CISA Certified Information Systems Auditor Updated Dumps

Prévia do material em texto

CISA
Exam Name: Certified Information Systems Auditor
Full version: 693 Q&As
Full version of CISA Dumps
Share some CISA exam dumps below.
1. A CFO has requested an audit of IT capacity management due to a series of finance system
slowdowns during month-end reporting.
What would be MOST important to consider before including this audit in the program?
A. Whether system delays result in more frequent use of manual processing
B. Whether the system's performance poses a significant risk to the organization
 1 / 29
https://www.certqueen.com/CISA.html
C. Whether stakeholders are committed to assisting with the audit
D. Whether internal auditors have the required skills to perform the audit
Answer: B
2. Which of the following is the MOST effective method of destroying sensitive data stored on
electronic media?
A. Degaussing
B. Random character overwrite
C. Physical destruction
D. Low-level formatting
Answer: B
3. An IS auditor is reviewing a bank's service level agreement (SLA) with a third-party provider
that hosts the bank's secondary data center, which of the following findings should be of
GREATEST concern to the auditor?
A. The recovery time objective (RTO) has a longer duration than documented in the disaster
recovery plan (ORP).
B. The SLA has not been reviewed in more than a year.
C. Backup data is hosted online only.
D. The recovery point objective (RPO) has a shorter duration than documented in the disaster
recovery plan (DRP).
Answer: D
Explanation:
The recovery point objective (RPO) is the maximum amount of data that can be lost due to a
system failure or disaster. If the SLA specifies a shorter RPO than the DRP, this could indicate a
lack of adequate backup systems or procedures to ensure data integrity, which is of great
concern to an IS auditor. Additionally, the IS auditor should also be sure to check that the SLA
is up to date and that the RTO and RPO align with the DRP.
4. An organization has recently moved to an agile model for deploying custom code to its in-
house accounting software system.
When reviewing the procedures in place for production code deployment, which of the following
is the MOST significant security concern to address?
A. Software vulnerability scanning is done on an ad hoc basis.
B. Change control does not include testing and approval from quality assurance (QA).
C. Production code deployment is not automated.
 2 / 29
D. Current DevSecOps processes have not been independently verified.
Answer: A
5. Which of the following is the GREATEST risk if two users have concurrent access to the
same database record?
A. Availability integrity
B. Data integrity
C. Entity integrity
D. Referential integrity
Answer: B
6. Which of the following is MOST important when implementing a data classification program?
A. Understanding the data classification levels
B. Formalizing data ownership
C. Developing a privacy policy
D. Planning for secure storage capacity
Answer: B
7. When an IS audit reveals that a firewall was unable to recognize a number of attack attempts,
the auditor's BEST recommendation is to place an intrusion detection system (IDS) between the
firewall and:
A. the organization's web server.
B. the demilitarized zone (DMZ).
C. the organization's network.
D. the Internet
Answer: C
8. During a security audit, an IS auditor is tasked with reviewing log entries obtained from an
enterprise intrusion prevention system (IPS).
Which type of risk would be associated with the potential for the auditor to miss a sequence of
logged events that could indicate an error in the IPS configuration?
A. Sampling risk
B. Detection risk
C. Control risk
D. Inherent risk
Answer: B
 3 / 29
9. Which of the following attack techniques will succeed because of an inherent security
weakness in an Internet firewall?
A. Phishing
B. Using a dictionary attack of encrypted passwords
C. Intercepting packets and viewing passwords
D. Flooding the site with an excessive number of packets
Answer: D
10. What should an IS auditor do FIRST when management responses to an in-person internal
control questionnaire indicate a key internal control is no longer effective?
A. Determine the resources required to make the control effective.
B. Validate the overall effectiveness of the internal control.
C. Verify the impact of the control no longer being effective.
D. Ascertain the existence of other compensating controls.
Answer: D
11. Malicious program code was found in an application and corrected prior to release into
production. After the release, the same issue was reported.
Which of the following is the IS auditor's BEST recommendation?
A. Ensure corrected program code is compiled in a dedicated server.
B. Ensure change management reports are independently reviewed.
C. Ensure programmers cannot access code after the completion of program edits.
D. Ensure the business signs off on end-to-end user acceptance test (UAT) results.
Answer: A
12. Which of the following occurs during the issues management process for a system
development project?
A. Contingency planning
B. Configuration management
C. Help desk management
D. Impact assessment
Answer: D
13. Which of the following is the MOST important consideration for an IS auditor when
assessing the adequacy of an organization's information security policy?
 4 / 29
A. Alignment with the IT tactical plan
B. IT steering committee minutes
C. Compliance with industry best practice
D. Business objectives
Answer: D
14. Which of the following is the BEST indication that there are potential problems within an
organization's IT service desk function?
