New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Master the Isaca CISA Exam: Essential Study Tips and Strategies

Questions 101

An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?

Options:
A.

System event correlation report

B.

Database log

C.

Change log

D.

Security incident and event management (SIEM) report

Isaca CISA Premium Access
Questions 102

An organization has recently implemented a Voice-over IP (VoIP) communication system. Which ot the following should be the IS auditor's PRIMARY concern?

Options:
A.

A single point of failure for both voice and data communications

B.

Inability to use virtual private networks (VPNs) for internal traffic

C.

Lack of integration of voice and data communications

D.

Voice quality degradation due to packet toss

Questions 103

Which of the following occurs during the issues management process for a system development project?

Options:
A.

Contingency planning

B.

Configuration management

C.

Help desk management

D.

Impact assessment

Questions 104

Which of the following would BEST manage the risk of changes in requirements after the analysis phase of a business application development project?

Options:
A.

Expected deliverables meeting project deadlines

B.

Sign-off from the IT team

C.

Ongoing participation by relevant stakeholders

D.

Quality assurance (OA) review

Questions 105

Which of the following should an IS auditor consider FIRST when evaluating firewall rules?

Options:
A.

The organization's security policy

B.

The number of remote nodes

C.

The firewalls' default settings

D.

The physical location of the firewalls

Questions 106

Which of the following will MOST likely compromise the control provided By a digital signature created using RSA encryption?

Options:
A.

Reversing the hash function using the digest

B.

Altering the plaintext message

C.

Deciphering the receiver's public key

D.

Obtaining the sender's private key

Questions 107

An information systems security officer's PRIMARY responsibility for business process applications is to:

Options:
A.

authorize secured emergency access

B.

approve the organization's security policy

C.

ensure access rules agree with policies

D.

create role-based rules for each business process

Questions 108

Which of the following controls BEST ensures appropriate segregation of dudes within an accounts payable department?

Options:
A.

Ensuring that audit trails exist for transactions

B.

Restricting access to update programs to accounts payable staff only

C.

Including the creator's user ID as a field in every transaction record created

D.

Restricting program functionality according to user security profiles

Questions 109

During a follow-up audit, it was found that a complex security vulnerability of low risk was not resolved within the agreed-upon timeframe. IT has stated that the system with the identified vulnerability is being replaced and is expected to be fully functional in two months Which of the following is the BEST course of action?

Options:
A.

Require documentation that the finding will be addressed within the new system

B.

Schedule a meeting to discuss the issue with senior management

C.

Perform an ad hoc audit to determine if the vulnerability has been exploited

D.

Recommend the finding be resolved prior to implementing the new system

Questions 110

Which of the following activities would allow an IS auditor to maintain independence while facilitating a control sell-assessment (CSA)?

Options:
A.

Implementing the remediation plan

B.

Partially completing the CSA

C.

Developing the remediation plan

D.

Developing the CSA questionnaire

Questions 111

Which of the following provides IS audit professionals with the BEST source of direction for performing audit functions?

Options:
A.

Audit charter

B.

IT steering committee

C.

Information security policy

D.

Audit best practices

Questions 112

An IS auditor finds that the cost of developing an application is now projected to significantly exceed the budget. Which of the following is the GREATEST risk to communicate to senior management?

Options:
A.

Noncompliance with project methodology

B.

Inability to achieve expected benefits

C.

Increased staff turnover

D.

Project abandonment

Questions 113

Which of the following should be an IS auditor's PRIMARY consideration when determining which issues to include in an audit report?

Options:
A.

Professional skepticism

B.

Management's agreement

C.

Materiality

D.

Inherent risk

Questions 114

A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

Options:
A.

the audit committee.

B.

audit management.

C.

auditee line management.

D.

the police.

Questions 115

What is the MAIN reason to use incremental backups?

Options:
A.

To improve key availability metrics

B.

To reduce costs associates with backups

C.

To increase backup resiliency and redundancy

D.

To minimize the backup time and resources

Questions 116

Which of the following Is the BEST way to ensure payment transaction data is restricted to the appropriate users?

Options:
A.

Implementing two-factor authentication

B.

Restricting access to transactions using network security software

C.

implementing role-based access at the application level

D.

Using a single menu tor sensitive application transactions

Questions 117

Which of the following is the GREATEST risk associated with hypervisors in virtual environments?

Options:
A.

Availability issues

B.

Virtual sprawl

C.

Single point of failure

D.

Lack of patches

Questions 118

What is the PRIMARY reason to adopt a risk-based IS audit strategy?

Options:
A.

To achieve synergy between audit and other risk management functions

B.

To prioritize available resources and focus on areas with significant risk

C.

To reduce the time and effort needed to perform a full audit cycle

D.

To identify key threats, risks, and controls for the organization

Questions 119

An IS auditor observes that a business-critical application does not currently have any level of fault tolerance. Which of the following is the GREATEST concern with this situation?

Options:
A.

Decreased mean time between failures (MTBF)

B.

Degradation of services

C.

Limited tolerance for damage

D.

