DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

2024 Updated CISA Exam Questions & Practice Tests, Certified Information Systems Auditor | SPOTO

The Certified Information Systems Auditor® (CISA®) certification from ISACA is a globally recognized credential that validates your expertise in auditing, monitoring, and assessing IT and business systems, including emerging technologies. Achieving the CISA certification showcases your ability to apply a risk-based approach to audit engagements and stay ahead of industry trends.At SPOTO, we understand the importance of staying up-to-date with the latest exam objectives and content. Our 2024 updated CISA exam questions and practice tests are meticulously crafted to ensure you are equipped with the most current knowledge and skills required to succeed in the CISA exam. Our exam materials, including practice tests, sample questions, exam dumps, and online exam questions, are regularly reviewed and updated by subject matter experts to reflect the latest exam changes.Utilize our exam simulator to experience a realistic exam environment, allowing you to develop effective time management strategies and identify areas that require further attention. Our exam questions and answers, mock exams, and free tests provide valuable practice opportunities, reinforcing your understanding of the CISA exam content and boosting your confidence.
Take other online exams
Question #1
As an auditor it is very important to ensure confidentiality, integrity, authenticity and availability are implemented appropriately in an information system. Which of the following definitions incorrectly describes these parameters? 1. Authenticity – A third party must be able to verify that the content of a message has been sent by a specific entity and nobody else. 2. Non-repudiation – The origin or the receipt of a specific message must be verifiable by a third party. A person cannot deny having sent a
A. All of the options presented
B. None of the options presented
C. Options number 1 and 2
D. Option number 3
View answer
Correct Answer: B
Question #2
Which of the following is the MOST important objective of data protection?
A. identifying persons who need access to information
B. Ensuring the integrity of information
C. Denying or authorizing access to the IS system
D. Monitoring logical accesses
View answer
Correct Answer: A
Question #3
Which of the following type of computer is a large, general purpose computer that are made to share their processing power and facilities with thousands of internal or external users?
A. Thin client computer
B. Midrange servers
C. Personal computers
D. Mainframe computers
View answer
Correct Answer: A
Question #4
Fourth-Generation Languages (4GLs) are most appropriate for designing the application's graphical user interface (GUI). They are inappropriate for designing any intensive data- calculation procedures. True or false?
A. True
B. False
View answer
Correct Answer: A
Question #5
COBIT 5 separates information goals into three sub-dimensions of quality. Which of the following sub-dimension of COBIT 5 describes the extent to which data values are in conformance with the actual true value?
A. Intrinsic quality
B. Contextual and representational quality
C. Security quality
D. Accessibility quality
View answer
Correct Answer: D
Question #6
If an IS auditor observes that individual modules of a system perform correctly in development project tests, the auditor should inform management of the positive results and recommend further:
A. Documentation development
B. Comprehensive integration testing
C. Full unit testing
D. Full regression testing
View answer
Correct Answer: D
Question #7
Which of the following is a form of Hybrid Cryptography where the sender encrypts the bulk of the data using Symmetric Key cryptography and then communicates securely a copy of the session key to the receiver?
A. Digital Envelope
B. Digital Signature
C. Symmetric key encryption
D. Asymmetric
View answer
Correct Answer: C
Question #8
Which of the following attack is against computer network and involves fragmented or invalid ICMP packets sent to the target?
A. Nuke attack
B. Brute force attack
C. Buffer overflow
D. Pulsing Zombie
View answer
Correct Answer: C
Question #9
Identify the WAN message switching technique being used from the description presented below: “Data is routed in its entirety from the source node to the destination node, one hope at a time. During message routing, every intermediate switch in the network stores the whole message. If the entire network's resources are engaged or the network becomes blocked, this WAN switching technology stores and delays the message until ample resources become available for effective transmission of the message. “
A. Message Switching
B. Packet switching
C. Circuit switching
D. Virtual Circuits
View answer
Correct Answer: B
Question #10
Which of the following types of attack involves a program that creates an infinite loop, makes lots of copies of itself, and continues to open lots of files?
A. Local DoS attacks
B. Remote DoS attacks
C. Distributed DoS attacks
D. Local Virus attacks
E. None of the choices
View answer
Correct Answer: A
Question #11
What is used as a control to detect loss, corruption, or duplication of data?