A. Undocumented operating procedures
B. Lack of segregation of duties
C. An excessive backlog of user requests
D. Lack of key performance indicators (KPIs)
Answer: C
15. During which phase of the software development life cycle is it BEST to initiate the
discussion of application controls?
A. Business case development phase when stakeholders are identified
B. Application design phase process functionalities are finalized
C. User acceptance testing (UAT) phase when test scenarios are designed
D. Application coding phase when algorithms are developed to solve business problems
Answer: B
Explanation:
The best time to initiate the discussion of application controls is during the Application Design
phase, when the process functionalities are finalized. This is according to the ISACA CISA
Study Manual, which states, "Application controls should be discussed during the design phase
and implemented in the development of the system." (ISACA CISA Study Manual, 26th Edition,
Section 4.2.2, Page 4.27)
16. During audit framework. an IS auditor teams that employees are allowed to connect their
personal devices to company-owned computers.
How can the auditor BEST validate that appropriate security controls are in place to prevent
data loss?
A. Conduct a walk-through to view results of an employee plugging in a device to transfer
confidential data.
B. Review compliance with data loss and applicable mobile device user acceptance policies.
C. Verify the data loss prevention (DLP) tool is properly configured by the organization.
 5 / 29
D. Verify employees have received appropriate mobile device security awareness training.
Answer: B
17. The following findings are the result of an IS auditor's post-implementation review of a newly
implemented system.
Which of the following findings is of GREATEST significance?
A. A lessons-learned session was never conducted.
B. The projects 10% budget overrun was not reported to senior management.
C. Measurable benefits were not defined.
D. Monthly dashboards did not always contain deliverables.
Answer: C
Explanation:
Based on the ISACA CISA Study Manual, the greatest significance of the findings would be C:
Measurable benefitswere not defined. According to the Study Manual, measurable benefits
should be established so that the cost, quality, and time objectives of the project can be
evaluated. Without measurable benefits, it is difficult to determine the success of the project.
18. Which of the following is the BEST point in time to conduct a post-implementation review?
A. After a full processing cycle
B. Immediately after deployment
C. After the warranty period
D. Prior to the annual performance review
Answer: A
Explanation:
The best point in time to conduct a post-implementation review is after a full processing cycle. A
post-implementation review is conducted to verify that the implemented system meets the
original requirements and that it is operating as intended. Therefore, it is important to wait until
the system has gone through a full processing cycle, so that any errors or issues can be
identified and addressed. This allows the organization to make sure that the system is stable
and reliable before it is put into production.
19. A third-party consultant is managing the replacement of an accounting system.
Which of the following should be the IS auditor's GREATEST concern?
A. Data migration is not part of the contracted activities.
B. The replacement is occurring near year-end reporting
C. The user department will manage access rights.
 6 / 29
D. Testing was performed by the third-party consultant
Answer: C
20. After the merger of two organizations, which of the following is the MOST important task for
an IS auditor to perform?
A. Verifying that access privileges have been reviewed
B. investigating access rights for expiration dates
C. Updating the continuity plan for critical resources
D. Updating the security policy
Answer: A
21. An organization has an acceptable use policy in place, but users do not formally
acknowledge the policy.
Which of the following is the MOST significant risk from this finding?
A. Lack of data for measuring compliance
B. Violation of industry standards
C. Noncompliance with documentation requirements
D. Lack of user accountability
Answer: D
Explanation:
Without formal acknowledgement of the acceptable use policy, users may not be aware of the
policies and procedures that are in place and may not understand the consequences of their
actions. This could lead to violations of the policy and the associated risks, such as data
breaches, security violations, and financial losses.
22. Which of the following is the BEST way to address potential data privacy concerns
associated with inadvertent disclosure of machine identifier information contained within security
logs?
A. Unit the use of logs to only those purposes for which they were collected
B. Restrict the transfer of log files from host machine to online storage
C. Only collect logs from servers classified as business critical
D. Limit log collection to only periods of increased security activity
Answer: A
23. Which of the following should be an IS auditor's PRIMARY focus when developing a risk-
based IS audit program?
 7 / 29
A. Portfolio management
B. Business plans
C. Business processes
D. IT strategic plans
Answer: D
24. Which of the following is the GREATEST risk of using a reciprocal site for disaster recovery?
A. Inability to utilize the site when required
B. Inability to test the recovery plans onsite
C. Equipment compatibility issues at the site
D. Mismatched organizational security policies
Answer: B
25. Which of the following should be of GREATEST concern to an |$ auditor reviewing data
conversion and migration during the implementation of a new application system?
