Refined CISA Study Guides 2019

Our pass rate is high to 98.9% and the similarity percentage between our and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Isaca CISA exam in just one try? I am currently studying for the . Latest , Try Isaca CISA Brain Dumps First.

Online CISA free questions and answers of New Version:

Using the OSI reference model, what layer(s) is/are used to encrypt data?

  • A. Transport layer
  • B. Session layer
  • C. Session and transport layers
  • D. Data link layer

Answer: C

Explanation: User applications often encrypt and encapsulate data using protocols within the OSI session layer or farther down in the transport layer.

While reviewing the business continuity plan of an organization, an IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate?

  • A. Deterrence
  • B. Mitigation
  • C. Recovery
  • D. Response

Answer: B

An effective business continuity plan includes steps to mitigate the effects of a disaster. Files must be restored on a timely basis for a backup plan to be effective. An example of deterrence is when a plan includes installation of firewalls for information systems. An example of recovery is when a plan includes an organization's hot site to restore normal business operations.

ALL computer programming languages are vulnerable to command injection attack.

  • A. True
  • B. False

Answer: B

The majority of software vulnerabilities result from a few known kinds of coding defects. Common software defects include buffer overflows, format string vulnerabilities, integer overflow, and code/command injection. Some common
languages such as C and C++ are vulnerable to all of these defects. Languages such as Java are immune to some of these defects but are still prone to code/ command injection and other software defects which lead to software vulnerabilities.

An IS auditor reviewing an organization's data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:

  • A. source documentation retentio
  • B. data file securit
  • C. version usage contro
  • D. one-for-one checkin

Answer: C

For processing to be correct, it is essential that the proper version of a file is used. Transactions should be applied to the most current database, while restart procedures should use earlier versions. Source documentation should be retained for anadequate time period to enable documentation retrieval, reconstruction or verification of data, but it does not aid in ensuring that the correct version of a file will be used. Data file security controls prevent access by unauthorized users who could then alter the data files; however, it does not ensure that the correct file will be used. It is necessary to ensure that all documents have been received for processing, one-for-one; however, this does not ensure the use of the correct file.

What kind of testing should programmers perform following any changes to an application or system?

  • A. Unit, module, and full regression testing
  • B. Module testing
  • C. Unit testing
  • D. Regression testing

Answer: A

Explanation: Programmers should perform unit, module, and full regression testing
following any changes to an application or system.

What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?

  • A. An organizational certificate
  • B. A user certificate
  • C. A website certificate
  • D. Authenticode

Answer: C

Explanation: A website certificate is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption.

What can ISPs use to implement inbound traffic filtering as a control to identify IP packets transmitted from unauthorized sources? Choose the BEST answer.

  • A. OSI Layer 2 switches with packet filtering enabled
  • B. Virtual Private Networks
  • C. Access Control Lists (ACL)
  • D. Point-to-Point Tunneling Protocol

Answer: C

Explanation: ISPs can use access control lists to implement inbound traffic filtering as a control to identify IP packets transmitted from unauthorized sources.

In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover potential anomalies in user or system behavior. Which of the following tools are MOST suitable for performing that task?

  • A. CASE tools
  • B. Embedded data collection tools
  • C. Heuristic scanning tools
  • D. Trend/variance detection tools

Answer: D

Trend/variance detection tools look for anomalies in user or system behavior, for example, determining whether the numbers for prenumbered documents are sequential or increasing. CASE tools are used to assist software development. Embedded (audit) data collection software is used for sampling and to provide production statistics. Heuristic scanning tools can be used to scan for viruses to indicate possible infected code.

The responsibility for authorizing access to application data should be with the:

  • A. data custodia
  • B. database administrator (DBA).
  • C. data owne
  • D. security administrato

Answer: C

Data owners should have the authority and responsibility for granting access to the data and applications for which they are responsible. Data custodians are responsible only for storing and safeguarding the datA. The database administrator (DBA) isresponsible for managing the database and the security administrator is responsible for implementing and maintaining IS security. The ultimate responsibility for data resides with the data owner.

Ensuring that security and control policies support business and IT objectives is a primary objective of:

  • A. An IT security policies audit
  • B. A processing audit
  • C. A software audit
  • D. A vulnerability assessment

Answer: A

Explanation: Ensuring that security and control policies support business and IT objectives is a primary objective of an IT security policies audit.

Involvement of senior management is MOST important in the development of:

  • A. strategic plan
  • B. IS policie
  • C. IS procedure
  • D. standards and guideline

Answer: A

Strategic plans provide the basis for ensuring that the enterprise meets its goals and objectives. Involvement of senior management is critical to ensuring that the plan adequately addresses the established goals and objectives. IS policies, procedures, standards and guidelines are all structured to support the overall strategic plan.

