Isaca CISA Online Practice Questions and Exam Preparation

Isaca CISA Online Questions & Answers

• Question 891:

  What is the most effective means of determining that controls are functioning properly within an operating system?

  A. Interview with computer operator
  B. Review of software control features and/or parameters
  C. Review of operating system manual
  D. Interview with product vendor
  B. Review of software control features and/or parameters

  ---

  Explanation

  Various operating system software products provide parameters and options for the tailoring of the system and activation of features such as activity logging. Parameters are important in determining how a system runs because they allow a standard piece of software to be customized to diverse environments. The reviewing of software control features and/or parameters is the most effective means of determining how controls are functioning within an operating system and of assessing and operating system's integrity.

  The operating system manual should provide information as to what settings can be used but will not likely give any hint as to how parameters are actually set. The product vendor and computer operator are not necessarily aware of the detailed setting of all parameters.

  The review of software control features and/or parameters would be part of your security audit. A security audit is typically performed by an independent third party to the management of the system. The audit determines the degree with which the required controls are implemented.

  A security review is conducted by the system maintenance or security personnel to discover vulnerabilities within the system. A vulnerability occurs when policies are not followed, miscon figurations are present, or flaws exist in the hardware or software of the system. System reviews are sometimes referred to as a vulnerability assessment.

  Schneider, Andrew (2013-04-15). Official (ISC)2 Guide to the CISSP CBK, Third Edition: Security Operations, Page 1054, for users with the Kindle edition look at Locations 851-855 and Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, Chapter 3: Technical Infrastructure and Operational Practices (page 102).

• Question 892:

  Which of the following would a digital signature MOST likely prevent?

  A. Repudiation
  B. Unauthorized change
  C. Corruption
  D. Disclosure
  B. Unauthorized change

  ---

  Explanation

  A digital signature is a cryptographic technique that uses the sender's private key to generate a unique code for a message or document. The receiver can use the sender's public key to verify the authenticity and integrity of the message or

  document. A digital signature can prevent unauthorized change, as any modification to the message or document will invalidate the signature and alert the receiver of tampering.

  References:

  What is a digital signature?

  Digital Signature - an overview | ScienceDirect Topics ISACA CISA Review Manual, 27th Edition, page 253

• Question 893:

  What is the MAIN reason to use incremental backups?

  A. To improve key availability metrics
  B. To reduce costs associates with backups
  C. To increase backup resiliency and redundancy
  D. To minimize the backup time and resources
  D. To minimize the backup time and resources

  ---

  Explanation

  Incremental backups are backups that only copy the data that has changed since the last backup, whether it was a full or incremental backup. The main reason to use incremental backups is to minimize the backup time and resources, as they require less storage space and network bandwidth than full backups. Incremental backups can also improve key availability metrics, such as recovery point objective (RPO) and recovery time objective (RTO), but that is not their primary purpose. Reducing costs associated with backups and increasing backup resiliency and redundancy are possible benefits of incremental backups, but they depend on other factors, such as the backup frequency, retention policy, and media type.

  References: CISA Review Manual (Digital Version): Chapter 5 - Information Systems Operations and Business Resilience

• Question 894:

  What should be the PRIMARY basis for scheduling a follow-up audit?

  A. The significance of reported findings
  B. The completion of all corrective actions
  C. The availability of audit resources
  D. The time elapsed after audit report submission
  A. The significance of reported findings

  ---

  Explanation

• Question 895:

  An IS auditor learns that an organization's business continuity plan (BCP) has not been updated in the last 18 months and that the organization recently closed a production plant. Which of the following is the auditor's BEST course of action?

  A. Determine whether the business impact analysis (BIA) is current with the organization's structure and context.
  B. Determine the types of technologies used at the plant and how they may affect the BCP.
  C. Perform testing to determine the impact to the recovery time objective (R TO).
  D. Assess the risk to operations from the closing of the plant.
  A. Determine whether the business impact analysis (BIA) is current with the organization's structure and context.

  ---

  Explanation

  The IS auditor should first determine whether the business impact analysis (BIA) is current with the organization's structure and context. The BIA is a critical component of the BCP and should reflect the current state of the organization. If the BIA is not up-to-date, it may not accurately reflect the impact of a disruption to the organization's operations, including the closure of a production plant.

  References: ISACA's Information Systems Auditor Study Materials

• Question 896:

  An organization establishes capacity utilization thresholds and monitors for instances when thresholds are exceeded. Which of the following is BEST supported by this activity?

  A. Integrity
  B. Availability
  C. Confidentiality
  D. Nonrepudiation
  B. Availability

  ---

  Explanation

  Comprehensive and Detailed Step-by-Step Monitoringcapacity utilizationsupportsavailabilityby ensuring thatresources remain functional and do not exceed operational limits. Option A (Incorrect):Integrityensures that data isaccurate and unaltered, but monitoring capacity thresholds primarily relates tosystem availability. Option B (Correct):Availabilityensures that systems remainaccessible and functional, and monitoring capacity utilization helpsprevent downtimeandservice disruptions. Option C (Incorrect):Confidentialityensures that data isprotected from unauthorized access, which is unrelated to capacity monitoring. Option D (Incorrect):Nonrepudiationensures that actions can betraced to specific individuals, but it does not relate tocapacity monitoring.

  ISACA CISA Review Manual -Domain 4: Information Systems Operations and Business Resilience?Coverscapacity planning and monitoring for system availability.

• Question 897:

  An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor's BEST recommendation for the organization?

  A. Continue using the existing application since it meets the current requirements
  B. Prepare a maintenance plan that will support the application using the existing code
  C. Bring the escrow version up to date
  D. Undertake an analysis to determine the business risk
  D. Undertake an analysis to determine the business risk

  ---

  Explanation

• Question 898:

  Which of the following is an example of a preventive control?

  A. Purchase orders in the system being checked by a supervisor prior to execution to identify errors during entry
  B. An online retailer's daily review of transactions processed to identify trends and changes in customer demand
  C. Regular assessments of the sales department to identify the most profitable sales strategies used by sales staff
  D. Continuous operation of a screening system to identify fraudulent patterns in recent transactions
  A. Purchase orders in the system being checked by a supervisor prior to execution to identify errors during entry

  ---

  Explanation

• Question 899:

  Which of the following is MOST effective for controlling visitor access to a data center?

  A. Visitors are escorted by an authorized employee
  B. Pre-approval of entry requests
  C. Visitors sign in at the front desk upon arrival
  D. Closed-circuit television (CCTV) is used to monitor the facilities
  A. Visitors are escorted by an authorized employee

  ---

  Explanation

  The most effective way for controlling visitor access to a data center is to ensure that visitors are escorted by an authorized employee, as this prevents unauthorized or malicious actions by the visitors and provides accountability and supervision. Pre- approval of entry requests, visitors signing in at the front desk upon arrival, and closed- circuit television (CCTV) are also useful measures, but they are not as effective as escorting visitors, as they do not prevent or detect unauthorized or malicious actions by the visitors in real time.

  References: CISA Review Manual (Digital Version), Chapter 5:Protection of Information Assets, Section 5.1: Physical Access Controls1

• Question 900:

  An organization has implemented a new data classification scheme and asks the IS auditor to evaluate its effectiveness. Which of the following would be of GREATEST concern to the auditor?

  A. End-user managers determine who should access what information.
  B. The organization has created a dozen different classification categories.
  C. The compliance manager decides how the information should be classified.
  D. The organization classifies most of its information as confidential.
  D. The organization classifies most of its information as confidential.

  ---

  Explanation