A. The change management process was not formally documented
B. Backups of the old system and data are not available online
C. Unauthorized data modifications occurred during conversion,
D. Data conversion was performed using manual processes
Answer: C
26. What is the MAIN reason to use incremental backups?
A. To improve key availability metrics
B. To reduce costs associates with backups
C. To increase backup resiliency and redundancy
D. To minimize the backup time and resources
Answer: D
27. During the discussion of a draft audit report IT management provided suitable evidence that
a process has been implemented for a control that had been concluded by the IS auditor as
ineffective
Which of the following is the auditor's BEST action?
A. Explain to IT management that the new control will be evaluated during follow-up
 8 / 29
B. Add comments about the action taken by IT management in the report
C. Change the conclusion based on evidence provided by IT management
D. Re-perform the audit before changing the conclusion
Answer: D
28. Which of the following is the BEST testing approach to facilitate rapid identification of
application interface errors?
A. Integration testing
B. Regression testing
C. Automated testing
D. User acceptance testing (UAT)
Answer: C
29. When evaluating information security governance within an organization, which of the
following findings should be of MOST concern to an IS auditor?
A. The information security department has difficulty filling vacancies
B. An information security governance audit was not conducted within the past year
C. The data center manager has final sign-off on security projects
D. Information security policies are updated annually
Answer: B
Explanation:
The most concerning finding for an IS auditor when evaluating information security governance
within an organization is B. An information security governance audit was not conducted within
the past year. According to the ISACA Certified Information System Auditor (CISA) Study Guide,
information security governance audits should be conducted annually to ensure that the
organization's information security policies and procedures are effective and up to date.
Additionally, information security governance audits should assess the organization's risk
management processes, control environment, and compliance with relevant laws and
regulations. If an information security governance audit has not been conducted in the past
year, then the organization may be at higher risk of data breaches and other security incidents.
30. A warehouse employee of a retail company has been able to conceal the theft of inventory
items by entering adjustments of either damaged or lost stock items lo the inventory system.
Which control would have BEST prevented this type of fraud in a retail environment?
A. Separate authorization for input of transactions
B. Statistical sampling of adjustment transactions
 9 / 29
C. Unscheduled audits of lost stock lines
D. An edit check for the validity of the inventory transaction
Answer: A
31. Which of the following are BEST suited for continuous auditing?
A. Low-value transactions
B. Real-lime transactions
C. Irregular transactions
D. Manual transactions
Answer: C
32. Which of the following findings should be of GREATEST concern to an IS auditor reviewing
an organization s newly implemented online security awareness program'?
A. Only new employees are required to attend the program
B. Metrics have not been established to assess training results
C. Employees do not receive immediate notification of results
D. The timing for program updates has not been determined
Answer: B
33. Which of the following should be the FIRST step when planning an IS audit of a third-party
service provider that monitors network activities?
A. Review the third party's monitoring logs and incident handling
B. Review the roles and responsibilities of the third-party provider
C. Evaluate the organization's third-party monitoring process
D. Determine if the organization has a secure connection to the provider
Answer: B
34. During a routine internal software licensing review, an IS auditor discovers instances where
employees shared licensekeys to critical pieces of business software.
Which of the following would be the auditor's BEST course of action?
A. Recommend the utilization of software licensing monitoring tools
B. Recommend the purchase of additional software license keys
C. Validate user need for shared software licenses
D. Verify whether the licensing agreement allows shared use
Answer: D
 10 / 29
35. Which of the following should be of MOST concern to an IS auditor reviewing the public key
infrastructure (PKI) for enterprise email?
A. The certificate revocation list has not been updated.
B. The PKI policy has not been updated within the last year.
C. The private key certificate has not been updated.
D. The certificate practice statement has not been published
Answer: A
36. Which of the following is an IS auditor's BEST approach when prepanng to evaluate
whether the IT strategy supports the organization's vision and mission?
A. Review strategic projects tor return on investments (ROls)
B. Solicit feedback from other departments to gauge the organization's maturity
C. Meet with senior management to understand business goals
D. Review the organization's key performance indicators (KPls)
Answer: C
Explanation:
The best approach for an IS auditor when preparing to evaluate whether the IT strategy
supports the Organization's vision and mission is C. Meet with senior management to
understand business goals. According to the ISACA Certified Information Systems Auditor
(CISA) Study Guide [1], IS auditors should meet with senior management to understand the
organization's vision and mission, and the related business goals, objectives and strategies.
This will help the auditor to assess whether the proposed IT strategy is aligned with the
organization's overall objectives, and whether the information systems are providing the
expected returns. Additionally, the IS auditor should understand
the organization's risk appetite and risk management approach, as these will affect the design
and implementation of the IT strategy.
