ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?
Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?

Question 161

Report
Export
Collapse

When auditing the security architecture of an online application, an IS auditor should FIRST review the:

A.
firewall standards.
A.
firewall standards.
Answers
B.
configuration of the firewall
B.
configuration of the firewall
Answers
C.
firmware version of the firewall
C.
firmware version of the firewall
Answers
D.
location of the firewall within the network
D.
location of the firewall within the network
Answers
Suggested answer: D

Explanation:

The security architecture of an online application is a design that describes how various security components and controls are integrated and configured to protect the application from internal and external threats. When auditing the security architecture of an online application, an IS auditor should first review the location of the firewall within the network, as this determines how effectively the firewall can filter and monitor the traffic between different network segments and zones. The firewall standards, configuration, and firmware version are also important aspects to review, but they are secondary to the location of the firewall.

Question 162

Report
Export
Collapse

An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email. Which of the following metrics BEST indicates the effectiveness of awareness training?

A.
The number of users deleting the email without reporting because it is a phishing email
A.
The number of users deleting the email without reporting because it is a phishing email
Answers
B.
The number of users clicking on the link to learn more about the sender of the email
B.
The number of users clicking on the link to learn more about the sender of the email
Answers
C.
The number of users forwarding the email to their business unit managers
C.
The number of users forwarding the email to their business unit managers
Answers
D.
The number of users reporting receipt of the email to the information security team
D.
The number of users reporting receipt of the email to the information security team
Answers
Suggested answer: D

Explanation:

The metric that best indicates the effectiveness of awareness training is the number of users reporting receipt of the email to the information security team. This shows that the users are able to recognize and report a phishing email, which is a common social engineering technique used by attackers to trick users into revealing sensitive information or installing malicious software. The other metrics do not demonstrate a high level of security awareness, as they either ignore, follow, or forward the phishing email, which could expose the organization to potential risks.Reference:CISA Review Manual, 27th Edition, page 326

Question 163

Report
Export
Collapse

An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance This would MOST likely increase the risk of a successful attack by.

A.
phishing.
A.
phishing.
Answers
B.
denial of service (DoS)
B.
denial of service (DoS)
Answers
C.
structured query language (SQL) injection
C.
structured query language (SQL) injection
Answers
D.
buffer overflow
D.
buffer overflow
Answers
Suggested answer: C

Explanation:

Moving validation controls from the server side into the browser would most likely increase the risk of a successful attack by structured query language (SQL) injection. SQL injection is a technique that exploits a security vulnerability in an application's database layer by inserting malicious SQL statements into user input fields. Validation controls are used to check and filter user input before sending it to the database. If these controls are moved to the browser, they can be easily bypassed or modified by an attacker, who can then execute arbitrary SQL commands on the database.Reference:CISA Review Manual, 27th Edition, page 361

Question 164

Report
Export
Collapse

Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?

A.
Developing and communicating test procedure best practices to audit teams
A.
Developing and communicating test procedure best practices to audit teams
Answers
B.
Developing and implementing an audit data repository
B.
Developing and implementing an audit data repository
Answers
C.
Decentralizing procedures and Implementing periodic peer review
C.
Decentralizing procedures and Implementing periodic peer review
Answers
D.
Centralizing procedures and implementing change control
D.
Centralizing procedures and implementing change control
Answers
Suggested answer: D

Explanation:

The best way to ensure the quality and integrity of test procedures used in audit analytics is to centralize procedures and implement change control. Centralizing procedures means storing them in a common repository that can be accessed and updated by authorized users. Change control means implementing a process for tracking, reviewing, approving, and documenting any changes made to the procedures. This ensures that the procedures are consistent, accurate, reliable, and secure.Reference:CISA Review Manual, 27th Edition, page 401

Question 165

Report
Export
Collapse

During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective. Which of the following is the auditor's BEST action?

A.
Explain to IT management that the new control will be evaluated during follow-up
A.
Explain to IT management that the new control will be evaluated during follow-up
Answers
B.
Re-perform the audit before changing the conclusion.
B.
Re-perform the audit before changing the conclusion.
Answers
C.
Change the conclusion based on evidence provided by IT management.
C.
Change the conclusion based on evidence provided by IT management.
Answers
D.
Add comments about the action taken by IT management in the report.
D.
Add comments about the action taken by IT management in the report.
Answers
Suggested answer: B

Explanation:

The auditor's best action when IT management provides suitable evidence for a control that had been concluded as ineffective is to re-perform the audit before changing the conclusion. This means that the auditor should verify the validity, completeness, and timeliness of the evidence provided by IT management and test the effectiveness of the new control in meeting the audit objectives. The auditor should not change the conclusion based on evidence provided by IT management without re-performing the audit, as this could compromise the auditor's independence and objectivity. The auditor should also not explain to IT management that the new control will be evaluated during follow-up or add comments about the action taken by IT management in the report, as these actions do not address the original audit finding.Reference:CISA Review Manual, 27th Edition, page 439

Question 166

Report
Export
Collapse

Which of the following MOST effectively minimizes downtime during system conversions?

