Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 1581:

  An IS auditor is reviewing the implementation of an international quality management standard Which of the following provides the BEST evidence that quality management objectives have been achieved?

  A. Reduction in risk profile
  B. Quality assurance (QA) documentation
  C. Measurable processes
  D. Enhanced compliance with laws and regulations
  C. Measurable processes

  ---

  Explanation

• Question 1582:

  Which of the following is the PRIMARY benefit to an organization using an automated event monitoring solution?

  A. Enhanced forensic analysis
  B. Improved response time to incidents
  C. Improved network protection
  D. Reduced need for manual analysis
  B. Improved response time to incidents

  ---

  Explanation

• Question 1583:

  A change to the scope of an IT project has been formally submitted to the project manager. What should the project manager do NEXT?

  A. Update the project plan to reflect the change in scope
  B. Discuss the change with the project team and determine if it should be approved
  C. Escalate the change to the change advisory board for approval
  D. Determine how the change will affect the schedule and budget
  B. Discuss the change with the project team and determine if it should be approved

  ---

  Explanation

• Question 1584:

  Which of the following would be an auditor's GREATEST concern when reviewing data inputs from spreadsheets into the core finance system?

  A. Undocumented code formats data and transmits directly to the database.
  B. There is not a complete inventory of spreadsheets, and file naming is inconsistent.
  C. The department data protection policy has not been reviewed or updated for two years.
  D. Spreadsheets are accessible by all members of the finance department.
  A. Undocumented code formats data and transmits directly to the database.

  ---

  Explanation

  The auditor's greatest concern when reviewing data inputs from spreadsheets into the core finance system would be undocumented code that formats data and transmits directly to the database. This is because undocumented code can introduce errors, inconsistencies, and security risks in the data processing and reporting. Undocumented code can also make it difficult to verify the accuracy, completeness, and validity of the data inputs and outputs, as well as to trace the source and destination of the data. Undocumented code can also violate the principles of segregation of duties, as the same person who creates the code may also have access to the data and the database. The other options are not as concerning as undocumented code, although they may also pose some risks. A lack of complete inventory of spreadsheets and inconsistent file naming may make it challenging to identify and locate the relevant spreadsheets, but they do not directly affect the quality or integrity of the data inputs. The department data protection policy not being reviewed or updated for two years may indicate a lack of awareness or compliance with the current data protection regulations, but it does not necessarily imply that the data inputs are compromised or inaccurate. Spreadsheets being accessible by all members of the finance department may increase the risk of unauthorized or accidental changes to the data, but it can be mitigated by implementing access controls, password protection, and audit trails.

  References: ISACA, CISA Review Manual, 27th Edition, 2019, p. 2261 Five Common Spreadsheet Risks and Ways to Control Them2 GREATEST Concerns When Reviewing Data Inputs from Spreadsheets

• Question 1585:

  In a typical network architecture used for e-commerce, a load balancer is normally found between the:

  A. routers and the web servers.
  B. mail servers and the mail repositories.
  C. users and the external gateways.
  D. databases and the external gateways.
  A. routers and the web servers.

  ---

  Explanation

• Question 1586:

  Which of the following is the MOST important control for virtualized environments?

  A. Regular updates of policies for the operation of the virtualized environment
  B. Hardening for the hypervisor and guest machines
  C. Redundancy of hardware resources and network components
  D. Monitoring utilization of resources at the guest operating system level
  B. Hardening for the hypervisor and guest machines

  ---

  Explanation

  The most important control for virtualized environments is hardening for the hypervisor and guest machines. Hardening is the process of applying security measures and configurations to reduce the vulnerabilities and risks of a system or device. Hardening for the hypervisor and guest machines is essential for protecting the virtualized environments from attacks, as they are exposed to various threats from both the physical and virtual layers. Hardening for the hypervisor and guest machines involves the following steps: Applying the latest patches and updates for the hypervisor and guest operating systems, as well as the applications and drivers running on them. Configuring the firewall and network settings for the hypervisor and guest machines, to restrict and monitor the network traffic and prevent unauthorized access or communication. Disabling or removing any unnecessary or unused features, services, accounts, or ports on the hypervisor and guest machines, to minimize the attack surface and reduce the potential entry points for attackers. Enforcing strong authentication and authorization policies for the hypervisor and guest machines, to ensure that only authorized users or administrators can access or manage them. Encrypting the data and communication for the hypervisor and guest machines, to protect the confidentiality and integrity of the information stored or transmitted on them. Implementing logging and auditing mechanisms for the hypervisor and guest machines, to record and track any activities or events that occur on them, and enable detection and investigation of any incidents or anomalies. Hardening for the hypervisor and guest machines can help prevent or mitigate common attacks on virtualized environments, such as: Hypervisor escape: An attack where a malicious guest machine breaks out of its isolated environment and gains access to the hypervisor or other guest machines. Hypervisor compromise: An attack where an attacker exploits a vulnerability or misconfiguration in the hypervisor to gain control over it or its resources. Guest compromise: An attack where an attacker exploits a vulnerability or misconfiguration in a guest machine to gain access to its data or applications. Guest impersonation: An attack where an attacker creates a fake or cloned guest machine to trick other guests or users into interacting with it. Guest denial-of-service: An attack where an attacker consumes or exhausts the resources of a guest machine to disrupt its availability or performance. Therefore, hardening for the hypervisor and guest machines is the most important control for virtualized environments, as it can enhance their security, reliability, and performance. For more information about hardening for virtualized environments, you can refer to some of these web sources: Hypervisor security on the Azure fleet Chapter 2: Hardening the Hyper-V host Plan for Hyper-V security in Windows Server

• Question 1587:

  Which of the following is the PRIMARY reason an IS auditor should recommend that management create an IT risk register?

  A. To document root causes of IT-related risk events and lessons learned
  B. To ensure there is appropriate funding for IT risk mitigation efforts
  C. To ensure an inventory of potential IT risks is maintained and reported
  D. To facilitate internal audit's testing of IT-risk-related controls
  C. To ensure an inventory of potential IT risks is maintained and reported

  ---

  Explanation

  Explanation

• Question 1588:

  Which of the following represents a potential single point of failure in the virtualized environment that could result in a compromise with greater scope and impact?

  A. Underlying hardware on the guest operating system
  B. Dual operating system
  C. The host operating system
  D. Applications installed on the guest operating system
  C. The host operating system

  ---

  Explanation

• Question 1589:

  An IS auditor has discovered that a cloud-based application was not included in an application inventory that was used to confirm the scope of an audit. The business process owner explained that the application will be audited by a third party in the next year. The auditor's NEXT step should be to:

  A. evaluate the impact of the cloud application on the audit scope
  B. revise the audit scope to include the cloud-based application
  C. review the audit report when performed by the third party
  D. report the control deficiency to senior management
  D. report the control deficiency to senior management

  ---

  Explanation

• Question 1590:

  An IS auditor reviewed the business case for a proposed investment to virtualize an organization's server infrastructure. Which of the following is MOST likely to be included among the benefits in the project proposal?

  A. Fewer operating system licenses
  B. Better efficiency of logical resources
  C. Reduced hardware footprint
  D. Less memory and storage space
  C. Reduced hardware footprint

  ---

  Explanation