Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 1861:

  Which of the following should be reviewed FIRST when assessing the effectiveness of an organization's network security procedures and controls?

  A. Data recovery capability
  B. Inventory of authorized devices
  C. Vulnerability remediation
  D. Malware defenses
  B. Inventory of authorized devices

  ---

  Explanation

• Question 1862:

  An IS auditor is reviewing logical access controls for an organization's financial business application Which of the following findings should be of GREATEST concern to the auditor?

  A. Users are not required to change their passwords on a regular basis
  B. Management does not review application user activity logs
  C. User accounts are shared between users
  D. Password length is set to eight characters
  C. User accounts are shared between users

  ---

  Explanation

  The finding that should be of greatest concern to the IS auditor is that user accounts are shared between users. User accounts are unique identifiers that grant access to an organization's financial business application based on the roles and responsibilities of the users. User accounts should be individualized and personalized to ensure accountability, traceability, and auditability of user actions and transactions. User accounts should not be shared between users, because this can compromise the confidentiality, integrity, and availability of the financial data and systems, and can enable unauthorized or fraudulent activities. If user accounts are shared between users, the IS auditor may not be able to determine who performed what action or transaction, or whether the user had the appropriate authorization or approval. The other findings are also concerning, but not as much as user account sharing, because they either affect the password strength or frequency rather than the user identity, or they relate to monitoring rather than controlling user access.

  References: CISA Review Manual (Digital Version)1, Chapter 5, Section 5.2.2

• Question 1863:

  Which of the following is MOST important when planning a network audit?

  A. Determination of IP range in use
  B. Analysis of traffic content
  C. Isolation of rogue access points
  D. Identification of existing nodes
  D. Identification of existing nodes

  ---

  Explanation

  The most important factor when planning a network audit is to identify the existing nodes on the network. Nodes are devices or systems that are connected to the network and can communicate with each other. Nodes can include servers,

  workstations, routers, switches, firewalls, printers, scanners, cameras, etc. Identifying the existing nodes on the network will help the auditor to determine the scope, objectives, and methodology of the audit. It will also help the auditor to

  assess the network topology, architecture, performance, security, and compliance.

  References:

  CISA Review Manual (Digital Version)

  CISA Questions, Answers and Explanations Database

• Question 1864:

  Management has agreed to perform multiple remediation actions in response to an audit issue, including the implementation of a new control. Which of the following is the BEST time for an IS auditor to perform an audit follow-up of this issue?

  A. After management has completed the required actions
  B. When audit resources are available
  C. When management resources are available
  D. After the new control has been in place for one year
  A. After management has completed the required actions

  ---

  Explanation

• Question 1865:

  Which of the following observations should be of GREATEST concern to an IS auditor reviewing an organization's enterprise architecture (EA) program?

  A. The architecture review board is chaired by the CIO
  B. IT application owners have sole responsibility for architecture approval
  C. The EA program governs projects that are not IT-related
  D. Information security requirements are reviewed by the EA program
  B. IT application owners have sole responsibility for architecture approval

  ---

  Explanation

  IT application owners having sole responsibility for architecture approval (B) is a major concern because it indicates a lack of oversight and segregation of duties.EA decisions should be reviewed by a cross-functional governance body to

  ensure alignment with security, compliance, and business objectives.

  Other options:

  The CIO chairing the review board (A)may indicate centralized leadership but is not inherently a risk.

  EA governing non-IT projects (C)may indicate scope expansion but is not a security risk. Security requirements being reviewed (D)is a best practice and not a concern.

  ISACA CISA Review Manual, IT Governance and

  Management of IT

• Question 1866:

  Which of the following evidence-gathering techniques will provide the GREATEST assurance that procedures are understood and practiced?

  A. Survey end users.
  B. Review procedures for alignment to policies.
  C. Interview process owners.
  D. Observe processes.
  D. Observe processes.

  ---

  Explanation

• Question 1867:

  Which of the following is the BEST disposal method for flash drives that previously stored confidential data?

  A. Destruction
  B. Degaussing
  C. Cryptographic erasure
  D. Overwriting
  A. Destruction

  ---

  Explanation

• Question 1868:

  Which of the following BEST indicates an effective internal audit quality assurance and improvement program?

