ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 89

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?

Question 881

Report
Export
Collapse

An IS auditor discovers that a developer has used the same key to grant access to multiple applications making calls to an application programming interface (API). Which of the following is the BEST recommendation to address this situation?

A.
Replace the API key with time-limited tokens that grant least privilege access.
A.
Replace the API key with time-limited tokens that grant least privilege access.
Answers
B.
Authorize the API key to allow read-only access by all applications.
B.
Authorize the API key to allow read-only access by all applications.
Answers
C.
Implement a process to expire the API key after a previously agreed-upon period of time.
C.
Implement a process to expire the API key after a previously agreed-upon period of time.
Answers
D.
Coordinate an API key rotation exercise with all impacted application owners.
D.
Coordinate an API key rotation exercise with all impacted application owners.
Answers
Suggested answer: A

Question 882

Report
Export
Collapse

In an area susceptible to unexpected increases in electrical power, which of the following would MOST effectively protect the system?

A.
Generator
A.
Generator
Answers
B.
Voltage regulator
B.
Voltage regulator
Answers
C.
Circuit breaker
C.
Circuit breaker
Answers
D.
Alternate power supply line
D.
Alternate power supply line
Answers
Suggested answer: B

Question 883

Report
Export
Collapse

An organization plans to centrally decommission end-of-life databases and migrate the data to the latest model of hardware. Which of the following BEST ensures data integrity is preserved during the migration?

A.
Reconciling sample data to most recent backups
A.
Reconciling sample data to most recent backups
Answers
B.
Obfuscating confidential data
B.
Obfuscating confidential data
Answers
C.
Encrypting the data
C.
Encrypting the data
Answers
D.
Comparing checksums
D.
Comparing checksums
Answers
Suggested answer: D

Question 884

Report
Export
Collapse

During a closing meeting, the IT manager disagrees with a valid audit finding presented by the IS auditor and requests the finding be excluded from the final report. Which of the following is the auditor's BEST course of action?

A.
Request that the IT manager be removed from the remaining meetings and future audits.
A.
Request that the IT manager be removed from the remaining meetings and future audits.
Answers
B.
Modify the finding to include the IT manager's comments and inform the audit manager of the changes.
B.
Modify the finding to include the IT manager's comments and inform the audit manager of the changes.
Answers
C.
Remove the finding from the report and continue presenting the remaining findings.
C.
Remove the finding from the report and continue presenting the remaining findings.
Answers
D.
Provide the evidence which supports the finding and keep the finding in the report.
D.
Provide the evidence which supports the finding and keep the finding in the report.
Answers
Suggested answer: D

Question 885

Report
Export
Collapse

During which IT project phase is it MOST appropriate to conduct a benefits realization analysis?

A.
Post-implementation review phase
A.
Post-implementation review phase
Answers
B.
Final implementation phase
B.
Final implementation phase
Answers
C.
User acceptance testing (UAT) phase
C.
User acceptance testing (UAT) phase
Answers
D.
Design review phase
D.
Design review phase
Answers
Suggested answer: A

Question 886

Report
Export
Collapse

When planning a review of IT governance, an IS auditor is MOST likely to:

A.
assess whether business process owner responsibilities are consistent.
A.
assess whether business process owner responsibilities are consistent.
Answers
B.
obtain information about the control framework adopted by management.
B.
obtain information about the control framework adopted by management.
Answers
C.
examine audit committee minutes for IT-related controls.
C.
examine audit committee minutes for IT-related controls.
Answers
D.
define key performance indicators (KPIs).
D.
define key performance indicators (KPIs).
Answers
Suggested answer: B

Question 887

Report
Export
Collapse

Which of the following is the BEST indicator that a third-party vendor adheres to the controls required by the organization?

A.
Review of monthly performance reports submitted by the vendor
A.
Review of monthly performance reports submitted by the vendor
Answers
B.
Certifications maintained by the vendor
B.
Certifications maintained by the vendor
Answers
C.
Regular independent assessment of the vendor
C.
Regular independent assessment of the vendor
Answers
D.
Substantive log file review of the vendor's system
D.
Substantive log file review of the vendor's system
Answers
Suggested answer: C

Question 888

Report
Export
Collapse

Which of the following would BEST prevent an arbitrary application of a patch?

A.
Database access control
A.
Database access control
Answers
B.
Established maintenance windows
B.
Established maintenance windows
Answers
C.
Network based access controls
C.
Network based access controls
Answers
D.
Change management
D.
Change management
Answers
Suggested answer: D

Question 889

Report
Export
Collapse

Which of the following would be MOST important to include in an IS audit report?

A.
Observations not reported as findings due to inadequate evidence
A.
Observations not reported as findings due to inadequate evidence
Answers
B.
The roadmap for addressing the various risk areas
B.
The roadmap for addressing the various risk areas
Answers
C.
The level of unmitigated risk along with business impact
C.
The level of unmitigated risk along with business impact
Answers
D.
Specific technology solutions for each audit observation
D.
Specific technology solutions for each audit observation
Answers
Suggested answer: C

Question 890

Report
Export
Collapse

At the end of each business day, a business-critical application generates a report of financial transac-tions greater than a certain value, and an employee then checks these transactions for errors. What type of control is in place?

A.
Detective
A.
Detective
Answers
B.
Preventive
B.
Preventive
Answers
C.
Corrective
C.
Corrective
Answers
D.
Deterrent
D.
Deterrent
Answers
Suggested answer: A
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms