Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 201:

  An organization is in the process of deciding whether to allow a bring your own device (BYOD) program. If approved, which of the following should be the FIRST control required before implementation?

  A. Device baseline configurations
  B. Device registration
  C. An acceptable use policy
  D. An awareness program
  B. Device registration

  ---

  Explanation

• Question 202:

  As part of the architecture of virtualized environments, in a bare metal or native visualization the hypervisor runs without:

  A. a host operating system.
  B. a guest operating system.
  C. any applications on the guest operating system.
  D. any applications on the host operating system.
  A. a host operating system.

  ---

  Explanation

  In a bare metal or native virtualization, the hypervisor runs without a host operating system. A hypervisor, also known as a virtual machine monitor or VMM, is a type of virtualization software that supports the creation and management of virtual machines (VMs) by separating a computer's software from its hardware. A bare metal hypervisor, also called a Type I or Native hypervisor, is virtualization software that runs on host machine hardware directly, without requiring an underlying operating system12. This means that the bare metal hypervisor is the host or the operating system (OS) of the hardware1. A guest operating system is an operating system that runs inside a virtual machine, on top of the hypervisor. A bare metal hypervisor can run multiple guest operating systems simultaneously, each with its own applications and resources. A guest operating system is not required for a bare metal hypervisor to run, but it is necessary for running applications on the virtual machine13. Applications are software programs that perform specific tasks or functions for users. Applications can run on either the host operating system or the guest operating system, depending on the type of virtualization. In a bare metal virtualization, applications can run on the guest operating system, but not on the host operating system, since there is no host operating system. However, applications are not essential for a bare metal hypervisor to run, as they are only used by the users of the virtual machines

• Question 203:

  To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?

  A. Review IT staff job descriptions for alignment
  B. Develop quarterly training for each IT staff member.
  C. Identify required IT skill sets that support key business processes
  D. Include strategic objectives m IT staff performance objectives
  C. Identify required IT skill sets that support key business processes

  ---

  Explanation

  Identifying required IT skill sets that support key business processes is the first step to enable the alignment of IT staff development plans with IT strategy. An IT strategy is a plan that defines how IT will support the organization's goals and objectives. Identifying required IT skill sets means determining the knowledge, abilities, and competencies that IT staff need to perform their roles and responsibilities effectively and efficiently. This can help to align IT staff development plans with IT strategy, as well as to identify and address any skill gaps or needs within the IT workforce. The other options are not the first steps to enable alignment, but rather possible subsequent actions that may depend on the required IT skill sets.

  References: CISA Review Manual (Digital Version), Chapter 5, Section 5.11 CISA Review Questions, Answers and Explanations Database, Question ID 229

• Question 204:

  A post-implementation review of a system implementation has identified that the defined objectives were changed several times without the approval of the project board. What should the IS auditor do NEXT?

  A. Notify the project sponsor and request that the project be reopened.
  B. Ask management to obtain retrospective approvals.
  C. Notify the project management office and raise a finding.
  D. Determine whether the revised objectives are appropriate.
  D. Determine whether the revised objectives are appropriate.

  ---

  Explanation

• Question 205:

  Documentation of workaround processes to keep a business function operational during recovery of IT systems is a core part of a:

  A. business impact analysis (BIA).
  B. threat and risk assessment.
  C. business continuity plan (BCP).
  D. disaster recovery plan (DRP).
  C. business continuity plan (BCP).

  ---

  Explanation

  A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster1. A core part of

  a BCP is the documentation of workaround processes to keep a business function operational during recovery of IT systems. Workaround processes are alternative methods or procedures that can be used to perform a business function

  when the normal IT systems are unavailable or disrupted2. For example, if an online payment system is down, a workaround process could be to accept manual payments or use a backup system. Workaround processes help to minimize the

  impact of IT disruptions on the business operations and ensure continuity of service to customers and stakeholders3.

  References:

  1 explains what is a business continuity plan and why it is important. 2 defines what is a workaround process and how it can be used in a BCP. 3 provides examples of workaround processes for different business functions.

• Question 206:

  An application used at a financial services organization transmits confidential customer data to downstream applications using a batch process. Which of the following controls would protect this information?

