Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Isaca CISA Practice Exam with Questions & Answers | Set: 8

Questions 351

A proper audit trail of changes to server start-up procedures would include evidence of:

Options:
A.

subsystem structure.

B.

program execution.

C.

security control options.

D.

operator overrides.

Isaca CISA Premium Access
Questions 352

Cross-site scripting (XSS) attacks are BEST prevented through:

Options:
A.

application firewall policy settings.

B.

a three-tier web architecture.

C.

secure coding practices.

D.

use of common industry frameworks.

Questions 353

When an intrusion into an organization network is deleted, which of the following should be done FIRST?

Options:
A.

Block all compromised network nodes.

B.

Contact law enforcement.

C.

Notify senior management.

D.

Identity nodes that have been compromised.

Questions 354

Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management's decision. Which of the following should be the IS auditor's NEXT course of action?

Options:
A.

Accept management's decision and continue the follow-up.

B.

Report the issue to IS audit management.

C.

Report the disagreement to the board.

D.

Present the issue to executive management.

Questions 355

Which of the following is the BEST way to determine whether a test of a disaster recovery plan (DRP) was successful?

Options:
A.

Analyze whether predetermined test objectives were met.

B.

Perform testing at the backup data center.

C.

Evaluate participation by key personnel.

D.

Test offsite backup files.

Questions 356

Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

Options:
A.

Audit cycle defined in the audit plan

B.

Complexity of management's action plans

C.

Recommendation from executive management

D.

Residual risk from the findings of previous audits

Questions 357

In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:

Options:
A.

hire another person to perform migration to production.

B.

implement continuous monitoring controls.

C.

remove production access from the developers.

D.

perform a user access review for the development team

Questions 358

Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?

Options:
A.

Assurance that the new system meets functional requirements

B.

More time for users to complete training for the new system

C.

Significant cost savings over other system implemental or approaches

D.

Assurance that the new system meets performance requirements

Questions 359

Which of the following is the MOST effective control to mitigate unintentional misuse of authorized access?

Options:
A.

Annual sign-off of acceptable use policy

B.

Regular monitoring of user access logs

C.

Security awareness training

D.

Formalized disciplinary action

Questions 360

An organization's software developers need access to personally identifiable information (Pll) stored in a particular data format. Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?

Options:
A.

Data masking

B.

Data tokenization

C.

Data encryption

D.

Data abstraction

Questions 361

During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?

Options:
A.

Notify the chair of the audit committee.

B.

Notify the audit manager.

C.

Retest the control.

D.

Close the audit finding.

Questions 362

What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?

Options:
A.

Senior management's request

B.

Prior year's audit findings

C.

Organizational risk assessment

D.

Previous audit coverage and scope

Questions 363

The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:

Options:
A.

is more effective at suppressing flames.

B.

allows more time to abort release of the suppressant.

C.

has a decreased risk of leakage.

D.

disperses dry chemical suppressants exclusively.

Questions 364

Which of the following BEST guards against the risk of attack by hackers?

Options:
A.

Tunneling

B.

Encryption

C.

Message validation

D.

Firewalls

Questions 365

Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

Options:
A.

business impact analysis (BIA).

B.

threat and risk assessment.

C.

business continuity plan (BCP).

D.

disaster recovery plan (DRP).

Questions 366

Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?

Options:
A.

Carbon dioxide

B.

FM-200

C.

Dry pipe

D.

Halon

Questions 367

A data breach has occurred due lo malware. Which of the following should be the FIRST course of action?

Options:
A.

Notify the cyber insurance company.

B.

Shut down the affected systems.

C.

Quarantine the impacted systems.

D.

Notify customers of the breach.

Questions 368

An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization's website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur. Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?

Options:
A.

Assign responsibility for improving data quality.

B.

Invest in additional employee training for data entry.

C.

Outsource data cleansing activities to reliable third parties.

D.

Implement business rules to validate employee data entry.

Questions 369

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

Options:
A.

Periodically reviewing log files

B.

Configuring the router as a firewall

C.

Using smart cards with one-time passwords

D.

Installing biometrics-based authentication

Questions 370

Which of the following is the BEST justification for deferring remediation testing until the next audit?

Options:
A.

The auditor who conducted the audit and agreed with the timeline has left the organization.

B.

Management's planned actions are sufficient given the relative importance of the observations.

C.

Auditee management has accepted all observations reported by the auditor.

