Internet Protocol (IP) addresses (Open Systems Interconnection [OSI] Layer 3) and the ports it is directed to (in this case port 80, or layer 4), it also checks every HTTP command (OSI Layers 5 and 7). Therefore, it works in a more detailed (granularity) way than the other choices. circuit gateway - CORRECT ANSWER based on a proxy or program that acts as an intermediary between external and internal accesses. This means that, during an external access, instead of opening a single connection to the internal server, two connections are established—one from the external server to the proxy (which Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data? - CORRECT ANSWER secure sockets layer secure sockets layer - CORRECT ANSWER used for many e-commerce applications to set up a secure channel for communications providing confidentiality through a combination of public and symmetric key encryption and integrity through hash message authentication code. Which of the following is the MOST reliable method to ensure identity of sender for messages transferred across Internet? - CORRECT ANSWER digital certificates Which of the following is the MOST efficient strategy for the backup of large quantities of mission-critical data when the systems need to be online to take sales orders 24 hours a day? - CORRECT ANSWER entering a fault tolerant-disk-to- disk-backup solution Disk-to-Disk Backup - CORRECT ANSWER also called disk-to-disk-to-tape backup or tape cache, is when the primary backup is written to disk instead of tape. That backup can then be copied, cloned or migrated to tape at a later time (hence the term "disk-to-disk-to-tape"). This technology allows the backup of data to be performed without impacting system performance and allows a large quantity of data to be backed up in a very short backup window. In case of a failure, the fault- tolerant system can transfer immediately to the other disk set. Which of the following would be MOST important for an IS auditor to verify while conducting a business continuity audit? - CORRECT ANSWER Human safety procedures are in place Who should review and approve system deliverables as they are defined and accomplished to ensure the successful completion and implementation of a new business system application? - CORRECT ANSWER user management Which of the following situations could impair the independence of an IS auditor? The IS auditor: - CORRECT ANSWER implemented specific functionality during the development of an application. An IS auditor observed that multiple applications are hosted on the same server. The recovery time objective (RTO) for the server will be: - CORRECT ANSWER based on the application with the shortest RTO. To prevent Internet Protocol (IP) spoofing attacks, a firewall should be configured to drop a packet for which the sender of a packet: - CORRECT ANSWER specifies the route that a packet should take through the network (the source routing field is enabled). When auditing the IT governance framework and IT risk management practices that exist within an organization, the IS auditor identified some undefined responsibilities regarding IT management and governance roles. Which of the following recommendations is the MOST appropriate? - CORRECT ANSWER Implement accountability rules within the organization An IS auditor reviewing an outsourcing contract of IT facilities expects it to define the: - CORRECT ANSWER ownership of intellectual property. There is a concern that the risk of unauthorized access may increase after implementing a single sign-on process. To prevent unauthorized access, the MOST important action is to: - CORRECT ANSWER mandate a strong password policy. Which of the following will MOST successfully identify overlapping key controls in business application systems? - CORRECT ANSWER Replacing manual monitoring with an automated auditing solution An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? - CORRECT ANSWER Use the DBA user account to make changes, log the changes and review the change log the following day. Which of the following is the most important element in the design of a data warehouse? - CORRECT ANSWER Quality of the metadata Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network? - CORRECT ANSWER Periodic checking of hard drives The PRIMARY benefit of implementing a security program as part of a security governance framework is the: - CORRECT ANSWER enforcement of the management of security risk. To aid management in achieving IT and business alignment, an IS auditor should recommend the use of: - CORRECT ANSWER an IT balanced scorecard. The MOST serious challenge in the operation of an intrusion detection system is: - CORRECT ANSWER filtering false positive alerts IT management has decided to install a level 1 Redundant Array of Inexpensive Disks (RAID) system in all servers to compensate for the elimination of offsite backups. The IS auditor should recommend: - CORRECT ANSWER reinstating the offsite backups. An IS auditor is conducting a compliance test to determine whether controls support management policies and procedures. The test will assist the IS auditor to determine: - CORRECT ANSWER that the control is operating as designed An IS auditor wants to determine the number of purchase orders not appropriately approved. Which of the following sampling techniques should an IS auditor use to draw such conclusions? - CORRECT ANSWER attribute If a database is restored using before-image dumps, where should the process begin following an interruption? - CORRECT ANSWER before the last transaction Establishing the level of acceptable risk is the responsibility of: - CORRECT ANSWER senior business management Management considered two projections for its disaster recovery plan: plan A with two months to fully recover and plan B with eight months to fully recover. The recovery point objectives are the same in both plans. It is reasonable to expect that plan B projected higher: - CORRECT ANSWER downtime costs