A. Redundancy check
B. Reasonableness check
C. Hash totals
D. Accuracy check
View answer
Correct Answer: A
Question #12
Which of the following exposures could be caused by a line grabbing technique?
A. Unauthorized data access
B. Excessive CPU cycle usage
C. Lockout of terminal polling
D. Multiplexor control dysfunction
View answer
Correct Answer: B
Question #13
An IS auditor needs to consider many factors while evaluating an encryption system. Which of the following is LEAST important factor to be considered while evaluating an encryption system?
A. Encryption algorithm
B. Encryption keys
C. Key length
D. Implementation language
View answer
Correct Answer: D
Question #14
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly?
A. Field checks
B. Control totals
C. Reasonableness checks
D. A before-and-after maintenance report
View answer
Correct Answer: C
Question #15
An organization is migrating from a legacy system to an enterprise resource planning (ERP) system. While reviewing the data migration activity, the MOST important concern for the IS auditor is to determine that there is a:
A. correlation of semantic characteristics of the data migrated between the two systems
B. correlation of arithmetic characteristics of the data migrated between the two systems
C. correlation of functional characteristics of the processes between the two systems
D. relative efficiency of the processes between the two systems
View answer
Correct Answer: A
Question #16
Which of the following is a program evaluation review technique that considers different scenarios for planning and control projects?
A. Function Point Analysis (FPA)
B. GANTT
C. Rapid Application Development (RAD)
D. PERT
View answer
Correct Answer: A
Question #17
Which of the following translates e-mail formats from one network to another so that the message can travel through all the networks?
A. Gateway
B. Protocol converter
C. Front-end communication processor
D. Concentrator/multiplexor
View answer
Correct Answer: C
Question #18
Attack amplifier is often being HEAVILY relied upon on by which of the following types of attack?
A. Packet dropping
B. ToS
C. DDoS
D. ATP
E. Wiretapping
F. None of the choices
View answer
Correct Answer: D
Question #19
Which of the following type of IDS has self-learning functionality and over a period of time will learned what is the expected behavior of a system?
A. Signature Based IDS
B. Host Based IDS
C. Neural Network based IDS
D. Statistical based IDS
View answer
Correct Answer: A
Question #20
By evaluating application development projects against the capability maturity model (CMM), an IS auditor should be able to verify that:
A. reliable products are guaranteed
B. programmers' efficiency is improved
C. security requirements are designed
D. predictable software processes are followed
View answer
Correct Answer: D
Question #21
Which of the following controls would provide the GREATEST assurance of database integrity?
A. Audit log procedures
B. Table link/reference checks
C. Query/table access time checks
D. Rollback and roll forward database features
View answer
Correct Answer: A
Question #22
There are several types of penetration tests depending upon the scope, objective and nature of a test. Which of the following describes a penetration test where you attack and attempt to circumvent the controls of the targeted network from the outside, usually the Internet?
A. External Testing
B. Internal Testing
C. Blind Testing
D. Targeted Testing
View answer
Correct Answer: D
Question #23
Which of the following option INCORRECTLY describes PBX feature?
A. Voice mail -Stores messages centrally and – by using a password – allows for retrieval from inside or outside lines
B. Tenanting-Provides for the possibility to break into a busy line to inform another user an important message
C. Automatic Call Distribution - Allows a PBX to be configured so that incoming calls are distributed to the next available agent or placed on-hold until one become available
D. Diagnostics -Allows for bypassing normal call restriction procedures
View answer
Correct Answer: A
Question #24
Within a virus, which component is responsible for what the virus does to the victim file?
A. the payload
B. the signature
C. the trigger
D. the premium
E. None of the choices
View answer
Correct Answer: C
Question #25
Which of the following refers to any program that invites the user to run it but conceals a harmful or malicious payload?
A. virus
B. worm
C. trojan horse
D. spyware
E. rootkits
F. None of the choices
View answer
Correct Answer: B
Question #26
Which of the following would MOST likely impact the integrity of a database backup?
A. Record fields contain null information
B. Open database files during backup
C. Relational database model used
D. Backing up the database to an optical disk
View answer
Correct Answer: C
Question #27
A shared resource matrix is a technique commonly used to locate:
A. Malicious code
B. Security flaws
C. Trap doors
D. Covert channels
View answer
Correct Answer: D
Question #28
Who is responsible for authorizing access level of a data user?