  A. Header record with timestamp
  B. Record count
  C. Control file
  D. Secure File Transfer Protocol (SFTP)
  D. Secure File Transfer Protocol (SFTP)

  ---

  Explanation

• Question 207:

  Which of the following method of expressing knowledge base consist of a graph in which nodes represent physical or conceptual objects and the arcs describes the relationship between nodes?

  A. Decision tree
  B. Rules
  C. Semantic nets
  D. Knowledge interface
  C. Semantic nets

  ---

  Explanation

  Semantic nets consist of a graph in which the node represent physical or conceptual object and the arcs describe the relationship between the nodes.

  For CISA Exam you should know below information about Artificial Intelligence and Expert System

  Artificial intelligence is the study and application of the principles by which:

  Knowledge is acquired and used

  Goals are generated and achieved

  Information is communicated

  Collaboration is achieved

  Concepts are formed

  Languages are developed

  Two main programming languages that have been developed for artificial intelligence are LISP and PROLOG.

  Expert system are compromised primary components, called shells, when they are not populated with particular data, and the shells are designed to host new expert system.

  Keys to the system is the knowledge base (KB), which contains specific information or fact patterns associated with a particular subject matter and the rule for interpreting these facts. The KB interface with a database in obtaining data to

  analyze a particular problem in deriving an expert conclusion. The information in the KB can be expressed in several ways:

  Decision Tree ?Using questionnaires to lead the user through a series of choices, until a conclusion is reached. Flexibility is compromised because the user must answer the questions in an exact sequence.

  Rule ?Expressing declarative knowledge through the use of if-then relationships. For example, if a patient's body temperature is over 39 degrees Celsius and their pulse is under 60, then they might be suffering from a certain disease.

  Semantic nets ?Consist of a graph in which the node represent physical or conceptual object and the arcs describe the relationship between the nodes. Semantic nets resemble a data flow diagram and make use of an inheritance mechanism

  to prevent duplication of a data.

  Additionally, the inference engine shown is a program that uses the KB and determines the most appropriate outcome based on the information supplied by the user. In addition, an expert system includes the following components

  Knowledge interface ?Allows the expert to enter knowledge into the system without the traditional mediation of a software engineer.

  Data Interface ?Enables the expert system to collect data from nonhuman sources, such as measurement instruments in a power plant.

  The following were incorrect answers:

  Decision Tree ?Using questionnaires to lead the user through a series of choices, until a conclusion is reached. Flexibility is compromised because the user must answer the questions in an exact sequence.

  Rule ?Expressing declarative knowledge through the use of if-then relationships.

  Semantic nets - Semantic nets consist of a graph in which the node represent physical or conceptual object and the arcs describe the relationship between the nodes.

  CISA review manual 2014 Page number 187

• Question 208:

  An organization's business continuity plan (BCP) should be:

  A. updated before an independent audit review.
  B. tested after an intrusion attempt into the organization's hot site.
  C. tested whenever new applications are implemented.
  D. updated based on changes to personnel and environments.
  D. updated based on changes to personnel and environments.

  ---

  Explanation

  A BCP must stay current with organizational changes to ensure its effectiveness during a disruption. Personnel changes and environmental updates are directly relevant to how the BCP would be executed.

  References:

  ISACA CISA Review Manual (Current Edition) - Chapter on Business Continuity and Disaster Recovery

  Industry Standards (e.g., ISO 22301, NIST SP 800-34) - Guidelines for maintaining and updating a Business Continuity Plan

• Question 209:

  Which of the following is MOST important for an IS auditor to review when evaluating the effectiveness of an organization's incident response process?

  A. Past incident response actions
  B. Incident response staff experience and qualifications
  C. Results from management testing of incident response procedures
  D. Incident response roles and responsibilities
  C. Results from management testing of incident response procedures

  ---

  Explanation

• Question 210:

  Which of the following is the BEST method for converting system-generated log files into a format suitable for data analysis?

  A. Extraction
  B. Data acquisition
  C. Imaging
  D. Normalization
  D. Normalization

  ---

  Explanation

  Comprehensive and Detailed Step-by-Step

  Normalizationis the process ofstructuring log datainto a standard format for easy analysis and correlation across multiple systems.

  Normalization (Correct Answer ?D)

  Extraction (Incorrect ?A)

  Data Acquisition (Incorrect ?B)

  Imaging (Incorrect ?C)

  References:

  ISACA CISA Review Manual

  NIST 800-92 (Guide to Computer Security Log Management)