Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 151:

  During a database audit, an IS auditor noted frequent problems due to the growing size of the order tables. Which of the following is the BEST recommendation in this situation?

  A. Develop an archiving approach.
  B. Periodically delete completed orders.
  C. Build more table indices.
  D. Migrate to a different database management system.
  A. Develop an archiving approach.

  ---

  Explanation

• Question 152:

  When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor?

  A. The information security department has difficulty filling vacancies
  B. An information security governance audit was not conducted within the past year
  C. The data center manager has final sign-off on security projects
  D. Information security policies are updated annually
  C. The data center manager has final sign-off on security projects

  ---

  Explanation

  The finding that should be of most concern to an IS auditor when evaluating information security governance within an organization is that the data center manager has final sign-off on security projects. This indicates a lack of segregation of duties and a potential conflict of interest between the operational and security roles. The data center manager may have access to sensitive information or systems that should be protected by security controls, or may influence or override security decisions that are not in the best interest of the organization. This finding also suggests that there is no clear accountability or authority for information security governance at a higher level, such as senior management or board of directors. The other findings are not as concerning as this one, although they may indicate some areas for improvement or monitoring.

  References: ISACA, CISA Review Manual, 27th Edition, chapter 5, section 5.11 ISACA, IT Governance Using COBIT and Val IT: Student Booklet - 2nd Edition4

• Question 153:

  A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?

  A. Using smart cards with one-time passwords
  B. Periodically reviewing log files
  C. Configuring the router as a firewall
  D. Installing biometrics-based authentication
  B. Periodically reviewing log files

  ---

  Explanation

  Periodically reviewing log files is the most effective way to detect intrusion attempts from outside the organization, as they can provide evidence of unauthorized access attempts, source IP addresses, timestamps and other relevant information. Using smart cards with one-time passwords or installing biometrics-based authentication can prevent unauthorized access, but not detect it. Configuring the router as a firewall can block unwanted traffic, but not log it.

  References: ISACA, CISA Review Manual, 27th Edition, 2018, page 361

• Question 154:

  An IS auditor reviewing the acquisition of new equipment would consider which of the following to be a significant weakness?

  A. Staff involved in the evaluation were aware of the vendors being evaluated.
  B. Independent consultants prepared the request for proposal (RFP) documents.
  C. Evaluation criteria were finalized after the initial assessment of responses.
  D. The closing date for responses was extended after a request from potential vendors.
  C. Evaluation criteria were finalized after the initial assessment of responses.

  ---

  Explanation

• Question 155:

  An IS auditor discovered that a firewall has more services than needed. The IS auditor's FIRST recommendation should be to:

  A. ensure logging is turned on.
  B. deploy a network penetration team.
  C. review configurations.
  D. eliminate services except for HTTPS.
  C. review configurations.

  ---

  Explanation

• Question 156:

  An IS auditor conducts a review of a third-party vendor's reporting of key performance indicators (KPIs) Which of the following findings should be of MOST concern to the auditor?

  A. KPI data is not being analyzed
  B. KPIs are not clearly defined
  C. Some KPIs are not documented
  D. KPIs have never been updated
  B. KPIs are not clearly defined

  ---

  Explanation

  KPIs are not clearly defined is the most concerning finding for an IS auditor, because it implies that the third-party vendor does not have a clear understanding of what constitutes success or failure in their performance. This can lead to inaccurate or misleading reporting, poor decision making, and lack of accountability. KPIs should be SMART (specific, measurable, achievable, relevant, and time-bound) and aligned with the business objectives and expectations of the stakeholders12.

  References: 1: CISA Review Manual (Digital Version), Chapter 5, Section 5.3.2 2: CISA Online Review Course, Module 5, Lesson 3

• Question 157:

  Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?

  A. Change management
  B. Problem management
  C. incident management
  D. Configuration management
  B. Problem management

  ---

  Explanation

  Problem management is an IT service management activity that is most likely to help with identifying the root cause of repeated instances of network latency. Problem management involves analyzing incidents that affect IT services and finding solutions to prevent them from recurring or minimize their impact. Change management is an IT service management activity that involves controlling and documenting any modifications to IT services or infrastructure. Incident management is an IT service management activity that involves restoring normal service operation as quickly as possible after an incident has occurred. Configuration management is an IT service management activity that involves identifying and maintaining records of IT assets and their relationships.

  References: ISACA, CISA Review Manual, 27th Edition, 2018, page 334

• Question 158:

  Which of the following is the BEST control to help ensure the completeness of outbound transactions?

  A. Perform edit checks to identify erroneous, unusual, or invalid transactions.
  B. Verify transactions are sequentially numbered in the header record.
  C. Ensure the validity of the recipient ID and use auto-numbered reports.
  D. Maintain a log of the number of messages sent and validate periodically.
  D. Maintain a log of the number of messages sent and validate periodically.

  ---

  Explanation

  Explanation

  Comprehensive and Detailed Step-by-Step

  To ensurecompleteness of outbound transactions, alog with periodic validationis thebest control.

  Option A (Incorrect):Edit checkshelp withdata accuracy, not completeness. Option B (Incorrect):Sequential numberingdetects missing transactions but does not verifyactual transmission.

  Option C (Incorrect):Recipient ID validationis important foraccuracy, not for ensuring all transactions are sent.

  Option D (Correct):Maintaining and validating transaction logsensures thatall outbound transactions are properly accounted for, making it the best completeness control.

  ISACA CISA Review Manual -Domain 3: Information

  Systems Acquisition, Development, and Implementation?Coversdata integrity, completeness controls, and transaction logging.

• Question 159:

  Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?

  A. Number of successful penetration tests
  B. Percentage of protected business applications
  C. Financial impact per security event
  D. Number of security vulnerability patches
  C. Financial impact per security event

  ---

  Explanation

  The best indicator of the effectiveness of an organization's incident response program is the financial impact per security event. This metric measures the direct and indirect costs associated with security incidents, such as loss of revenue, reputation damage, legal fees, recovery expenses, and fines. By reducing the financial impact per security event, the organization can demonstrate that its incident response program is effective in mitigating the consequences of security breaches and restoring normal operations as quickly as possible. Number of successful penetration tests, percentage of protected business applications, and number of security vulnerability patches are indicators of the security posture of the organization, but they do not reflect the effectiveness of the incident response program.

  References: ISACA Journal Article: Measuring Incident Response Effectiveness

• Question 160:

  An IS auditor is reviewing an enterprise database platform. The review involves statistical methods. Benford analysis, and duplicate checks. Which of the following computer-assisted audit technique (CAAT) tools would be MOST useful for this review''

  A. Continuous and intermittent simulation (CIS)
  B. Generalized audit software (GAS)
  C. Audit hooks
  D. Integrated test facility (ITF)
  B. Generalized audit software (GAS)

  ---

  Explanation