37. An IS auditor requests direct access to data required to perform audit procedures instead of
asking management to provide the data.
Which of the following is the PRIMARY advantage of this approach?
A. Audit transparency
B. Data confidentiality
C. Professionalism
D. Audit efficiency
Answer: A
 11 / 29
38. In which of the following system development life cycle (SDLC) phases would an IS auditor
expect to find that controls have been incorporated into system specifications?
A. Implementation
B. Development
C. Feasibility
D. Design
Answer: D
39. Which of the following should be done FIRST when planning a penetration test?
A. Execute nondisclosure agreements (NDAs).
B. Determine reporting requirements for vulnerabilities.
C. Define the testing scope.
D. Obtain management consent for the testing.
Answer: D
40. Which of the following should an IS auditor recommend as a PRIMARY area of focus when
an organization decides to outsource technical support for its external customers?
A. Align service level agreements (SLAs) with current needs.
B. Monitor customer satisfaction with the change.
C. Minimize costs related to the third-party agreement.
D. Ensure right to audit is included within the contract.
Answer: A
41. When testing the adequacy of tape backup procedures, which step BEST verifies that
regularly scheduled Backups are timely and run to completion?
A. Observing the execution of a daily backup run
B. Evaluating the backup policies and procedures
C. Interviewing key personnel evolved In the backup process
D. Reviewing a sample of system-generated backup logs
Answer: A
42. Which of the following would be the BEST process for continuous auditing to a large
financial Institution?
A. Testing encryption standards on the disaster recovery system
B. Validating access controls for real-time data systems
C. Performing parallel testing between systems
 12 / 29
D. Validating performance of help desk metrics
Answer: B
43. Which of the following would BEST facilitate the successful implementation of an IT-related
framework?
A. Aligning the framework to industry best practices
B. Establishing committees to support and oversee framework activities
C. Involving appropriate business representation within the framework
D. Documenting IT-related policies and procedures
Answer: C
44. In data warehouse (DW) management, what is the BEST way to prevent data quality issues
caused by changes from a source system?
A. Configure data quality alerts to check variances between the data warehouse and the source
system
B. Require approval for changes in the extract/Transfer/load (ETL) process between the two
systems
C. Include the data warehouse in the impact analysis (or any changes m the source system
D. Restrict access to changes in the extract/transfer/load (ETL) process between the two
systems
Answer: B
45. An IT balanced scorecard is the MOST effective means of monitoring:
A. governance of enterprise IT.
B. control effectiveness.
C. return on investment (ROI).
D. change management effectiveness.
Answer: A
46. During a new system implementation, an IS auditor has been assigned to review risk
management at each milestone. The auditor finds that several risks to project benefits have not
been addressed.
Who should be accountable for managing these risks?
A. Enterprise risk manager
B. Project sponsor
C. Information security officer
 13 / 29
D. Project manager
Answer: D
47. During a project audit, an IS auditor notes that project reporting does not accurately reflect
current progress.
Which of the following is the GREATEST resulting impact?
A. The project manager will have to be replaced.
B. The project reporting to the board of directors will be incomplete.
C. The project steering committee cannot provide effective governance.
D. The project will not withstand a quality assurance (QA) review.
Answer: C
48. Which of the following should be of GREATEST concern to an IS auditor conducting an
audit of an organization that recently experienced a ransomware attack?
A. Antivirus software was unable to prevent the attack even though it was properly updated
B. The most recent security patches were not tested prior to implementation
C. Backups were only performed within the local network
D. Employees were not trained on cybersecurity policies and procedures
Answer: C
49. Which of the following should be the FIRST step to successfully implement a corporate data
classification program?
A. Approve a data classification policy.
B. Select a data loss prevention (DLP) product.
C. Confirm that adequate resources are available for the project.
D. Check for the required regulatory requirements.
Answer: D
50. An internal audit department recently established a quality assurance (QA) program.
Which of the following activities Is MOST important to include as part of the QA program
requirements?
A. Long-term Internal audit resource planning
B. Ongoing monitoring of the audit activities
C. Analysis of user satisfaction reports from business lines
D. Feedback from Internal audit staff
Answer: C
 14 / 29
51. A senior auditor is reviewing work papers prepared by a junior auditor indicating that a
finding was removed after the auditee said they corrected the problem.
Which of the following is the senior auditor s MOST appropriate course of action?
A. Ask the auditee to retest
B. Approve the work papers as written
C. Have the finding reinstated
D. Refer the issue to the audit director
Answer: A
52. What should an IS auditor do FIRST when a follow-up audit reveals some management
action plans have not been initiated?