A. Data Owner
B. Data User
C. Data Custodian
D. Security Administrator
View answer
Correct Answer: A
Question #29
Which of the following is a strength of a client-server security system?
A. Change control and change management procedures are inherently strong
B. Users can manipulate data without controlling resources on the mainframe
C. Network components seldom become obsolete
D. Access to confidential data or data manipulation is controlled tightly
View answer
Correct Answer: C
Question #30
What is the first step in a business process re-engineering project?
A. Identifying current business processes
B. Forming a BPR steering committee
C. Defining the scope of areas to be reviewed
D. Reviewing the organizational strategic plan
View answer
Correct Answer: C
Question #31
The PRIMARY objective of business continuity and disaster recovery plans should be to:
A. safeguard critical IS assets
B. provide for continuity of operations
C. minimize the loss to an organization
D. protect human life
View answer
Correct Answer: A
Question #32
Which of the following is appropriate when an IS auditor is conducting an exit meeting with senior management?
A. Eliminate significant findings where audit and management agree on risk acceptance
B. Agree with senior management on the risk grading of the audit report
C. Document written responses from management along with an implementation plan
D. Escalate disputed recommendations to the audit committee
View answer
Correct Answer: C
Question #33
Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol?
A. Install the vendor's security fix for the vulnerability
B. Block the protocol traffic in the perimeter firewall
C. Block the protocol traffic between internal network segments
D. Stop the service until an appropriate security fix is installed
View answer
Correct Answer: C
Question #34
Which of the following factor is LEAST important in the measurement of critical success factors of productivity in the SDLC phases?
A. Dollar Spent per use
B. Number of transactions per month
C. Number of transactions per user
D. Number of occurrences of fraud/misuse detection
View answer
Correct Answer: D
Question #35
To ensure message integrity, confidentiality and non-repudiation between two parties, the MOST effective method would be to create a message digest by applying a cryptographic hashing algorithm against:
A. the entire message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering the key by using the receiver's public key
B. any part of the message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering the key using the receiver's public key
C. the entire message, enciphering the message digest using the sender's private key, enciphering the message with a symmetric key and enciphering both the encrypted message and digest using the receiver's public key
D. the entire message, enciphering the message digest using the sender's private key and enciphering the message using the receiver's public key
View answer
Correct Answer: C
Question #36
Which of the following term describes a failure of an electric utility company to supply power within acceptable range?
A. Sag
B. Blackout
C. Brownout
D. EMI
View answer
Correct Answer: B
Question #37
Responsibility and reporting lines cannot always be established when auditing automated systems since:
A. diversified control makes ownership irrelevant
B. staff traditionally changes jobs with greater frequency
C. ownership is difficult to establish where resources are shared
D. duties change frequently in the rapid development of technology
View answer
Correct Answer: D
Question #38
Which of the following device in Frame Relay WAN technique is a service provider device that does the actual data transmission and switching in the frame relay cloud?
A. DTE
B. DCE
C. DME
D. DLE
View answer
Correct Answer: A
Question #39
Disaster recovery planning (DRP) addresses the:
A. technological aspect of business continuity planning
B. operational piece of business continuity planning
C. functional aspect of business continuity planning
D. overall coordination of business continuity planning
View answer
Correct Answer: A
Question #40
Most access violations are:
A. Accidental
B. Caused by internal hackers
C. Caused by external hackers
D. Related to Internet
View answer
Correct Answer: A
Question #41
If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor's primary responsibility?
A. To advise senior management
B. To reassign job functions to eliminate potential fraud
C. To implement compensator controls
D. Segregation of duties is an administrative control not considered by an IS auditor
View answer
Correct Answer: D
Question #42
Which of the following is a project management technique for defining and deploying software deliverables within a relatively short and fixed period of time, and with predetermined specific resources?
A. Functional Point analysis
B. Gantt Chart
C. Critical path methodology
D. Time box management
View answer
Correct Answer: C
Question #43
What is essential for the IS auditor to obtain a clear understanding of network management?
A. Security administrator access to systems
B. Systems logs of all hosts providing application services
C. A graphical map of the network topology
D. Administrator access to systems
View answer
Correct Answer: A
Question #44
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the:
A. maintenance of access logs of usage of various system resources
B. authorization and authentication of the user prior to granting access to system resources
C. adequate protection of stored data on servers by encryption or other means
D. accountability system and the ability to identify any terminal accessing system resources
View answer
Correct Answer: A
Question #45
Why is it not preferable for a firewall to treat each network frame or packet in isolation?
A. Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet
B. Such a firewall is costly to setup
C. Such a firewall is too complicated to maintain
D. Such a firewall is CPU hungry
E. Such a firewall offers poor compatibility
F. None of the choices
View answer
Correct Answer: D
Question #46
Of the three major types of off-site processing facilities, what type is characterized by at least providing for electricity and HVAC?
A. Cold site
B. Alternate site
C. Hot site
D. Warm site
View answer
Correct Answer: B
Question #47
Which of the following type of testing uses a set of test cases that focus on control structure of the procedural design?
A. Interface testing
B. Unit Testing
C. System Testing
D. Final acceptance testing
View answer
Correct Answer: B
Question #48
The MAIN criterion for determining the severity level of a service disruption incident is:
A. cost of recovery
B. negative public opinion
C. geographic location
D. downtime
View answer
Correct Answer: C
Question #49
When reviewing the procedures for the disposal of computers, which of the following should be the GREATEST concern for the IS auditor?
A. Hard disks are overwritten several times at the sector level, but are not reformatted before leaving the organization
B. All files and folders on hard disks are separately deleted, and the hard disks are formatted before leaving the organization
C. Hard disks are rendered unreadable by hole-punching through the platters at specific positions before leaving the organization
D. The transport of hard disks is escorted by internal security staff to a nearby metal recycling company, where the hard disks are registered and then shredded
View answer
Correct Answer: B
Question #50
What should an organization do before providing an external agency physical access to its information processing facilities (IPFs)?
A. The processes of the external agency should be subjected to an IS audit by an independent agency
B. Employees of the external agency should be trained on the security procedures of the organization
C. Any access by an external agency should be limited to the demilitarized zone (DMZ)
D. The organization should conduct a risk assessment and design and implement appropriate controls
View answer
Correct Answer: C
Question #51
An offsite information processing facility with electrical wiring, air conditioning and flooring, but no computer or communications equipment, is a:
A. cold site
B. warm site
C. dial-up site
D. duplicate processing facility
View answer
Correct Answer: A
Question #52
Host Based ILD&P primarily addresses the issue of:
A. information integrity
B. information accuracy
C. information validity
D. information leakage
E. None of the choices
View answer
Correct Answer: C
Question #53
Which of the following audit risk is related to exposure of a process or entity to be audited without taking into account the control that management has implemented?
A. Inherent Risk
B. Control Risk
C. Detection Risk
D. Overall Audit Risk
View answer
Correct Answer: A
Question #54
The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open-source software?
A. Rewrite the patches and apply them
B. Code review and application of available patches
C. Develop in-house patches
D. identify and test suitable patches before applying them
View answer
Correct Answer: B
Question #55
________________ (fill in the blank) should be implemented as early as data preparation to support data integrity at the earliest point possible.
A. Control totals
B. Authentication controls
C. Parity bits
D. Authorization controls
View answer
Correct Answer: D
Question #56
Which of the following methods of encryption has been proven to be almost unbreakable when correctly used?
A. key pair
B. Oakley
C. certificate
D. 3-DES
E. one-time pad
F. None of the choices
View answer
Correct Answer: A
Question #57
When evaluating the collective effect of preventive, detective or corrective controls within a process an IS auditor should be aware:
A. of the point at which controls are exercised as data flows through the system
B. that only preventive and detective controls are relevant
C. that corrective controls can only be regarded as compensating
D. that classification allows an IS auditor to determine which controls are missing
View answer
Correct Answer: A
Question #58
In which of the following cloud computing service model are applications hosted by the service provider and made available to the customers over a network?
A. Software as a service
B. Data as a service
C. Platform as a service
D. Infrastructure as a service
View answer
Correct Answer: A
Question #59
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation?
