Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 621:

  Which of the following is an example of a preventive control for physical access?

  A. Keeping log entries for all visitors to the building
  B. Implementing a fingerprint-based access control system for the building
  C. Installing closed-circuit television (CCTV) cameras for all ingress and egress points
  D. Implementing a centralized logging server to record instances of staff logging into workstations
  B. Implementing a fingerprint-based access control system for the building

  ---

  Explanation

  A preventive control is a control that aims to deter or prevent undesirable events from occurring. A fingerprint-based access control system for the building is an example of a preventive control for physical access, as it restricts unauthorized persons from entering the premises. Keeping log entries for all visitors to the building, installing CCTV cameras for all ingress and egress points, and implementing a centralized logging server to record instances of staff logging into workstations are examples of detective controls, which are controls that aim to discover or detect undesirable events that have already occurred.

  References: IS Audit and Assurance Tools and Techniques, CISA Certification | Certified Information Systems Auditor | ISACA

• Question 622:

  Which of the following factor is LEAST important in the measurement of critical success factors of productivity in the SDLC phases?

  A. Dollar Spent per use
  B. Number of transactions per month
  C. Number of transactions per user
  D. Number of occurrences of fraud/misuse detection
  D. Number of occurrences of fraud/misuse detection

  ---

  Explanation

  The LEAST is the keyword used in this question, You need to find out a LEAST important factor in the measurement of the productivity.

  For the CISA exam you should know the table below which contains information about measurement of a critical success factor.

  Measurement of Critical Success Factors

  Productivity

  Dollars spent per use

  Number of transactions per month

  Number of transactions per user

  Quality

  Number of discrepancies

  Number of disputes

  Number of occurrences of fraud/misuse detection

  Economic value

  Total processing time reduction

  Momentary value of administration costs

  Customer service

  Turnaround time for customer question handling

  Frequency of useful communication to user.

  The following were incorrect answers:

  The other options presented are more important in the measurement of critical success factor of the productivity.

  CISA review manual 2014 Page number 159

• Question 623:

  Which of the following provides the MOST assurance of the integrity of a firewall log?

  A. The log is reviewed on a monthly basis.
  B. Authorized access is required to view the log.
  C. The log cannot be modified.
  D. The log is retained per policy.
  C. The log cannot be modified.

  ---

  Explanation

  The best way to provide assurance of the integrity of a firewall log is to ensure that the log cannot be modified. A firewall log is a record of the traffic and events that occur at the firewall, which is a device or software that controls and filters the incoming and outgoing network traffic based on predefined rules and policies. The integrity of a firewall log means that the log is accurate, complete, consistent, and valid, and that it has not been altered, deleted, or corrupted by unauthorized or malicious parties. The IS auditor should verify that the firewall log has adequate controls to prevent or detect any modification of the log, such as encryption, hashing, digital signatures, write-once media, or tamper-evident seals. The other options are not as effective as ensuring that the log cannot be modified, because they either do not address the integrity of the log data, or they are monitoring or retention measures rather than preventive or detective controls.

  References: CISA Review Manual (Digital Version)1, Chapter 5, Section 5.2.4

• Question 624:

  An IS auditor discovers a recurring software control process issue that severely impacts the efficiency of a critical business process. Which of the following is the BEST recommendation?

  A. Replace the malfunctioning system.
  B. Determine the compensating controls.
  C. Identify other impacted processes.
  D. Determine the root cause of the issue.
  D. Determine the root cause of the issue.

  ---

  Explanation

• Question 625:

  which of the following is a core functionality of a configuration and release management system?

  A. Managing privileged access to databases servers and infrastructure
  B. Identifying vulnerabilities in configuration settings
  C. Deploying a configuration change to the sandbox environment
  D. Identifying other configuration items that will be impacted by a given change
  D. Identifying other configuration items that will be impacted by a given change

  ---

  Explanation

• Question 626:

  An IS auditor concludes that a local area network's (LAN's) access security is satisfactory. In reviewing the work, the audit manager should:

  A. re-perform some steps of the audit to verify the quality of the work.
  B. verify that the elements of an agreed-upon audit plan have been addressed.
  C. verify user management's agreement with the findings.
  D. assess whether the auditor had the appropriate skills to perform the work.
  B. verify that the elements of an agreed-upon audit plan have been addressed.

  ---

  Explanation

• Question 627:

  A message is being sent with a hash. The risk of an attacker changing the message and generating an authentic hash value can be mitigated by:

  A. requiring the recipient to use a different hash algorithm.
  B. generating hash output that is the same size as the original message.
  C. using a secret key in conjunction with the hash algorithm.
  D. using the sender's public key to encrypt the message.
  C. using a secret key in conjunction with the hash algorithm.

  ---

  Explanation

• Question 628:

  The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:

  A. nonrepudiation.
  B. authorization,
  C. integrity,
  D. authenticity.
  C. integrity,

  ---

  Explanation

• Question 629:

  In which of the following sampling methods is the entire sample considered to be irregular if a single error is found?

  A. Discovery sampling
  B. Variable sampling
  C. Stop-or-go sampling
  D. Judgmental sampling
  A. Discovery sampling

  ---

  Explanation

  The sampling method in which the entire sample is considered to be irregular if a single error is found is discovery sampling. Discovery sampling is a type of statistical sampling that is used to test for the existence of at least one occurrence of a specific characteristic or condition in a population. Discovery sampling is often used when the auditor expects the characteristic or condition to be very rare or nonexistent, and when any occurrence would have a significant impact on the audit objective. For example, discovery sampling can be used to test for fraud, noncompliance, or material misstatement. Discovery sampling works by setting a very low tolerable error rate (the maximum rate of occurrence of the characteristic or condition that the auditor is willing to accept) and a high confidence level (the degree of assurance that the auditor wants to obtain). The auditor then selects a sample from the population using a random or systematic method, and examines each item in the sample for the presence or absence of the characteristic or condition. If no error is found in the sample, the auditor can conclude with a high level of confidence that the characteristic or condition does not exist or is very rare in the population. However, if one or more errors are found in the sample, the auditor cannot draw any conclusion about the population and must either expand the sample size or perform alternative procedures. Discovery sampling differs from other sampling methods in that it does not allow for any errors in the sample. Other sampling methods, such as variable sampling, stop-or-go sampling, or judgmental sampling, can tolerate some errors in the sample and use them to estimate the error rate or amount in the population. However, discovery sampling is designed to test for zero-tolerance situations, where any error would be unacceptable or material. Therefore, discovery sampling considers the entire sample to be irregular if a single error is found.

  References: Audit Sampling - Overview, Purpose, Importance, and Types1 Audit Sampling - What Is It, Methods, Example, Advantage, Reason2 ISA 530: Audit sampling | ICAEW3 Audit Sampling - AICPA4

• Question 630:

  An IS auditor finds that a number of key patches have not been applied in a timely manner due to re-source constraints. Which of the following is the GREATEST risk to the organization in this situation?

  A. Systems may not be supported by the vendor.
  B. Known security vulnerabilities may not be mitigated.
  C. Different systems may not be compatible.
  D. The systems may not meet user requirements.
  B. Known security vulnerabilities may not be mitigated.

  ---

  Explanation