Single point of failure

Questions 120

An IS auditor has been asked to review the quality of data in a general ledger system. Which of the following would provide the auditor with the MOST meaningful results?

Options:
A.

Discussion of the largest account values with business owners

B.

Integrity checks against source documentation

C.

System vulnerability assessment

D.

Interviews with system owners and operators

Questions 121

Which of the following BEST ensures that effective change management is in place in an IS environment?

Options:
A.

User authorization procedures for application access are well established.

B.

User-prepared detailed test criteria for acceptance testing of the software.

C.

Adequate testing was carried out by the development team.

D.

Access to production source and object programs is well controlled.

Questions 122

Which of the following is MOST important when creating a forensic image of a hard drive?

Options:
A.

Requiring an independent third party be present while imaging

B.

Securing a backup copy of the hard drive

C.

Generating a content hash of the hard drive

D.

Choosing an industry-leading forensics software tool

Questions 123

Which of the following is the MOST appropriate responsibility of an IS auditor involved in a data center renovation project?

Options:
A.

Performing independent reviews of responsible parties engaged in the project

B.

Shortlisting vendors to perform renovations

C.

Ensuring the project progresses as scheduled and milestones are achieved

D.

Implementing data center operational controls

Questions 124

Which of the following is MOST helpful for understanding an organization’s key driver to modernize application platforms?

Options:
A.

Vendor software inventories

B.

Network architecture diagrams

C.

System-wide incident reports

D.

Inventory of end-of-life software

Questions 125

Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?

Options:
A.

Transmission Control Protocol/Internet Protocol (TCP/IP)

B.

Internet Control Message Protocol

C.

Multipurpose Transaction Protocol

D.

Point-to-Point Tunneling Protocol

Questions 126

Which of the following is the PRIMARY reason to involve IS auditors in the software acquisition process?

Options:
A.

To help ensure hardware and operating system requirements are considered

B.

To help ensure proposed contracts and service level agreements (SLAs) address key elements

C.

To help ensure the project management process complies with policies and procedures

D.

To help ensure adequate controls to address common threats and risks are considered

Questions 127

Audit frameworks can assist the IS audit function by:

Options:
A.

defining the authority and responsibility of the IS audit function.

B.

providing direction and information regarding the performance of audits.

C.

outlining the specific steps needed to complete audits.

D.

providing details on how to execute the audit program.

Questions 128

Which of the following is the PRIMARY reason an IS auditor would recommend offsite backups although critical data is already on a redundant array of inexpensive disks (RAID)?

Options:
A.

The array cannot offer protection against disk corruption.

B.

The array cannot recover from a natural disaster.

C.

The array relies on proper maintenance.

D.

Disks of the array cannot be hot-swapped for quick recovery.

Questions 129

If a recent release of a program has to be backed out of production, the corresponding changes within the delta version of the code should be:

Options:
A.

filed in production for future reference in researching the problem.

B.

applied to the source code that reflects the version in production.

C.

eliminated from the source code that reflects the version in production.

D.

reinstalled when replacing the version back into production.

Questions 130

Which of the following will BEST ensure that archived electronic information of permanent importance remains accessible over time?

Options:
A.

Performing preventive maintenance on old hardware

B.

Acquiring applications that emulate old software

C.

Regularly migrating data to current technology

D.

Periodically backing up archived data

Questions 131

During the audit of an enterprise resource planning (ERP) system, an IS auditor found an applicationpatch was applied to the production environment. It is MOST

important for the IS auditor to verify approval from the:

Options:
A.

information security officer.

B.

system administrator.

C.

information asset owner.

D.

project manager.

Questions 132

An IS auditor finds that a new network connection allows communication between the Internet and the internal enterprise resource planning (ERP) system. Which of the following is the PRIMARY business impact to include when presenting this observation to management?

Options:
A.

An increase to the threat landscape

B.

A decrease in data quality in the ERP system

C.

A decrease in network performance

D.

An increase in potential fines from regulators

Questions 133

An IS auditor reviewing an information processing environment decides to conduct external penetration testing. Which of the following is MOST appropriate to include in the audit scope for the organization to distinguish between the auditor's penetration attacks and actual attacks?

Options:
A.

Restricted host IP addresses of simulated attacks

B.

Testing techniques of simulated attacks

C.

Source IP addresses of simulated attacks

D.

Timing of simulated attacks

Questions 134

An IS auditor finds ad hoc vulnerability scanning is in place with no clear alignment to the organization's wider security threat and vulnerability management program.

Which of the following would BEST enable the organization to work toward improvement in this area?

Options:
A.

Implementing security logging to enhance threat and vulnerability management

B.

Maintaining a catalog of vulnerabilities that may impact mission-critical systems

C.

Using a capability maturity model to identify a path to an optimized program

D.

Outsourcing the threat and vulnerability management function to a third party

Questions 135

Which of the following is the GREATEST impact as a result of the ongoing deterioration of a detective control?

Options:
A.

Decreased effectiveness of root cause analysis

B.