A. Specific developments only
B. Business requirements only
C. All phases of the installation must be documented
D. No need to develop a customer specific documentation
View answer
Correct Answer: D
Question #60
What is the PRIMARY purpose of audit trails?
A. To document auditing efforts
B. To correct data integrity errors
C. To establish accountability and responsibility for processed transactions
D. To prevent unauthorized access to data
View answer
Correct Answer: A
Question #61
Which of the following is the process of feeding test data into two systems – the modified system and alternative system and comparing the result?
A. Parallel Test
B. Black box testing
C. Regression Testing
D. Pilot Testing
View answer
Correct Answer: A
Question #62
The MOST important difference between hashing and encryption is that hashing:
A. is irreversible
B. output is the same length as the original message
C. is concerned with integrity and security
D. is the same at the sending and receiving end
View answer
Correct Answer: D
Question #63
Facilitating telecommunications continuity by providing redundant combinations of local carrier T- 1 lines, microwaves and/or coaxial cables to access the local communication loop:
A. last-mile circuit protection
B. long-haul network diversity
C. diverse routing
D. alternative routing
View answer
Correct Answer: A
Question #64
Reconfiguring which of the following firewall types will prevent inward downloading of files through the File Transfer Protocol (FTP)?
A. Circuit gateway
B. Application gateway
C. Packet filter
D. Screening router
View answer
Correct Answer: D
Question #65
Talking about the different approaches to security in computing, the principle of regarding the computer system itself as largely an untrusted system emphasizes:
A. most privilege
B. full privilege
C. least privilege
D. null privilege
E. None of the choices
View answer
Correct Answer: A
Question #66
Which of the following is a good time frame for making changes to passwords?
A. every 180 to 365 days
B. every 30 to 45 days
C. every 10 to 20 days
D. every 90 to 120 days
E. None of the choices
View answer
Correct Answer: D
Question #67
Which of the following will replace system binaries and/or hook into the function calls of the operating system to hide the presence of other programs (choose the most precise answer)?
A. rootkits
B. virus
C. trojan
D. tripwire
E. None of the choices
View answer
Correct Answer: A
Question #68
In which of the following database models is the data represented in terms of tulles and grouped into relations?
A. Hierarchical database model
B. Network database model
C. Relational database model
D. Object-relational database model
View answer
Correct Answer: B
Question #69
Accountability for the maintenance of appropriate security measures over information assets resides with the:
A. security administrator
B. systems administrator
C. data and systems owners
D. systems operations group
View answer
Correct Answer: C
Question #70
Which of the following software tools is often used for stealing money from infected PC owner through taking control of the modem?
A. System patcher
B. Porn dialer
C. War dialer
D. T1 dialer
E. T3 dialer
F. None of the choices
View answer
Correct Answer: E
Question #71
Which of the following is the GREATEST concern when an organization allows personal devices to connect to its network?
A. It is difficult to enforce the security policy on personal devices
B. Help desk employees will require additional training to support devices
C. IT infrastructure costs will increase
D. It is difficult to maintain employee privacy
View answer
Correct Answer: D
Question #72
Which of the following step of PDCA study the actual result and compares it against the expected result?
A. Plan
B. Do
C. Check
D. Act
View answer
Correct Answer: C
Question #73
Introducing inhomogeneity to your network for the sake of robustness would have which of the following drawbacks?
A. poorer performance
B. poor scalability
C. weak infrastructure
D. high costs in terms of training and maintenance
E. None of the choices
View answer
Correct Answer: B
Question #74
Network ILD&P are typically installed:
A. on the organization's internal network connection
B. on the organization's internet network connection
C. on each end user stations
D. on the firewall
E. None of the choices
View answer
Correct Answer: E
Question #75
Which of the following provide(s) near-immediate recoverability for time-sensitive systems and transaction processing?
A. Automated electronic journaling and parallel processing
B. Data mirroring and parallel processing
C. Data mirroring
D. Parallel processing
View answer
Correct Answer: A
Question #76
Which of the following statements regarding an off-site information processing facility is TRUE?