A. Confirm whether the identified risks are still valid.
B. Provide a report to the audit committee.
C. Escalate the lack of plan completion to executive management.D. Request an additional action plan review to confirm the findings.
Answer: C
Explanation:
The first thing that an IS auditor should do when a follow-up audit reveals some management
action plans have not been initiated is to escalate the lack of plan completion to executive
management. This is because executive management is responsible for ensuring that
necessary actions are taken to address identified risks and ensure the effectiveness of internal
controls. The auditor should communicate the findings and the importance of timely action to
mitigate the risks.
Reference: ISACA, CISA Exam Preparation Guide, pg. 112.
53. A review of IT interface controls finds an organization does not have a process to identify
and correct records that do not get transferred to the receiving system
Which of the following is the IS auditors BEST recommendation?
A. Enable automatic encryption decryption and electronic signing of data files
B. implement software to perform automatic reconciliations of data between systems
C. Have coders perform manual reconciliation of data between systems
D. Automate the transfer of data between systems as much as feasible
Answer: B
54. Which of the following is the MOST important reason to implement version control for an
 15 / 29
end-user computing (EUC) application?
A. To ensure that older versions are availability for reference
B. To ensure that only the latest approved version of the application is used
C. To ensure compatibility different versions of the application
D. To ensure that only authorized users can access the application
Answer: B
55. With regard to resilience, which of the following is the GREATEST risk to an organization
that has implemented a new critical system?
A. A business impact analysis (BIA) has not been performed
B. Business data is not sanitized in the development environment
C. There is no plan for monitoring system downtime
D. The process owner has not signed off on user acceptance testing (UAT)
Answer: A
56. Which of the following conditions would be of MOST concern to an IS auditor assessing the
risk of a successful brute force attack against encrypted data at test?
A. Short key length
B. Random key generation
C. Use of symmetric encryption
D. Use of asymmetric encryption
Answer: A
57. Which of the following is MOST critical for the effective implementation of IT governance?
A. Strong risk management practices
B. Internal auditor commitment
C. Supportive corporate culture
D. Documented policies
Answer: C
58. During the implementation of an upgraded enterprise resource planning (ERP) system,
which of the following is the MOST important consideration for a go-live decision?
A. Rollback strategy
B. Test cases
C. Post-implementation review objectives
D. Business case
 16 / 29
Answer: D
59. A data center's physical access log system captures each visitor's identification document
numbers along with the visitor's photo.
Which of the following sampling methods would be MOST useful to an IS auditor conducting
compliance testing for the effectiveness of the system?
A. Quota sampling
B. Haphazard sampling
C. Attribute sampling
D. Variable sampling
Answer: D
60. Which of following is MOST important to determine when conducing a post-implementation
review?
A. Whether the solution architecture compiles with IT standards
B. Whether success criteria have been achieved
C. Whether the project has been delivered within the approved budget
D. Whether lessons teamed have been documented
Answer: B
61. An employee loses a mobile device resulting in loss of sensitive corporate data.
Which of the following would have BEST prevented data leakage?
A. Data encryption on the mobile device
B. Complex password policy for mobile devices
C. The triggering of remote data wipe capabilities
D. Awareness training for mobile device users
Answer: A
62. Capacity management enables organizations to:
A. forecast technology trends
B. establish the capacity of network communication links
C. identify the extent to which components need to be upgraded
D. determine business transaction volumes.
Answer: D
63. Which of the following findings from an IT governance review should be of GREATEST
 17 / 29
concern?
A. The IT budget is not monitored
B. All IT services are provided by third parties.
C. IT value analysis has not been completed.
D. IT supports two different operating systems.
Answer: C
64. An audit has identified that business units have purchased cloud-based applications without
IPs support.
What is the GREATEST risk associated with this situation?
A. The applications are not included in business continuity plans (BCFs)
B. The applications may not reasonably protect data.
C. The application purchases did not follow procurement policy.
D. The applications could be modified without advanced notice.
Answer: B
65. Which of the following is the MOST important control for virualized environments?
A. Regular updates of policies for the operation of the virtualized environment
B. Hardening for the hypervisor and guest machines
C. Redundancy of hardware resources and network components
D. Monitoring utilization of resources at the guest operating system level
Answer: B
Explanation:
The most important control for virtualized environments is hardening for the hypervisor and
guest machines. Hardening the hypervisor and guest machines involves taking measures to
ensure that the system is secure and protected from external threats. This includes ensuring
that all security patches and updates are applied, that the systems are configured securely, and
that only approved applications are allowed to run. Additionally, it is important to ensure that the
system is regularly monitored for any malicious activity. For more information, please refer to
the ISACA CISA Study Guide section 4.13.4.1.