D.

The audit environment has changed significantly.

Questions 371

Which of the following should be GREATEST concern to an IS auditor reviewing data conversion and migration during the implementation of a new application system?

Options:
A.

Data conversion was performed using manual processes.

B.

Backups of the old system and data are not available online.

C.

Unauthorized data modifications occurred during conversion.

D.

The change management process was not formally documented

Questions 372

Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?

Options:
A.

Background checks

B.

User awareness training

C.

Transaction log review

D.

Mandatory holidays

Questions 373

During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:

Options:
A.

Future compatibility of the application.

B.

Proposed functionality of the application.

C.

Controls incorporated into the system specifications.

D.

Development methodology employed.

Questions 374

What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization's business continuity plan (BCP)?

Options:
A.

Full test results

B.

Completed test plans

C.

Updated inventory of systems

D.

Change management processes

Questions 375

What is MOST important to verify during an external assessment of network vulnerability?

Options:
A.

Update of security information event management (SIEM) rules

B.

Regular review of the network security policy

C.

Completeness of network asset inventory

D.

Location of intrusion detection systems (IDS)

Questions 376

Which of the following documents should specify roles and responsibilities within an IT audit organization?

Options:
A.

Organizational chart

B.

Audit charier

C.

Engagement letter

D.

Annual audit plan

Questions 377

For an organization that has plans to implement web-based trading, it would be MOST important for an IS auditor to verify the organization's information security plan includes:

Options:
A.

attributes for system passwords.

B.

security training prior to implementation.

C.

security requirements for the new application.

D.

the firewall configuration for the web server.

Questions 378

Which of the following activities would allow an IS auditor to maintain independence while facilitating a control sell-assessment (CSA)?

Options:
A.

Implementing the remediation plan

B.

Partially completing the CSA

C.

Developing the remediation plan

D.

Developing the CSA questionnaire

Questions 379

Which of the following environments is BEST used for copying data and transformation into a compatible data warehouse format?

Options:
A.

Testing

B.

Replication

C.

Staging

D.

Development

Questions 380

In data warehouse (DW) management, what is the BEST way to prevent data quality issues caused by changes from a source system?

Options:
A.

Configure data quality alerts to check variances between the data warehouse and the source system

B.

Require approval for changes in the extract/Transfer/load (ETL) process between the two systems

C.

Include the data warehouse in the impact analysis (or any changes m the source system

D.

Restrict access to changes in the extract/transfer/load (ETL) process between the two systems

Questions 381

Which of the following is MOST important to verify when determining the completeness of the vulnerability scanning process?

Options:
A.

The organization's systems inventory is kept up to date.

B.

Vulnerability scanning results are reported to the CISO.

C.

The organization is using a cloud-hosted scanning tool for Identification of vulnerabilities

D.

Access to the vulnerability scanning tool is periodically reviewed

Questions 382

The waterfall life cycle model of software development is BEST suited for which of the following situations?

Options:
A.

The protect requirements are wall understood.

B.

The project is subject to time pressures.

C.

The project intends to apply an object-oriented design approach.

D.

The project will involve the use of new technology.

Questions 383

When auditing the alignment of IT to the business strategy, it is MOST Important for the IS auditor to:

Options:
A.

compare the organization's strategic plan against industry best practice.

B.

interview senior managers for their opinion of the IT function.

C.

ensure an IT steering committee is appointed to monitor new IT projects.

D.

evaluate deliverables of new IT initiatives against planned business services.

Questions 384

Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack against encrypted data at test?

Options:
A.

Short key length

B.

Random key generation

C.

Use of symmetric encryption

D.

Use of asymmetric encryption

Questions 385

An IS audit learn is evaluating the documentation related to the most recent application user-access review performed by IT and business management It is determined that the user list was not system-generated. Which of the following should be the GREATEST concern?

Options:
A.

Availability of the user list reviewed

B.

Confidentiality of the user list reviewed

C.

Source of the user list reviewed

D.

Completeness of the user list reviewed

Questions 386

Which of the following is the BEST indicator of the effectiveness of signature-based intrusion detection systems (lDS)?

Options:
A.

An increase in the number of identified false positives

B.

An increase in the number of detected Incidents not previously identified

C.

An increase in the number of unfamiliar sources of intruders

D.

An increase in the number of internally reported critical incidents

Questions 387

Which of the following is the BEST reason for an organization to use clustering?

