Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 1801:

  An IS auditor reviewing a checkpoint/restart procedure should be MOST concerned if it is applied after:

  A. an incremental data backup is performed.
  B. a temporary hardware failure.
  C. power loss to the data center.
  D. an incorrect version of the program is executed.
  D. an incorrect version of the program is executed.

  ---

  Explanation

• Question 1802:

  An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?

  A. System event correlation report
  B. Database log
  C. Change log
  D. Security incident and event management (SIEM) report
  C. Change log

  ---

  Explanation

  A change log is a record of all changes made to a system or application, including the date, time, description, and approval of each change. A change log can help an IS auditor to trace the source and authorization of a modification to a system's security settings. A system event correlation report is a tool that analyzes data from multiple sources to identify patterns and anomalies that indicate potential security incidents. A database log is a record of all transactions and activities performed on a database, such as queries, updates, and backups. A security incident and event management (SIEM) report is a tool that collects, analyzes, and reports on data from various sources to detect and respond to security incidents.

• Question 1803:

  Which of the following is the MOST effective way to minimize the risk of a SQL injection attack?

  A. Reconfiguring content filtering settings
  B. Performing activity monitoring
  C. Using secure coding practices
  D. Implementing an intrusion detection tool
  C. Using secure coding practices

  ---

  Explanation

• Question 1804:

  Which of the following demonstrates the use of data analytics for a loan origination process?

  A. Evaluating whether loan records are included in the batch file and are validated by the servicing system
  B. Comparing a population of loans input in the origination system to loans booked on the servicing system
  C. Validating whether reconciliations between the two systems are performed and discrepancies are investigated
  D. Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure
  B. Comparing a population of loans input in the origination system to loans booked on the servicing system

  ---

  Explanation

  Data analytics can be used to compare data from different sources and identify any discrepancies or anomalies. In this case, comparing a population of loans input in the origination system to loans booked on the servicing system can help detect any errors or frauds in the loan origination process. The other options are not examples of data analytics, but rather controls for data integrity, reconciliation, and error handling.

  References: CISA Review Manual (Digital Version), Chapter 3, Section 3.3.2

• Question 1805:

  Which of the following should an IS auditor be MOST concerned with when a system uses RFID?

  A. Scalability
  B. Maintainability
  C. Nonrepudiation
  D. Privacy
  D. Privacy

  ---

  Explanation

• Question 1806:

  An IS auditor is reviewing an organization's incident management processes and procedures. Which of the following observations should be the auditor's GREATEST concern?

  A. Ineffective post-incident review
  B. Ineffective incident prioritization
  C. Ineffective incident detection
  D. Ineffective incident classification
  C. Ineffective incident detection

  ---

  Explanation

• Question 1807:

  Which of the following technologies has the SMALLEST maximum range for data transmission between devices?

  A. Wi-Fi
  B. Bluetooth
  C. Long-term evolution (LTE)
  D. Near-field communication (NFC)
  D. Near-field communication (NFC)

  ---

  Explanation

  The technology that has the smallest maximum range for data transmission between devices is near-field communication (NFC). NFC is a short-range wireless technology that enables two devices to communicate when they are in close proximity, usually within a few centimeters. NFC is commonly used for contactless payments, smart cards, and device pairing. According to the Bluetooth?Technology Website1, the effective range of NFC is less than a meter, while the other technologies have much longer ranges. Wi-Fi can reach up to 100 meters indoors and 300 meters outdoors2. Bluetooth can reach up to 800 feet with Bluetooth 5.0 specification3. Long-term evolution (LTE) can reach up to several kilometers depending on the cell tower and the device4.

  References:

  5: What is Wi-Fi? - Definition from WhatIs.com

  6: Understanding Bluetooth Range | Bluetooth?Technology Website

  7: What is Bluetooth Range? What You Need to Know

  8: How far can LTE signals travel? - Quora

• Question 1808:

  An effective implementation of security roles and responsibilities is BEST evidenced across an enterprise when:

  A. operational activities are aligned with policies.
  B. policies are signed off by users.
  C. policies are rolled out and disseminated.
  D. reviews and updates of policies are regularly performed.
  A. operational activities are aligned with policies.

  ---

  Explanation

• Question 1809:

  Which of the following is the BEST review for an IS auditor to conduct when a vulnerability has been exploited by an employee?

  A. Compliance audit
  B. Application security testing
  C. Forensic audit
  D. Penetration testing
  C. Forensic audit

  ---

  Explanation

  Comprehensive and Detailed Step-by-Step

  When an employee exploits avulnerability, the most appropriate audit is aforensic audit, as it focuses oninvestigating and documenting security incidentsfor legal or disciplinary action. Option A (Incorrect):Acompliance auditensures adherence

  to policies but does not investigate incidents in detail.

  Option B (Incorrect):Application security testinghelps identify vulnerabilities but does not addressemployee misuse.

  Option C (Correct):Aforensic auditgathersdigital evidence, determines how the exploit occurred, and ensures legal compliance in the investigation. Option D (Incorrect):Penetration testingidentifies weaknesses but does notanalyze past

  incidents.

  ISACA CISA Review Manual -Domain 5: Protection of Information Assets?Covers forensic investigations, digital evidence collection, and security incident response.

• Question 1810:

  A technology service organization has recently acquired a new subsidiary. What should be the IS auditor's NEXT course of action when considering the impact on the development of the IT audit plan?

  A. Review the revised business impact analysis (BIA).
  B. Proceed with the current audit plan.
  C. Perform a risk assessment.
  D. Include the new systems in the audit plan.
  C. Perform a risk assessment.

  ---

  Explanation