66. Which of the following observations would an IS auditor consider the GREATEST risk when
conducting an audit of a virtual server farm tor potential software vulnerabilities?
A. Guest operating systems are updated monthly
B. The hypervisor is updated quarterly.
C. A variety of guest operating systems operate on one virtual server
 18 / 29
D. Antivirus software has been implemented on the guest operating system only.
Answer: D
67. An auditee disagrees with a recommendation for corrective action that appears in the draft
engagement report.
Which of the following is the IS auditor's BEST course of action when preparing the final report?
A. Come to an agreement prior to issuing the final report.
B. Include the position supported by senior management in the final engagement report
C. Ensure the auditee's comments are included in the working papers
D. Exclude the disputed recommendation from the final engagement report
Answer: B
68. Which of the following is the BEST detective control for a job scheduling process involving
data transmission?
A. Metrics denoting the volume of monthly job failures are reported and reviewed by senior
management.
B. Jobs are scheduled to be completed daily and data is transmitted using a Secure File
Transfer Protocol (SFTP).
C. Jobs are scheduled and a log of this activity is retained for subsequent review.
D. Job failure alerts are automatically generated and routed to support personnel.
Answer: D
69. What is the PRIMARY benefit of an audit approach which requires reported findings to be
issued together with related action plans, owners, and target dates?
A. it facilitates easier audit follow-up
B. it enforces action plan consensus between auditors and auditees
C. it establishes accountability for the action plans
D. it helps to ensure factual accuracy of findings
Answer: C
70. Which of the following areas is MOST likely to be overlooked when implementing a new
data classification process?
A. End-user computing (EUC) systems
B. Emailattachments
C. Data sent to vendors
D. New system applications
 19 / 29
Answer: B
71. A financial group recently implemented new technologies and processes.
Which type of IS audit would provide the GREATEST level of assurance that the department's
objectives have been met?
A. Performance audit
B. Integrated audit
C. Cyber audit
D. Financial audit
Answer: B
72. Recovery facilities providing a redundant combination of Internet connections to the local
communications loop is an example of which type of telecommunications continuity?
A. Voice recovery
B. Alternative routing
C. Long-haul network diversity
D. Last-mile circuit protection
Answer: D
73. An IS auditor learns the organization has experienced several server failures in its
distributed environment.
Which of the following is the BEST recommendation to limit the potential impact of server
failures in the future?
A. Redundant pathways
B. Clustering
C. Failover power
D. Parallel testing
Answer: B
74. Following a security breach in which a hacker exploited a well-known vulnerability in the
domain controller, an IS audit has been asked to conduct a control assessment. the auditor's
BEST course of action would be to determine if:
A. the patches were updated.
B. The logs were monitored.
C. The network traffic was being monitored.
D. The domain controller was classified for high availability.
 20 / 29
Answer: A
75. Which of the following would be of GREATEST concern when reviewing an organization's
security information and event management (SIEM) solution?
A. SIEM reporting is customized.
B. SIEM configuration is reviewed annually
C. The SIEM is decentralized.
D. SIEM reporting is ad hoc.
Answer: C
76. When verifying the accuracy and completeness of migrated data for a new application
system replacing a legacy system.
It is MOST effective for an IS auditor to review;
A. data analytics findings.
B. audit trails
C. acceptance lasting results
D. rollback plans
Answer: B
77. Capacity management tools are PRIMARILY used to ensure that:
A. available resources are used efficiently and effectively
B. computer systems are used to their maximum capacity most of the time
C. concurrent use by a large number of users is enabled
D. proposed hardware acquisitions meet capacity requirements
Answer: A
78. An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix
the findings differs from the agreed-upon approach confirmed during the last audit.
Which of the following should be the auditor's NEXT course of action?
A. Evaluate the appropriateness of the remedial action taken.
B. Conduct a risk analysis incorporating the change.
C. Report results of the follow-up to the audit committee.
D. Inform senior management of the change in approach.
Answer: A
79. An organization has made a strategic decision to split into separate operating entities to
 21 / 29
improve profitability. However, the IT infrastructure remains shared between the entities.
Which of the following would BEST help to ensure that IS audit still covers key risk areas within
the IT environment as part of its annual plan?
A. Increasing the frequency of risk-based IS audits for each business entity
B. Developing a risk-based plan considering each entity's business processes
C. Conducting an audit of newly introduced IT policies and procedures
D. Revising IS audit plans to focus on IT changes introduced after the split
Answer: D
80. An IS auditor found that a company executive is encouraging employee use of social
networking sites for business purposes.