Options:
A.

To decrease system response time

B.

To Improve the recovery lime objective (RTO)

C.

To facilitate faster backups

D.

To improve system resiliency

Questions 388

Which of the following should be of MOST concern to an IS auditor reviewing the public key infrastructure (PKI) for enterprise email?

Options:
A.

The certificate revocation list has not been updated.

B.

The PKI policy has not been updated within the last year.

C.

The private key certificate has not been updated.

D.

The certificate practice statement has not been published

Questions 389

Providing security certification for a new system should include which of the following prior to the system's implementation?

Options:
A.

End-user authorization to use the system in production

B.

External audit sign-off on financial controls

C.

Testing of the system within the production environment

D.

An evaluation of the configuration management practices

Questions 390

The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:

Options:
A.

risk management review

B.

control self-assessment (CSA).

C.

service level agreement (SLA).

D.

balanced scorecard.

Questions 391

Which of the following is a detective control?

Options:
A.

Programmed edit checks for data entry

B.

Backup procedures

C.

Use of pass cards to gain access to physical facilities

D.

Verification of hash totals

Questions 392

An internal audit department recently established a quality assurance (QA) program. Which of the following activities Is MOST important to include as part of the QA program requirements?

Options:
A.

Long-term Internal audit resource planning

B.

Ongoing monitoring of the audit activities

C.

Analysis of user satisfaction reports from business lines

D.

Feedback from Internal audit staff

Questions 393

An IS auditor learns the organization has experienced several server failures in its distributed environment. Which of the following is the BEST recommendation to limit the potential impact of server failures in the future?

Options:
A.

Redundant pathways

B.

Clustering

C.

Failover power

D.

Parallel testing

Questions 394

Which of the following is the PRIMARY role of the IS auditor m an organization's information classification process?

Options:
A.

Securing information assets in accordance with the classification assigned

B.

Validating that assets are protected according to assigned classification

C.

Ensuring classification levels align with regulatory guidelines

D.

Defining classification levels for information assets within the organization

Questions 395

The due date of an audit project is approaching, and the audit manager has determined that only 60% of the audit has been completed. Which of the following should the audit manager do FIRST?

Options:
A.

Determine where delays have occurred

B.

Assign additional resources to supplement the audit

C.

Escalate to the audit committee

D.

Extend the audit deadline

Questions 396

Which of the following Is the BEST way to ensure payment transaction data is restricted to the appropriate users?

Options:
A.

Implementing two-factor authentication

B.

Restricting access to transactions using network security software

C.

implementing role-based access at the application level

D.

Using a single menu tor sensitive application transactions

Questions 397

Which of the following is the GREATEST risk associated with storing customer data on a web server?

Options:
A.

Data availability

B.

Data confidentiality

C.

Data integrity

D.

Data redundancy

Questions 398

A new system is being developed by a vendor for a consumer service organization. The vendor will provide its proprietary software once system development is completed Which of the following is the MOST important requirement to include In the vendor contract to ensure continuity?

Options:
A.

Continuous 24/7 support must be available.

B.

The vendor must have a documented disaster recovery plan (DRP) in place.

C.

Source code for the software must be placed in escrow.

D.

The vendor must train the organization's staff to manage the new software

Questions 399

An organization was recently notified by its regulatory body of significant discrepancies in its reporting data. A preliminary investigation revealed that the discrepancies were caused by problems with the organization's data quality Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be advisors to the process. To ensure that management concerns are addressed, which data set should internal audit recommend be reviewed FIRST?

Options:
A.

Data with customer personal information

B.

Data reported to the regulatory body

C.

Data supporting financial statements

D.

Data impacting business objectives

Questions 400

An IS auditor is reviewing an industrial control system (ICS) that uses older unsupported technology in the scope of an upcoming audit. What should the auditor consider the MOST significant concern?

Options:
A.

Attack vectors are evolving for industrial control systems.

B.

There is a greater risk of system exploitation.

C.

Disaster recovery plans (DRPs) are not in place.

D.

Technical specifications are not documented.

Exam Code: CISA
Certification Provider: Isaca
Exam Name: Certified Information Systems Auditor
Last Update: Jul 17, 2025
Questions: 1407

Isaca Free Exams

Isaca Free Exams
Examstrack offers comprehensive free resources and practice tests for Isaca exams.