A.
Phased approach
A.
Phased approach
Answers
B.
Direct cutover
B.
Direct cutover
Answers
C.
Pilot study
C.
Pilot study
Answers
D.
Parallel run
D.
Parallel run
Answers
Suggested answer: D

Explanation:

The most effective way to minimize downtime during system conversions is to use a parallel run. A parallel run is a method of system conversion where both the old and new systems operate simultaneously for a period of time until the new system is verified to be functioning correctly. This reduces the risk of errors, data loss, or system failure during conversion and allows for a smooth transition from one system to another.Reference:CISA Review Manual, 27th Edition, page 467

Topic 2, Exam Pool B

Question 167

Report
Export
Collapse

Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?

A.
Reviewing vacation patterns
A.
Reviewing vacation patterns
Answers
B.
Reviewing user activity logs
B.
Reviewing user activity logs
Answers
C.
Interviewing senior IT management
C.
Interviewing senior IT management
Answers
D.
Mapping IT processes to roles
D.
Mapping IT processes to roles
Answers
Suggested answer: D

Explanation:

Mapping IT processes to roles is an activity that provides an IS auditor with the most insight regarding potential single person dependencies that might exist within the organization. Single person dependencies occur when only one person has the knowledge, skills, or access rights to perform a critical IT function. Mapping IT processes to roles can help to identify such dependencies and assess their impact on the continuity and security of IT operations. The other activities do not provide as much insight into single person dependencies, as they do not show the relationship between IT processes and roles.Reference:CISA Review Manual, 27th Edition, page 94

Question 168

Report
Export
Collapse

Which of the following BEST Indicates that an incident management process is effective?

A.
Decreased time for incident resolution
A.
Decreased time for incident resolution
Answers
B.
Increased number of incidents reviewed by IT management
B.
Increased number of incidents reviewed by IT management
Answers
C.
Decreased number of calls lo the help desk
C.
Decreased number of calls lo the help desk
Answers
D.
Increased number of reported critical incidents
D.
Increased number of reported critical incidents
Answers
Suggested answer: A

Explanation:

Decreased time for incident resolution is the best indicator that an incident management process is effective. Incident management is a process that aims to restore normal service operation as quickly as possible after an incident, which is an unplanned interruption or reduction in quality of an IT service. Decreased time for incident resolution means that the incident management process is able to identify, analyze, respond to, and resolve incidents efficiently and effectively. The other indicators do not necessarily reflect the effectiveness of the incident management process, as they may depend on other factors such as the nature, frequency, and severity of incidents.Reference:CISA Review Manual, 27th Edition, page 372

Question 169

Report
Export
Collapse

Which of the following is an example of a preventative control in an accounts payable system?

A.
The system only allows payments to vendors who are included In the system's master vendor list.
A.
The system only allows payments to vendors who are included In the system's master vendor list.
Answers
B.
Backups of the system and its data are performed on a nightly basis and tested periodically.
B.
Backups of the system and its data are performed on a nightly basis and tested periodically.
Answers
C.
The system produces daily payment summary reports that staff use to compare against invoice totals.
C.
The system produces daily payment summary reports that staff use to compare against invoice totals.
Answers
D.
Policies and procedures are clearly communicated to all members of the accounts payable department
D.
Policies and procedures are clearly communicated to all members of the accounts payable department
Answers
Suggested answer: A

Explanation:

The system only allows payments to vendors who are included in the system's master vendor list is an example of a preventative control in an accounts payable system. A preventative control is a control that aims to prevent errors or irregularities from occurring in the first place. By restricting payments to vendors who are authorized and verified in the master vendor list, the system prevents unauthorized or fraudulent payments from being made. The other options are examples of other types of controls, such as backup (recovery), reconciliation (detective), and communication (directive) controls.Reference:CISA Review Manual, 27th Edition, page 223

Question 170

Report
Export
Collapse

An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:

A.
well understood by all employees.
A.
well understood by all employees.
Answers
B.
based on industry standards.
B.
based on industry standards.
Answers
C.
developed by process owners.
C.
developed by process owners.
Answers
D.
updated frequently.
D.
updated frequently.
Answers
Suggested answer: A

Explanation:

The most important thing to determine next after concluding that an organization has a quality security policy is whether the policy is well understood by all employees. A security policy is a document that defines the objectives, scope, roles, responsibilities, and rules for information security within an organization. A quality security policy is one that is clear, concise, consistent, comprehensive, and aligned with business goals and requirements. However, a quality security policy is useless if it is not well understood by all employees who are expected to comply with it. Therefore, the IS auditor should assess the level of awareness and understanding of the security policy among employees and identify any gaps or issues that need to be addressed. The other options are not as important as ensuring that the security policy is well understood by all employees, as they do not directly affect the implementation and effectiveness of the security policy.Reference:CISA Review Manual, 27th Edition, page 317

Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms