Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 1721:

  An organization is concerned with meeting new regulations for protecting data confidentiality and asks an IS auditor to evaluate their procedures for transporting data. Which of the following would BEST support the organization's objectives?

  A. Cryptographic hashes
  B. Virtual local area network (VLAN)
  C. Encryption
  D. Dedicated lines
  C. Encryption

  ---

  Explanation

  The best option to support the organization's objectives of protecting data confidentiality while transporting data is encryption. Encryption is a process of transforming data into an unreadable form using a secret key or algorithm, so that only authorized parties can access the original data. Encryption protects the confidentiality of data in transit by preventing unauthorized interception, modification, or disclosure of the data. Encryption can also help comply with data privacy and security regulations, such as the GDPR and HIPAA. The other options are not as effective as encryption in protecting data confidentiality while transporting data. Cryptographic hashes are mathematical functions that generate a fixed- length output from an input, but they do not encrypt the data. Hashes are used to verify the integrity and authenticity of data, but they do not prevent unauthorized access to the data. Virtual local area network (VLAN) is a logical grouping of network devices that share the same broadcast domain, but they do not encrypt the data. VLANs can improve network performance and security by isolating traffic, but they do not protect the data from being intercepted or modified by external attackers. Dedicated lines are physical connections that provide exclusive access to a network or service, but they do not encrypt the data. Dedicated lines can offer higher bandwidth and reliability, but they do not guarantee the confidentiality of the data from being compromised by physical tampering or eavesdropping.

  References: ISACA, CISA Review Manual, 27th Edition, 2019, p. 2471 ISACA, CISA Review Questions, Answers and Explanations Database - 12 Month Subscription2 Data Security and Confidentiality Guidelines - Centers for Disease Control and Prevention3 Information Security | Confidentiality - GeeksforGeeks4

• Question 1722:

  Which of the following should be the FIRST step in the incident response process for a suspected breach?

  A. Inform potentially affected customers of the security breach
  B. Notify business management of the security breach.
  C. Research the validity of the alerted breach
  D. Engage a third party to independently evaluate the alerted breach.
  C. Research the validity of the alerted breach

  ---

  Explanation

  The first step in the incident response process for a suspected breach is to research the validity of the alerted breach. An incident response process is a set of procedures that defines how to handle security incidents in a timely and effective manner. The first step in this process is to research the validity of the alerted breach, which means to verify whether the alert is genuine or false positive, to determine the scope and impact of the incident, and to gather relevant information for further analysis and action. Informing potentially affected customers of the security breach, notifying business management of the security breach, and engaging a third party to independently evaluate the alerted breach are also steps in the

  incident response process, but they are not the first step.

  References:

  CISA Review Manual, 27th Edition, page 4251

  CISA Review Questions, Answers and Explanations Database - 12 Month Subscription

• Question 1723:

  Which of the following is the BEST recommendation by an IS auditor to prevent unauthorized access to Internet of Things (loT) devices'?

  A. loT devices should only be accessible from the host network.
  B. loT devices should log and alert on access attempts.
  C. IoT devices should require identification and authentication.
  D. loT devices should monitor the use of device system accounts.
  C. IoT devices should require identification and authentication.

  ---

  Explanation

• Question 1724:

  Which of the following should an IS auditor be MOST concerned with during a post- implementation review?

  A. The system does not have a maintenance plan.
  B. The system contains several minor defects.
  C. The system deployment was delayed by three weeks.
  D. The system was over budget by 15%.
  A. The system does not have a maintenance plan.

  ---

  Explanation

  A post-implementation review (PIR) is an assessment conducted at the end of a project cycle to determine if the project was indeed successful and to identify any existing flaws in the project1. One of the main objectives of a PIR is to evaluate the outcome and functional value of a project1. Therefore, an IS auditor should be most concerned with whether the system meets the intended requirements and delivers the expected benefits to the stakeholders. A system that does not have a maintenance plan is a major risk, as it may not be able to cope with changing needs, fix errors, or prevent security breaches. A maintenance plan is essential for ensuring the system's reliability, availability, and performance in the long term2. The other options are less critical for a PIR, as they are more related to the project management aspects than the system quality aspects. The system may contain several minor defects that do not affect its functionality or usability, and these can be resolved in future updates. The system deployment may be delayed by three weeks due to unforeseen circumstances or dependencies, but this does not necessarily mean that the system is faulty or ineffective. The system may be over budget by 15% due to various factors such as scope creep, resource constraints, or market fluctuations, but this does not imply that the system is not valuable or beneficial.