  A. Oversight of the improvement program by senior management
  B. An improved internal audit charter
  C. A scope that focuses on high-risk audit engagements
  D. Identification of opportunities for continuous improvement
  D. Identification of opportunities for continuous improvement

  ---

  Explanation

  Explanation

• Question 1869:

  Which of the following software development methods is based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams?

  A. Agile Development
  B. Software prototyping
  C. Rapid application development
  D. Component based development
  A. Agile Development

  ---

  Explanation

  For your exam you should know below information about agile development:

  Agile software development is a group of software development methods based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organizing, cross-functional teams. It promotes adaptive planning, evolutionary development and delivery, a time-boxed iterative approach, and encourages rapid and flexible response to change. It is a conceptual framework that promotes foreseen tight iterations throughout the development cycle.

  Agile Development

  

  The Agile Manifesto introduced the term in 2001. Since then, the Agile Movement, with all its values, principles, methods, practices, tools, champions and practitioners, philosophies and cultures, has significantly changed the landscape of the

  modern software engineering and commercial software development in the Internet era.

  Agile principles

  The Agile Manifesto is based on twelve principles:

  Customer satisfaction by rapid delivery of useful software

  Welcome changing requirements, even late in development

  Working software is delivered frequently (weeks rather than months)

  Close, daily cooperation between business people and developers

  Projects are built around motivated individuals, who should be trusted

  Face-to-face conversation is the best form of communication (co-location)

  Working software is the principal measure of progress

  Sustainable development, able to maintain a constant pace

  Continuous attention to technical excellence and good design

  Simplicity--the art of maximizing the amount of work not done--is essential

  Self-organizing teams

  Regular adaptation to changing circumstances

  What is Scrum?

  Scrum is the most popular way of introducing Agility due to its simplicity and flexibility. Because of this popularity, many organizations claim to be "doing Scrum" but aren't doing anything close to Scrum's actual definition. Scrum emphasizes

  empirical feedback, team self-management, and striving to build properly tested product increments within short iterations. Doing Scrum as it's actually defined usually comes into conflict with existing habits at established non-Agile

  organizations.

  The following were incorrect answers:

  Software prototyping- Software prototyping, refers to the activity of creating prototypes of software applications, i.e., incomplete versions of the software program being developed. It is an activity that can occur in software development and is

  comparable to prototyping as known from other fields, such as mechanical engineering or manufacturing.

  Rapid application development (RAD) is a software development methodology that uses minimal planning in favor of rapid prototyping. The "planning" of software developed using RAD is interleaved with writing the software itself. The lack of

  extensive per-planning generally allows software to be written much faster, and makes it easier to change requirements.

  Component Based Development - It is a reuse-based approach to defining, implementing and composing loosely coupled independent components into systems. This practice aims to bring about an equally wide-ranging degree of benefits in

  both the short-term and the long-term for the software itself and for organizations that sponsor such software.

  CISA review manual 2014 Page number 194

• Question 1870:

  An organization plans to replace its nightly batch processing backup to magnetic tape with real-time replication to a second data center. Which of the following is the GREATEST risk associated with this change?

  A. Version control issues
  B. Reduced system performance
  C. Inability to recover from cybersecurity attacks
  D. Increase in IT investment cost
  C. Inability to recover from cybersecurity attacks

  ---

  Explanation

  Real-time replication to a second data center means that any changes made to the primary data center are immediately copied to the secondary data center. This can improve data availability and performance, but also introduces the risk of propagating malicious or erroneous changes to the backup data center. If a cybersecurity attack compromises the primary data center, it may also affect the secondary data center, making it difficult or impossible to recover from the attack using the replicated data. Therefore, option C is the greatest risk associated with this change. Option A is not correct because version control issues are more likely to occur with batch processing backup, which may create inconsistencies between different versions of the data. Option B is not correct because real-time replication may reduce system performance at the primary data center, but it may also improve system performance at the secondary data center by reducing latency and network traffic. Option D is not correct because although real-time replication may increase IT investment cost, this is not a risk but a trade- off that the organization has to consider.

  References: Data Replication: The Basics, Risks, and Best Practices1 Best Practices for Data Replication Between Data Centers2 The Good, Bad, and Ugly of Data Replication3