Which of the following recommendations would BEST help to reduce the risk of data leakage?
A. Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by
employees
B. Establishing strong access controls on confidential data
C. Providing education and guidelines to employees on use of social networking sites
D. Monitoring employees' social networking usage
Answer: C
81. What is the BEST control to address SQL injection vulnerabilities?
A. Unicode translation
B. Secure Sockets Layer (SSL) encryption
C. Input validation
D. Digital signatures
Answer: C
82. A review of Internet security disclosed that users have individual user accounts with Internet
service providers (ISPs) and use these accounts for downloading business data. The
organization wants to ensure that only the corporate network is used. The organization should
FIRST:
A. use a proxy server to filter out Internet sites that should not be accessed.
B. keep a manual log of Internet access.
C. monitor remote access activities.
D. include a statement in its security policy about Internet use.
Answer: D
 22 / 29
83. Which of the following is the BEST indication to an IS auditor that management's post-
implementation review was effective?
A. Lessons learned were documented and applied.
B. Business and IT stakeholders participated in the post-implementation review.
C. Post-implementation review is a formal phase in the system development life cycle (SDLC).
D. Internal audit follow-up was completed without any findings.
Answer: D
84. An organization has established hiring policies and procedures designed specifically to
ensure network administrators are well qualified.
Which type of control is in place?
A. Detective
B. Compensating
C. Corrective
D. Directive
Answer: D
85. In an IT organization where many responsibilities are shared which of the following is the
BEST control for detecting unauthorized data changes'?
A. Users are required to periodically rotate responsibilities
B. Segregation of duties conflicts are periodically reviewed
C. Data changes are independently reviewed by another group
D. Data changes are logged in an outside application
Answer: C
86. An IS auditor has found that an organization is unable to add new servers on demand in a
cost-efficient manner.
Which of the following is the auditor's BEST recommendation?
A. Increase the capacity of existing systems.
B. Upgrade hardware to newer technology.
C. Hire temporary contract workers for the IT function.
D. Build a virtual environment.
Answer: D
87. Which of the following is MOST important for an IS auditor to review when determining
whether IT investments are providing value to tie business?
 23 / 29
A. Return on investment (ROI)
B. Business strategy
C. Business cases
D. Total cost of ownership (TCO)
Answer: B
Explanation:
Business strategy is the most important for an IS auditor to review when determining whether IT
investments are providing value to the business, because:
? Business strategy is a plan or vision that defines the goals, objectives, and direction of the
business, and how it intends to achieve them1234.
? Business strategy is the basis for aligning and prioritizing IT investments with the business
needs, expectations, and outcomes123 [4].
? Business strategy is the source for identifying and measuring the benefits and value that IT
investments deliver to the business, such as increased revenue, faster access to information,
better customer service, or improved efficiency[1] 2^ 3^ 4.
? Business strategy is the criterion for evaluating and communicating the performance and
impact of IT investments on the business success[1] 2^ 3^.
88. When assessing a proposed project for the two-way replication of a customer database with
a remote call center, the IS auditor should ensure that:
A. database conflicts are managed during replication.
B. end users are trained in the replication process.
C. the source database is backed up on both sites.
D. user rights are identical on both databases.
Answer: A
Explanation:
When assessing a proposed project for the two-way replication of a customer database with a
remote call center, the IS auditor should ensure that database conflicts are managed duringreplication. This should include verifying that the replication process is designed to reconcile any
discrepancies between the databases, such as conflicting data or duplicate records.
Additionally, the IS auditor should review the security and access controls in place to ensure
that the replications are performed securely and only authorized users have access to the
replicated data.
89. Which of the following is MOST important to consider when scheduling follow-up audits?
A. The efforts required for independent verification with new auditors
 24 / 29
B. The impact if corrective actions are not taken
C. The amount of time the auditee has agreed to spend with auditors
D. Controls and detection risks related to the observations
Answer: B
90. Which of the following is MOST important to ensure when developing an effective security
awareness program?
A. Training personnel are information security professionals.
B. Phishing exercises are conducted post-training.
C. Security threat scenarios are included in the program content.
D. Outcome metrics for the program are established.
Answer: D
91. An organization is concerned with meeting new regulations for protecting data confidentiality
and asks an IS auditor to evaluate their procedures for transporting data.
Which of the following would BEST support the organization's objectives?
A. Cryptographic hashes
B. Virtual local area network (VLAN)
C. Encryption
D. Dedicated lines
Answer: C
Explanation:
The best option to support the organization's objectives of protecting data confidentiality when
transporting data is encryption. Encryption is a process of encoding data so that it cannot be
accessed or read by unauthorized parties. Encryption can be used to secure data in transit,
ensuring that confidential data remains confidential and protected from unauthorized access.