During a review of a customer master file, an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication, the IS auditor would use:

  • A. test data to validate data inpu
  • B. test data to determine system sort capabilitie
  • C. generalized audit software to search for address field duplication
  • D. generalized audit software to search for account field duplication

Answer: C

Since the name is not the same {due to name variations), one method to detect duplications would be to compare other common fields, such as addresses. A subsequent review to determine common customer names at these addresses could then be conducted. Searching for duplicate account numbers would not likely find duplications, since customers would most likely have different account numbers for each variation. Test data would not be useful to detect the extent of any data characteristic, but simply to determine how the data were processed.

Corrective action has been taken by an auditee immediately after the identification of a reportable finding. The auditor should:

  • A. include the finding in the final report, because the IS auditor is responsible for an accurate report of all finding
  • B. not include the finding in the final report, because the audit report should include only unresolved finding
  • C. not include the finding in the final report, because corrective action can be verified by the IS auditor during the audi
  • D. include the finding in the closing meeting for discussion purposes onl

Answer: A

Including the finding in the final report is a generally accepted audit practice. If an action is taken after the audit started and before it ended, the audit report should identify the finding and describe the corrective action taken. An audit report should reflect the situation, as it existed at the start of the audit. All corrective actions taken by the auditee should be reported in writing.

Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness?

  • A. Paper test
  • B. Post test
  • C. Preparedness test
  • D. Walkthrough

Answer: C

A preparedness test is a localized version of a full test, wherein resources are expended in the simulation of a system crash. This test is performed regularly on different aspects of the plan and can be a cost-effective way to gradually obtain evidence about the plan's effectiveness. It also provides a means to improve the plan in increments. A paper test is a walkthrough of the plan, involving major players, who attempt to determine what might happen in a particular type of service disruption in the plan's execution. A paper test usually precedes the preparedness test. A post-test is actually a test phase and is comprised of a group of activities, such as returning all resources to their proper place, disconnecting equipment, returning personnel and deleting all company data from third-party systems. A walkthrough is a test involving a simulated disaster situation that tests the preparedness and understanding of management and staff, rather than the actual resources.

An IS auditor should be MOST concerned with what aspect of an authorized honeypot?

  • A. The data collected on attack methods
  • B. The information offered to outsiders on the honeypot
  • C. The risk that the honeypot could be used to launch further attacks on the organization's infrastructure
  • D. The risk that the honeypot would be subject to a distributed denial-of-service attack

Answer: C

Choice C represents the organizational risk that the honeypot could be used as a point of access to launch further attacks on the enterprise's systems. Choices A and B are purposes for deploying a honeypot, not a concern. Choice D, the risk that thehoneypot would be subject to a distributed denial-of-service (DDoS) attack, is not relevant, as the honeypot is not a critical device for providing service.

To install backdoors, hackers generally prefer to use:

  • A. either Trojan horse or computer wor
  • B. either Tripwire or computer viru
  • C. either eavedropper or computer wor
  • D. either Trojan horse or eavedroppe
  • E. None of the choice

Answer: A

A backdoor is a method of bypassing normal authentication procedures. Many computer manufacturers used to preinstall backdoors on their systems to provide technical support for customers. Hackers typically use backdoors to secure remote access to a computer, while attempting to remain hidden from casual inspection. To install backdoors, hackers prefer to use either Trojan horse or computer worm.

Effective IT governance requires organizational structures and processes to ensure that:

  • A. the organization's strategies and objectives extend the IT strateg
  • B. the business strategy is derived from an IT strateg
  • C. IT governance is separate and distinct from the overall governanc
  • D. the IT strategy extends the organization's strategies and objective

Answer: D

Effective IT governance requires that board and executive management extend governance to IT and provide the leadership, organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategiesand objectives, and that the strategy is aligned with business strategy. Choice A is incorrect because it is the IT strategy that extends the organizational objectives, not the opposite. IT governance is not an isolated discipline; it must become anintegral part of the overall enterprise governance.

Which of the following situations would increase the likelihood of fraud?

  • A. Application programmers are implementing changes to production program
  • B. Application programmers are implementing changes to test program
  • C. Operations support staff are implementing changes to batch schedule
  • D. Database administrators are implementing changes to data structure

Answer: A

Production programs are used for processing an enterprise's datA. It is imperative that controls on changes to production programs are stringent. Lack of control in this area could result in application programs being modified to manipulate the data.Application programmers are required to implement changes to test programs. These are used only in development and do not directly impact the live processing of datA. The implementation of changes to batch schedules by operations support staff willaffect the scheduling of the batches only; it does not impact the live datA. Database administrators are required to implement changes to data structures. This is required for reorganization of the database to allow for additions, modifications or deletions of fields or tables in the database.

Recommend!! Get the Full CISA dumps in VCE and PDF From DumpSolutions, Welcome to Download: (New 1177 Q&As Version)