Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 191:

  Which of the following provides the MOST reliable method of preventing unauthonzed logon?

  A. issuing authentication tokens
  B. Reinforcing current security policies
  C. Limiting after-hours usage
  D. Installing an automatic password generator
  A. issuing authentication tokens

  ---

  Explanation

  Issuing authentication tokens is the most reliable method of preventing unauthorized logon, as it provides a strong form of authentication that requires users to present something they have (the token) and something they know (the personal identification number or PIN) to access the system. Authentication tokens are physical devices that generate a one-time password or code that changes periodically and is synchronized with the authentication server. This makes it difficult for attackers to steal or guess the credentials of legitimate users. Reinforcing current security policies, limiting after-hours usage and installing an automatic password generator are not as reliable as issuing authentication tokens, as they do not provide a strong form of authentication and may still be vulnerable to unauthorized logon attempts.

  References: : [Authentication Token Definition] : Authentication | ISACA

• Question 192:

  Which type of threat can utilize a large group of automated social media accounts to steal data, send spam, or launch distributed denial of service (DDoS) attacks?

  A. Botnet attack
  B. Data mining
  C. Phishing attempt
  D. Malware sharing
  A. Botnet attack

  ---

  Explanation

• Question 193:

  An IS auditor is asked to provide feedback on the systems options analysis for a new project. The BEST course of action for the IS auditor would be to:

  A. Identify the best alternative.
  B. Retain comments as findings for the audit report.
  C. Comment on the criteria used to assess the alternatives.
  D. Request at least one other alternative.
  C. Comment on the criteria used to assess the alternatives.

  ---

  Explanation

  Explanation

• Question 194:

  An IS auditor previously worked in an organization s IT department and was involved with the design of the business continuity plan (BCP). The IS auditor has now been asked to review this same BCP. The auditor should FIRST.

  A. document the conflict in the audit report.
  B. decline the audit assignment.
  C. communicate the conflict of interest to the audit manager prior to starting the assignment.
  D. communicate the conflict of interest to the audit committee prior to starting the assignment
  D. communicate the conflict of interest to the audit committee prior to starting the assignment

  ---

  Explanation

• Question 195:

  Which of the following is MOST important to define within a disaster recovery plan (DRP)?

  A. Business continuity plan (BCP)
  B. Test results for backup data restoration
  C. A comprehensive list of disaster recovery scenarios and priorities
  D. Roles and responsibilities for recovery team members
  D. Roles and responsibilities for recovery team members

  ---

  Explanation

  The most important thing to define within a disaster recovery plan (DRP) is the roles and responsibilities for recovery team members, as this ensures that everyone knows what to do, who to report to, and how to communicate in the event of a disaster. A business continuity plan (BCP) is a broader document that covers the overall strategy and objectives for maintaining or resuming business operations after a disaster. Test results for backup data restoration are important to verify the integrity and availability of backup data, but they are not part of the DRP itself. A comprehensive list of disaster recovery scenarios and priorities is useful to identify the potential risks and impacts of different types of disasters, but it is not as critical as defining the roles and responsibilities for recovery team members.

  References: CISA Review Manual (Digital Version), Chapter 4: Information Systems Operations, Maintenance and Service Management, Section 4.3: Disaster Recovery Planning

• Question 196:

  Which of the following would lead an IS auditor to conclude that the evidence collected during a digital forensic investigation would not be admissible in court?

  A. The person who collected the evidence is not qualified to represent the case.
  B. The logs failed to identify the person handling the evidence.
  C. The evidence was collected by the internal forensics team.
  D. The evidence was not fully backed up using a cloud-based solution prior to the trial.
  B. The logs failed to identify the person handling the evidence.

  ---

  Explanation

  The evidence collected during a digital forensic investigation would not be admissible in court if the logs failed to identify the person handling the evidence. This would violate the chain of custody principle, which requires that the evidence be properly documented, secured, and tracked throughout the investigation process. The chain of custody ensures that the evidence is authentic, reliable, and trustworthy, and that it has not been tampered with or altered. The person who collected the evidence, whether qualified or not, is not relevant to the admissibility of the evidence, as long as they followed the proper procedures and protocols. The evidence collected by the internal forensics team can be admissible in court, as long as they are independent, objective, and competent. The evidence does not need to be fully backed up using a cloud-based solution prior to the trial, as long as it is preserved and protected from damage or loss.

  References: ISACA Journal Article: Digital Forensics: Chain of Custody

• Question 197:

  Which of the following would be MOST critical for an IS auditor to look for when evaluating fire precautions in a manned data center located in the upper floor of a multi-story building?

  A. Existence of handheld fire extinguishers in highly visible locations
  B. Documentation of regular inspections by the local fire department
  C. Adequacy of the HVAC system throughout the facility
  D. Documentation of tested emergency evacuation plans
  D. Documentation of tested emergency evacuation plans

  ---

  Explanation

• Question 198:

  A small organization is experiencing rapid growth and plans to create a new information security policy. Which of the following is MOST relevant to creating the policy?

  A. Business objectives
  B. Business impact analysis (BIA)
  C. Enterprise architecture (EA)
  D. Recent incident trends
  A. Business objectives

  ---

  Explanation

• Question 199:

  Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

  A. Write access to production program libraries
  B. Write access to development data libraries
  C. Execute access to production program libraries
  D. Execute access to development program libraries
  A. Write access to production program libraries

  ---

  Explanation

  Write access to production program libraries presents the greatest risk when granted to a new member of the system development staff. Production program libraries contain executable code that runs on live systems and supports critical business functions. Write access allows a user to modify or delete existing programs, or add new programs to the library. If a user were to make unauthorized or erroneous changes to production programs, it could cause serious disruptions, errors, or security breaches in the organization's operations. Therefore, write access to production program libraries should be restricted to authorized personnel only, and subject to strict change management controls.

• Question 200:

  Which of the following access control situations represents the MOST serious control weakness?

  A. Computer operators have access to system level flowcharts.
  B. Programmers have access to development hardware.
  C. End users have access to program development tools.
  D. System developers have access to production data.
  C. End users have access to program development tools.

  ---

  Explanation