According to the ISACA CISA Study Manual, "encryption is the most effective way to achieve
data security."
92. Which of the following provides the BEST evidence that a third-party service provider's
information security controls are effective?
A. An audit report of the controls by the service provider's external auditor
B. Documentation of the service provider's security configuration controls
C. An interview with the service provider's information security officer
D. A review of the service provider's policies and procedures
Answer: A
 25 / 29
93. An IS auditor is evaluating the progress of a web-based customer service application
development project.
Which of the following would be MOST helpful for this evaluation?
A. Backlog consumption reports
B. Critical path analysis reports
C. Developer status reports
D. Change management logs
Answer: A
94. Which of the following should be the FIRST step in the incident response process for a
suspected breach?
A. Inform potentially affected customers of the security breach
B. Notify business management of the security breach.
C. Research the validity of the alerted breach
D. Engage a third party to independently evaluate the alerted breach.
Answer: C
95. Which of the following would be of MOST concern for an IS auditor evaluating the design of
an organization's incident management processes?
A. Service management standards are not followed.
B. Expected time to resolve incidents is not specified.
C. Metrics are not reported to senior management.
D. Prioritization criteria are not defined.
Answer: B
96. Which of the following would MOST likely impair the independence of the IS auditor when
performing a post-implementation review of an application system?
A. The IS auditor provided consulting advice concerning application system best practices.
B. The IS auditor participated as a member of the application system project team, but did not
have operational responsibilities.
C. The IS auditor designed an embedded audit module exclusively for auditing the application
system.
D. The IS auditor implemented a specific control during the development of the application
system.
Answer: D
 26 / 29
97. Which of the following should be an IS auditor's GREATEST consideration when scheduling
follow-up activities for agreed-upon management responses to remediate audit observations?
A. Business interruption due to remediation
B. IT budgeting constraints
C. Availability of responsible IT personnel
D. Risk rating of original findings
Answer: D
98. An organization considering the outsourcing of a business application should FIRST:
A. define service level requirements.
B. perform a vulnerability assessment.
C. conduct a cost-benefit analysis.
D. issue a request for proposal (RFP).
Answer: D
Explanation:
An RFP is a document used to solicit bids from potential vendors and to outline the
requirements for a particular project. It typically includes a description of the project, a list of the
requirements, and the criteria for evaluating the bids. The RFP outlines the bidding process and
contract terms and establishes a strong foundation for the organization in a procurement
process
99. Which of the following is an advantage of using agile software development methodology
over the waterfall methodology?
A. Less funding required overall
B. Quicker deliverables
C. Quicker end user acceptance
D. Clearly defined business expectations
Answer: B
100. What would be an IS auditor's BEST course of action when an auditee is unable to close
all audit recommendations by the time of the follow-up audit?
A. Ensure the open issues are retained in the audit results.
B. Terminate the follow-up because open issues are not resolved
C. Recommend compensating controls for open issues.
D. Evaluate the residual risk due to open issues.
 27 / 29
Answer: D
101. Providing security certification for a new system should include which of the following prior
to the system's implementation?
A. End-user authorization to use the system in production
B. External audit sign-off on financial controls
C. Testing of the system within the production environment
D. An evaluation of the configuration management practices
Answer: A
102. A now regulation requires organizations to report significant security incidents to the
regulator within 24 hours of identification.
Which of the following is the IS auditors BEST recommendation to facilitate compliance with the
regulation?
A. Establish key performance indicators (KPls) for timely identification of security incidents.
B. Engage an external security incident response expert for incident handling.
C. Enhance the alert functionality of the intrusion detection system (IDS).
D. Include the requirement in the incident management response plan.
Answer: C
103. In an online application which of the following would provide the MOST information about
the transaction audit trail?
A. File layouts
B. Data architecture
C. System/process flowchart
D. Source code documentation
Answer: C
104. What is the GREATEST concern for an IS auditor reviewing contracts for licensed software
that executes a critical business process?
A. The contract does not contain a right-to-audit clause.
B. An operational level agreement (OLA) was not negotiated.
C. Several vendor deliverables missed the commitment date.
D. Software escrow was not negotiated.
Answer: D
 28 / 29
 
More Hot Exams are available.
350-401 ENCOR Exam Dumps
350-801 CLCOR Exam Dumps
200-301 CCNA Exam Dumps
Powered by TCPDF (www.tcpdf.org)
 29 / 29
https://www.certqueen.com/promotion.asp
https://www.certqueen.com/350-401.html
https://www.certqueen.com/350-801.html
https://www.certqueen.com/200-301.html
http://www.tcpdf.org