A. It should have the same amount of physical access restrictions as the primary processing site
B. It should be located in proximity to the originating site so that it can quickly be made operational
C. It should be easily identified from the outside so in the event of an emergency it can be easily found
D. Need not have the same level of environmental monitoring as the originating site since this would be cost prohibitive
View answer
Correct Answer: D
Question #77
The intent of application controls is to ensure that when inaccurate data is entered into the system, the data is:
A. accepted and processed
B. accepted and not processed
C. not accepted and not processed
D. not accepted and processed
View answer
Correct Answer: C
Question #78
What influences decisions regarding criticality of assets?
A. The business criticality of the data to be protected
B. Internal corporate politics
C. The business criticality of the data to be protected, and the scope of the impact upon the organization as a whole
D. The business impact analysis
View answer
Correct Answer: D
Question #79
A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and:
A. dials back to the user machine based on the user id and password using a telephone number from its database
B. dials back to the user machine based on the user id and password using a telephone number provided by the user during this connection
C. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using its database
D. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using the sender's database
View answer
Correct Answer: B
Question #80
An IS auditor should recommend the use of library control software to provide reasonable assurance that:
A. program changes have been authorized
B. only thoroughly tested programs are released
C. modified programs are automatically moved to production
D. source and executable code integrity is maintained
View answer
Correct Answer: D
Question #81
Which of the following layer in an enterprise data flow architecture derives enterprise information from operational data, external data and nonoperational data?
A. Data preparation layer
B. Data source layer
C. Data mart layer
D. Data access layer
View answer
Correct Answer: C
Question #82
What is used to develop strategically important systems faster, reduce development costs, and still maintain high quality?
A. Rapid application development (RAD)
B. GANTT
C. PERT
D. Decision trees
View answer
Correct Answer: B
Question #83
During the requirements definition phase of a software development project, the aspects of software testing that should be addressed are developing:
A. test data covering critical applications
B. detailed test plans
C. quality assurance test specifications
D. user acceptance testing specifications
View answer
Correct Answer: D
Question #84
If a database is restored using before-image dumps, where should the process begin following an interruption?
A. Before the last transaction
B. After the last transaction
C. As the first transaction after the latest checkpoint
D. At the last transaction before the latest checkpoint
View answer
Correct Answer: D
Question #85
For locations 3a, 1d and 3d, the diagram indicates hubs with lines that appear to be open and active. Assuming that is true, what control, if any, should be recommended to mitigate this weakness?
A. Intelligent hub
B. Physical security over the hubs
C. Physical security and an intelligent hub
D. No controls are necessary since this is not a weakness
View answer
Correct Answer: C
Question #86
What is/are used to measure and ensure proper network capacity management and availability of services?
A. Network performance-monitoring tools
B. Network component redundancy
C. Syslog reporting
D. IT strategic planning
View answer
Correct Answer: A
Question #87
Which of the following functions, if combined, would be the GREATEST risk to an organization?
A. Systems analyst and database administrator
B. Quality assurance and computer operator
C. Tape librarian and data entry clerk
D. Application programmer and tape librarian
View answer
Correct Answer: C
Question #88
Which of the following are examples of tools for launching Distributed DoS Attack (Choose four.):
A. TFN
B. TFN2K
C. Trin00
D. Stacheldracht
E. Tripwire
View answer
Correct Answer: E
Question #89
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
A. Complexity of management’s actions plans
B. Recommendation from executive management
C. Audit cycle defined in the audit plan
D. Residual risk from the findings of previous audits
View answer
Correct Answer: C
Question #90
Squid is an example of:
A. IDS
B. caching proxy
C. security proxy
D. connection proxy
E. dialer
F. None of the choices
View answer
Correct Answer: A
Question #91
Which type of major BCP test only requires representatives from each operational area to meet to review the plan?
A. Parallel
B. Preparedness
C. Walk-thorough
D. Paper
View answer
Correct Answer: C
Question #92
A company is implementing a dynamic host configuration protocol (DHCP). Given that the following conditions exist, which represents the GREATEST concern?
A. Most employees use laptops
B. A packet filtering firewall is used
C. The IP address space is smaller than the number of PCs
D. Access to a network port is not restricted
View answer
Correct Answer: C
Question #93
Run-to-run totals can verify data through which stage(s) of application processing?
A. Initial
B. Various
C. Final
D. Output
View answer
Correct Answer: C
Question #94
There are many known weaknesses within an Intrusion Detection System (IDS). Which of the following is NOT a limitation of an IDS?