Decreased overall recovery time

C.

Increased number of false negatives in security logs

D.

Increased demand for storage space for logs

Questions 136

Which of the following provides the BEST evidence that all elements of a business continuity plan (BCP) are operating effectively?

Options:
A.

Walk-through test results

B.

Full operational test results

C.

Tabletop test results

D.

Simulation test results

Questions 137

Which of the following procedures for testing a disaster recovery plan (DRP) is MOST effective?

Options:
A.

Testing at a secondary site using offsite data backups

B.

Performing a quarterly tabletop exercise

C.

Reviewing recovery time and recovery point objectives

D.

Reviewing documented backup and recovery procedures

Questions 138

What should be an IS auditor's PRIMARY focus when reviewing a patch management procedure in an environment where availability is a top priority?

Options:
A.

Deployment automation to all servers

B.

Technical skills of the deployment team

C.

Comprehensive testing prior to deployment

D.

Validity certification prior to deployment

Questions 139

An IS auditor is supporting a forensic investigation. An image of affected storage media has been captured while collecting digital forensic evidence. Which of the following techniques would BEST enable an IS auditor to verify that the captured image is an exact, unchanged replica of the original media?

Options:
A.

Hash value

B.

Access control list

C.

File allocation table

D.

Size of the file

Questions 140

Which of the following is the PRIMARY purpose of a rollback plan for a system change?

Options:
A.

To ensure steps exist to remove the change if necessary

B.

To ensure testing can be re-performed if required

C.

To ensure a backup exists before implementing a change

D.

To ensure the system change is effective

Questions 141

Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?

Options:
A.

The BCP's contact information needs to be updated.

B.

The BCP is not version-controlled.

C.

The BCP has not been approved by senior management.

D.

The BCP has not been tested since it was first issued.

Questions 142

Having knowledge in which of the following areas is MOST relevant for an IS auditor reviewing public key infrastructure (PKI)?

Options:
A.

Design and application of key controls in public audit

B.

Security strategy in public cloud Infrastructure as a Service (IaaS)

C.

Modern encoding methods for digital communications

D.

Technology and process life cycle for digital certificates and key pairs

Questions 143

Which of the following is the PRIMARY objective of enterprise architecture (EA)?

Options:
A.

Maintaining detailed system documentation

B.

Managing and planning for IT investments

C.

Executing customized development and delivery of projects

D.

Enforcing the IT policy across the organization

Questions 144

An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?

Options:
A.

Evaluate key performance indicators (KPIs).

B.

Conduct a gap analysis.

C.

Develop a maturity model.

D.

Implement a control self-assessment (CSA).

Questions 145

Which of the following is the BEST way to prevent social engineering incidents?

Options:
A.

Ensure user workstations are running the most recent version of antivirus software.

B.

Maintain an onboarding and annual security awareness program.

C.

Include security responsibilities in job descriptions and require signed acknowledgment.

D.

Enforce strict email security gateway controls.

Questions 146

A startup organization wants to develop a data loss prevention (DLP) program. The FIRST step should be to implement:

Options:
A.

Security awareness training

B.

Data encryption

C.

Data classification

D.

Access controls

Questions 147

Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees. What is the MOST important task before implementing any associated email controls?

Options:
A.

Provide notification to employees about possible email monitoring.

B.

Develop an information classification scheme.

C.

Require all employees to sign nondisclosure agreements (NDAs).

D.

Develop an acceptable use policy for end-user computing (EUC).

Questions 148

Which of the following non-audit activities may impair an IS auditor's independence and objectivity?

Options:
A.

Evaluating a third-party customer satisfaction survey

B.

Providing advice on an IT project management framework

C.

Designing security controls for a new cloud-based workforce management system

D.

Reviewing secure software development guidelines adopted by an organization

Questions 149

A checksum is classified as which type of control?

Options:
A.

Corrective control

B.

Administrative control

C.

Detective control

D.

Preventive control

Questions 150

Which of the following will provide the GREATEST assurance to IT management that a quality management system (QMS) is effective?

Options:
A.

A high percentage of stakeholders satisfied with the quality of IT

B.

Ahigh percentage of incidents being quickly resolved

C.

Ahigh percentage of IT processes reviewed by quality assurance (QA)

D.

Ahigh percentage of IT employees attending quality training

Exam Code: CISA
Certification Provider: Isaca
Exam Name: Certified Information Systems Auditor
Last Update: Jan 19, 2025
Questions: 1277

Isaca Related Exams

How to pass Isaca CISM - Certified Information Security Manager Exam
How to pass Isaca CRISC - Certified in Risk and Information Systems Control Exam
How to pass Isaca CGEIT - Certified in the Governance of Enterprise IT Exam Exam
How to pass Isaca COBIT5 - COBIT 5 Foundation Exam Exam
How to pass Isaca CDPSE - Certified Data Privacy Solutions Engineer Exam
How to pass Isaca COBIT-2019 - COBIT 2019 Foundation Exam
How to pass Isaca NIST-COBIT-2019 - ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019 Exam

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.