  References: 1: Post-Implementation Review Best Practices - MetaPM 2: What is Post- Implementation Review in Project Management?

• Question 1725:

  Which of the following controls BEST ensures appropriate segregation of dudes within an accounts payable department?

  A. Ensuring that audit trails exist for transactions
  B. Restricting access to update programs to accounts payable staff only
  C. Including the creator's user ID as a field in every transaction record created
  D. Restricting program functionality according to user security profiles
  D. Restricting program functionality according to user security profiles

  ---

  Explanation

  Restricting program functionality according to user security profiles is the best control for ensuring appropriate segregation of duties within an accounts payable department. An IS auditor should verify that the access rights and permissions of the accounts payable staff are based on their roles and responsibilities, and that they are not able to perform incompatible or conflicting functions such as creating, approving, or paying invoices. This will help to prevent fraud, errors, or abuse of authority within the accounts payable process. The other options are less effective controls for ensuring segregation of duties, as they may involve audit trails, access restrictions, or user identification.

  References: CISA Review Manual (Digital Version), Chapter 6, Section 6.31 CISA Review Questions, Answers and Explanations Database, Question ID 223

• Question 1726:

  Which of the following should be done FIRST following an incident that has caused internal servers to be inaccessible, disrupting normal business operations?

  A. Document the servers' dates, times, and locations, as well as the individual who last used them
  B. Make a bit-level copy of the affected servers and calculate the hash value of the copy.
  C. Copy all key directories and files on the affected servers and generate the hash value of the copy.
  D. Unplug all power cables immediately to prevent further actions of the attacker on the servers.
  B. Make a bit-level copy of the affected servers and calculate the hash value of the copy.

  ---

  Explanation

• Question 1727:

  Which of the following should an IS auditor recommend be done FIRST when an organization is planning to implement an IT compliance program?

  A. Identify staff training needs related to compliance requirements.
  B. Analyze historical compliance-related audit findings.
  C. Research and purchase an industry-recognized IT compliance tool
  D. Identify applicable laws, regulations, and standards.
  D. Identify applicable laws, regulations, and standards.

  ---

  Explanation

• Question 1728:

  A third-party service provider is hosting a private cloud for an organization. Which of the following findings during an audit of the provider poses the GREATEST risk to the organization?

  A. 2% of backups had to be rescheduled due to backup media failures.
  B. The organization's virtual machines share the same hypervisor with virtual machines of other clients.
  C. Two different hypervisor versions are used due to the compatibility restrictions of some virtual machines.
  D. 5% of detected incidents exceeded the defined service level agreement (SLA) for escalation.
  B. The organization's virtual machines share the same hypervisor with virtual machines of other clients.

  ---

  Explanation

• Question 1729:

  During a review of IT service desk practices, an IS auditor notes that help desk personnel are spending more time fulfilling user requests (or password resets than resolving critical incidents. Which of the following recommendations to IT management would BEST address this situation?

  A. Implement a self-service solution and redirect users to access frequently requested services.
  B. Incentivize service desk personnel to close incidents within agreed service levels.
  C. Calculate the age of incident tickets and alert senior IT personnel when they exceed service level agreements (SLAs).
  D. Provide annual password management training to end users to reduce the number of instances requiring password resets.
  A. Implement a self-service solution and redirect users to access frequently requested services.

  ---

  Explanation

• Question 1730:

  An IS auditor is reviewing an organization's sales and purchasing system due to ongoing data quality issues. An analysis of which of the following would provide the MOST useful information to determine the revenue loss?

  A. Correlation between the number of issues and average downtime
  B. Cost of implementing data validation controls within the system
  C. Comparison of the cost of data acquisition and loss in sales revenue
  D. Correlation between data errors and loss in value of transactions
  D. Correlation between data errors and loss in value of transactions

  ---

  Explanation