A. Weakness in the identification and authentication scheme
B. Application level vulnerability
C. Backdoor into application
D. Detect zero day attack
View answer
Correct Answer: C
Question #95
Which of the following BEST facilitates compliance with requirements mandating the security of confidential data?
A. Classification of data
B. Security awareness training
C. Encryption of external data transmissions
D. Standardized escalation protocols for breaches
View answer
Correct Answer: A
Question #96
Which of the following should concern an IS auditor when reviewing security in a client- server environment?
A. Protecting data using an encryption technique
B. Preventing unauthorized access using a diskless workstation
C. The ability of users to access and modify the database directly
D. Disabling floppy drives on the users' machines
View answer
Correct Answer: D
Question #97
Which of the following processes are performed during the design phase of the systems development life cycle (SDLC) model?
A. Develop test plans
B. Baseline procedures to prevent scope creep
C. Define the need that requires resolution, and map to the major requirements of the solution
D. Program and test the new system
View answer
Correct Answer: A
Question #98
Which of the following ACID property in DBMS ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other?
A. Atomicity
B. Consistency
C. Isolation
D. Durability
View answer
Correct Answer: A
Question #99
During a logical access controls review, an IS auditor observes that user accounts are shared. The GREATEST risk resulting from this situation is that:
A. an unauthorized user may use the ID to gain access
B. user access management is time consuming
C. passwords are easily guessed
D. user accountability may not be established
View answer
Correct Answer: C
Question #100
The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through:
A. the use of risk controls
B. the use of computer assisted functions
C. using computer assisted audit technology tools
D. the development of written guidelines
E. None of the choices
View answer
Correct Answer: A
Question #101
Relatively speaking, firewalls operated at the application level of the seven layer OSI model are:
A. almost always less efficient
B. almost always less effective
C. almost always less secure
D. almost always less costly to setup
E. None of the choices
View answer
Correct Answer: F
Question #102
Which of the following is best suited for searching for address field duplications?
A. Text search forensic utility software
B. Generalized audit software
C. Productivity audit software
D. Manual review
View answer
Correct Answer: A
Question #103
Which of the following actions should an organization’s security policy require an employee to take upon finding a security breach?
A. Report the incident to the manager immediately
B. Inform IS audit management immediately
C. Confirm the breach can be exploited
D. Devise appropriate countermeasures
View answer
Correct Answer: C
Question #104
Which of the following is the MOST effective type of antivirus software?
A. Scanners
B. Active monitors
C. integrity checkers
D. Vaccines
View answer
Correct Answer: B
Question #105
To determine if unauthorized changes have been made to production code the BEST audit procedure is to:
A. examine the change control system records and trace them forward to object code files
B. review access control permissions operating within the production program libraries
C. examine object code to find instances of changes and trace them back to change control records
D. review change approved designations established within the change control system
View answer
Correct Answer: C
Question #106
An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
A. adequate fire insurance exists
B. regular hardware maintenance is performed
C. offsite storage of transaction and master files exists
D. backup processing facilities are fully tested
View answer
Correct Answer: A
Question #107
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A:
A. scan of all floppy disks before use
B. virus monitor on the network file server
C. scheduled daily scan of all network drives
D. virus monitor on the user's personal computer
View answer
Correct Answer: A
Question #108
Which of the following is not a good tactic to use against hackers?
A. Enticement
B. Entrapment
View answer
Correct Answer: C
Question #109
Which of the following acts as a decoy to detect active internet attacks?
A. Honeypots
B. Firewalls
C. Trapdoors
D. Traffic analysis
View answer
Correct Answer: B
Question #110
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is:
A. data integrity
B. authentication
C. nonrepudiation
D. replay protection
View answer
Correct Answer: D
Question #111
Which of the following is NOT a defined ISO basic task related to network management?
A. Fault management
B. Accounting resources
C. Security management
D. Communications management
View answer
Correct Answer: D
Question #112
Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?
A. A system downtime log
B. Vendors' reliability figures
C. Regularly scheduled maintenance log
D. A written preventive maintenance schedule
View answer
Correct Answer: B
Question #113
Your final audit report should be issued:
A. after an agreement on the observations is reached
B. before an agreement on the observations is reached
C. if an agreement on the observations cannot reached
D. without mentioning the observations
E. None of the choices
View answer
Correct Answer: ABCD
Question #114
What supports data transmission through split cable facilities or duplicate cable facilities?
