ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 93

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?
Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?

Question 921

Report
Export
Collapse

Which of the following would be of GREATEST concern to an IS auditor reviewing the resiliency of an organizational network that has two internet connections?

A.
Network capacity testing has not been performed.
A.
Network capacity testing has not been performed.
Answers
B.
The business continuity plan (BCP) has not been tested in the past six months.
B.
The business continuity plan (BCP) has not been tested in the past six months.
Answers
C.
Non-critical applications are also connected to both connections.
C.
Non-critical applications are also connected to both connections.
Answers
D.
Both connections are from the same provider.
D.
Both connections are from the same provider.
Answers
Suggested answer: D

Question 922

Report
Export
Collapse

An IS auditor wants to inspect recent events in a system to observe failed authentications and password changes. Which of the following is the MOST appropriate method to use for this purpose?

A.
Penetration testing
A.
Penetration testing
Answers
B.
Authenticated scanning
B.
Authenticated scanning
Answers
C.
Change management records
C.
Change management records
Answers
D.
System log review
D.
System log review
Answers
Suggested answer: D

Question 923

Report
Export
Collapse

How is nonrepudiation supported within a public key infrastructure (PKI) environment?

A.
Through the use of elliptical curve cryptography on transmitted messages
A.
Through the use of elliptical curve cryptography on transmitted messages
Answers
B.
Through the use of a certificate issued by a certificate authority (CA)
B.
Through the use of a certificate issued by a certificate authority (CA)
Answers
C.
Through the use of private keys to decrypt data received by a user
C.
Through the use of private keys to decrypt data received by a user
Answers
D.
Through the use of enterprise key management systems
D.
Through the use of enterprise key management systems
Answers
Suggested answer: B

Question 924

Report
Export
Collapse

Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?

A.
User acceptance testing (UAT)
A.
User acceptance testing (UAT)
Answers
B.
Black-box testing
B.
Black-box testing
Answers
C.
Regression testing
C.
Regression testing
Answers
D.
Stress testing
D.
Stress testing
Answers
Suggested answer: C

Question 925

Report
Export
Collapse

Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?

A.
Adverse findings from internal and external auditors
A.
Adverse findings from internal and external auditors
Answers
B.
Lack of project portfolio status oversight
B.
Lack of project portfolio status oversight
Answers
C.
Lack of alignment of project status reports
C.
Lack of alignment of project status reports
Answers
D.
Inadequate decision-making and prioritization
D.
Inadequate decision-making and prioritization
Answers
Suggested answer: D

Question 926

Report
Export
Collapse

Which of the following should an IS auditor recommend be done FIRST when an organization is planning to implement an IT compliance program?

A.
Identify staff training needs related to compliance requirements.
A.
Identify staff training needs related to compliance requirements.
Answers
B.
Analyze historical compliance-related audit findings.
B.
Analyze historical compliance-related audit findings.
Answers
C.
Research and purchase an industry-recognized IT compliance tool
C.
Research and purchase an industry-recognized IT compliance tool
Answers
D.
Identify applicable laws, regulations, and standards.
D.
Identify applicable laws, regulations, and standards.
Answers
Suggested answer: D

Question 927

Report
Export
Collapse

An IS auditor has been asked to provide support to the control self-assessment (CSA) program. Which of the following BEST represents the scope of the auditor's role in the program?

A.
The auditor should act as a program facilitator.
A.
The auditor should act as a program facilitator.
Answers
B.
The auditor should focus on improving process productivity
B.
The auditor should focus on improving process productivity
Answers
C.
The auditor should perform detailed audit procedures
C.
The auditor should perform detailed audit procedures
Answers
D.
The auditor's presence replaces the audit responsibilities of other team members.
D.
The auditor's presence replaces the audit responsibilities of other team members.
Answers
Suggested answer: A

Question 928

Report
Export
Collapse

Which of the following is a PRIMARY function of an intrusion detection system (IDS)?

A.
Predicting an attack before it occurs
A.
Predicting an attack before it occurs
Answers
B.
Alerting when a scheduled backup job fails
B.
Alerting when a scheduled backup job fails
Answers
C.
Blocking malicious network traffic
C.
Blocking malicious network traffic
Answers
D.
Warning when executable programs are modified
D.
Warning when executable programs are modified
Answers
Suggested answer: D

Question 929

Report
Export
Collapse

Who should be the FIRST to evaluate an audit report prior to issuing it to the project steering committee?

A.
IS audit manager
A.
IS audit manager
Answers
B.
Audit committee
B.
Audit committee
Answers
C.
Business owner
C.
Business owner
Answers
D.
Project sponsor
D.
Project sponsor
Answers
Suggested answer: A

Question 930

Report
Export
Collapse

An IS auditor is reviewing database fields updated in real-time and displayed through other applications in multiple organizational functions. When validating business approval for these various use cases, which of the following sources of information would be the BEST starting point?

A.
Network map from the network administrator
A.
Network map from the network administrator
Answers
B.
Historical database change log records
B.
Historical database change log records
Answers
C.
List of integrations from the database administrator (DBA)
C.
List of integrations from the database administrator (DBA)
Answers
D.
Business process flow from management
D.
Business process flow from management
Answers
Suggested answer: D

Explanation:

Understanding the business process flow is crucial as it provides insights into how different applications and organizational functions use and update the database fields in real-time. This perspective helps the auditor validate that appropriate business approvals are in place for these use cases.

Reference

ISACA CISA Review Manual 27th Edition, Page 128-129 (Business Process Flow)

Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms