Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 861:

  Which of the following is the GREATEST risk of project dashboards being set without sufficiently defined criteria?

  A. Adverse findings from internal and external auditors
  B. Lack of project portfolio status oversight
  C. Lack of alignment of project status reports
  D. Inadequate decision-making and prioritization
  D. Inadequate decision-making and prioritization

  ---

  Explanation

• Question 862:

  In an online application which of the following would provide the MOST information about the transaction audit trail?

  A. File layouts
  B. Data architecture
  C. System/process flowchart
  D. Source code documentation
  C. System/process flowchart

  ---

  Explanation

  The most information about the transaction audit trail in an online application can be obtained by reviewing the system/process flowchart. A system/process flowchart is a diagram that illustrates the sequence of steps, activities, or events that occur within or affect a system or process. A system/process flowchart can provide the most information about the transaction audit trail in an online application, by showing how transactions are initiated, processed, recorded, and completed, and identifying the inputs, outputs, controls, and dependencies involved in each transaction. File layouts are specifications that define how data are structured or organized on a file or database. File layouts can provide some information about the transaction audit trail in an online application, by showing what data elements are stored or retrieved for each transaction, but they do not provide information about how transactions are executed or tracked. Data architecture is a framework that defines how data are collected, stored, managed, and used within an organization or system. Data architecture can provide some information about the transaction audit trail in an online application, by showing what data sources, models, standards, and policies are used for each transaction, but they do not provide information about how transactions are performed or monitored. Source code documentation is a description or explanation of the source code of a software program or application. Source code documentation can provide some information about the transaction audit trail in an online application, by showing what logic, algorithms, or functions are used for each transaction, but they do not provide information about how transactions are handled or audited.

• Question 863:

  Which of the following is MOST important for an IS auditor to validate when reviewing the controls for an organization's quality management system (QMS)?

  A. Whether root cause analysis is performed on all failed and rejected changes
  B. Whether critical services are delivered in a timely and sustainable manner
  C. Whether there is a process to monitor continuous improvement areas and necessary targets
  D. Whether the organization follows an industry-recognized service management framework
  C. Whether there is a process to monitor continuous improvement areas and necessary targets

  ---

  Explanation

  Explanation

• Question 864:

  During data migration, which of the following BEST prevents integrity issues when multiple processes within the migration program are attempting to write to the same table in the databases?

  A. Authentication controls
  B. Concurrency controls
  C. Normalization controls
  D. Database limit controls
  B. Concurrency controls

  ---

  Explanation

• Question 865:

  How does public key infrastructure (PKI) help to verify that a digitally signed document is not a forgery?

  A. By decrypting the signature with the signer's public key
  B. By verifying the signature with the signer's private key
  C. By checking the signature against the receiver's public key
  D. By checking the signed document's audit history
  A. By decrypting the signature with the signer's public key

  ---

  Explanation

  Explanation

• Question 866:

  During an audit of payment services of a branch based in a foreign country, a large global bank's audit team identifies an opportunity to use data analytics techniques to identify abnormal payments. Which of the following is the team's MOST important course of action?

  A. Consult the legal department to understand the procedure for requesting data from a different jurisdiction.
  B. Conduct a walk through of the analytical strategy with stakeholders of the audited branch to obtain their buy-in.
  C. Request the data from the branch as the team audit charter covers the country where it is based.
  D. Agree on a data extraction and sharing strategy with the IT team of the audited branch.
  A. Consult the legal department to understand the procedure for requesting data from a different jurisdiction.

  ---

  Explanation

  The audit team's most important course of action is to consult the legal department to understand the procedure for requesting data from a different jurisdiction, as this will ensure that the data analytics techniques are compliant with the

  applicable laws and regulations of both countries. Requesting data from a foreign branch may involve legal risks such as data privacy, data sovereignty, and data protection, and the audit team should seek legal guidance before proceeding

  with the data extraction and analysis.

  References:

  1: Data Analytics and Auditing Standards

  2: Data Analytics and the Audit Process

  3: Data Privacy and Data Protection: US Law and Legislation

  4: Data Sovereignty: What It Is and Why It Matters

• Question 867:

  An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor's BEST recommendation would be to:

  A. establish criteria for reviewing alerts.
  B. recruit more monitoring personnel.
  C. reduce the firewall rules.
  D. fine tune the intrusion detection system (IDS).
  D. fine tune the intrusion detection system (IDS).

  ---

  Explanation

  Fine tuning the intrusion detection system (IDS) is the best recommendation to reduce the number of false positive alerts that overwhelm the log management system, because it can help adjust the sensitivity and accuracy of the IDS rules and signatures to match the network environment and traffic patterns. Establishing criteria for reviewing alerts, recruiting more monitoring personnel, and reducing the firewall rules are not effective solutions to address the root cause of the false positive alerts, but rather ways to cope with the consequences.

  References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.3

• Question 868:

  Which of the following should be the FIRST step m managing the impact of a recently discovered zero-day attack?

  A. Evaluating the likelihood of attack
  B. Estimating potential damage
  C. Identifying vulnerable assets
  D. Assessing the Impact of vulnerabilities
  C. Identifying vulnerable assets

  ---

  Explanation

  The first step in managing the impact of a recently discovered zero-day attack is to identify vulnerable assets. A zero-day attack is a cyberattack that exploits a previously unknown or unpatched vulnerability in a software or system, before the vendor or developer has had time to fix it. Identifying vulnerable assets is crucial for managing the impact of a zero-day attack, because it helps to determine the scope and severity of the attack, prioritize the protection and mitigation measures, and isolate or quarantine the affected assets from further damage or compromise. The other options are not the first steps in managing the impact of a zero-day attack, because they either require more information about the vulnerable assets, or they are part of the subsequent steps of assessing, responding, or recovering from the attack.

  References: CISA Review Manual (Digital Version)1, Chapter 5, Section 5.2.4

• Question 869:

  Which of the following is MOST important to ensure successful implementation when an organization decides to purchase software from available products on the market?

  A. Requirements definition
  B. Post-implementation review
  C. Support and maintenance contract
  D. Software escrow
  A. Requirements definition

  ---

  Explanation

  Explanation

• Question 870:

  When physical destruction IS not practical, which of the following is the MOST effective means of disposing of sensitive data on a hard disk?

  A. Overwriting multiple times
  B. Encrypting the disk
  C. Reformatting
  D. Deleting files sequentially
  A. Overwriting multiple times

  ---

  Explanation

  The correct answer is A. Overwriting multiple times. Overwriting is a method of securely erasing data from a hard disk by replacing the existing data with random or meaningless data, making it difficult or impossible to recover the original data1. Overwriting multiple times, also known as multiple-pass overwriting, is a more effective way of disposing of sensitive data than overwriting once, as it reduces the possibility of residual traces of data that could be recovered by advanced techniques. Overwriting multiple times can be done by using specialized software tools that follow certain standards or algorithms, such as the US Department of Defense's DoD 5220.22-M or the Gutmann method.