A. Diverse routing
B. Dual routing
C. Alternate routing
D. Redundant routing
View answer
Correct Answer: B
Question #115
After an IS auditor has identified threats and potential impacts, the auditor should:
A. Identify and evaluate the existing controls
B. Conduct a business impact analysis (BIA)
C. Report on existing controls
D. Propose new controls
View answer
Correct Answer: D
Question #116
During an audit, an IS auditor notes that an organization's business continuity plan (BCP) does not adequately address information confidentiality during a recovery process. The IS auditor should recommend that the plan be modified to include:
A. the level of information security required when business recovery procedures are invoked
B. information security roles and responsibilities in the crisis management structure
C. information security resource requirements
D. change management procedures for information security that could affect business continuity arrangements
View answer
Correct Answer: C
Question #117
Which of the following transmission media would NOT be affected by cross talk or interference?
A. Copper cable
B. Radio System
C. Satellite radio link
D. Fiber optic cables
View answer
Correct Answer: D
Question #118
While evaluating logical access control the IS auditor should follow all of the steps mentioned below EXCEPT one? 1. Obtain general understanding of security risk facing information processing, through a review of relevant documentation, inquiry and observation,etc 2. Document and evaluate controls over potential access paths into the system to assess their adequacy, efficiency and effectiveness 3. Test Control over access paths to determine whether they are functioning and effective by applying appropriate
A. 2
B. 3
C. 1
D. 6
View answer
Correct Answer: A
Question #119
Applying a retention date on a file will ensure that:
A. data cannot be read until the date is set
B. data will not be deleted before that date
C. backup copies are not retained after that date
D. datasets having the same name are differentiated
View answer
Correct Answer: B
Question #120
Back Orifice is an example of:
A. a virus
B. a legitimate remote control software
C. a backdoor that takes the form of an installed program
D. an eavesdropper
E. None of the choices
View answer
Correct Answer: A
Question #121
Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital?
A. Multiplexer
B. Modem
C. Protocol converter
D. Concentrator
View answer
Correct Answer: A
Question #122
Which of the following audit is mainly designed to evaluate the internal control structure in a given process or area?
A. Compliance Audit
B. Financial Audit
C. Operational Audit
D. Forensic audit
View answer
Correct Answer: C
Question #123
Who should be responsible for network security operations?
A. Business unit managers
B. Security administrators
C. Network administrators
D. IS auditors
View answer
Correct Answer: B
Question #124
How does the digital envelop work? What are the correct steps to follow?
A. You encrypt the data using a session key and then encrypt session key using private key of a sender
B. You encrypt the data using the session key and then you encrypt the session key using sender's public key
C. You encrypt the data using the session key and then you encrypt the session key using the receiver's public key
D. You encrypt the data using the session key and then you encrypt the session key using the receiver's private key
View answer
Correct Answer: A
Question #125
Which key is used by the sender of a message to create a digital signature for the message being sent?
A. Sender's public key
B. Sender's private key
C. Receiver's public key
D. Receiver's private key
View answer
Correct Answer: B
Question #126
An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
A. adequate fire insurance exists
B. regular hardware maintenance is performed
C. offsite storage of transaction and master files exists
D. backup processing facilities are tested fully
View answer
Correct Answer: A
Question #127
In-house personnel performing IS audits should possess which of the following knowledge and/or skills (Choose two.):
A. information systems knowledge commensurate with the scope of the IT environment in question
B. sufficient analytical skills to determine root cause of deficiencies in question
C. sufficient knowledge on secure system coding
D. sufficient knowledge on secure platform development
E. information systems knowledge commensurate outside of the scope of the IT environment in question
View answer
Correct Answer: A
Question #128
Which of the following is a ITU-T standard protocol suite for packet switched wide area network communication?
A. Point-to-point protocol
B. X
C. Frame Relay
D. ISDN
View answer
Correct Answer: C
Question #129
Who is responsible for providing technical support for the hardware and software environment by developing, installing and operating the requested system?
A. System Development Management
B. Quality Assurance
C. User Management
D. Senior Management
View answer
Correct Answer: A
Question #130
Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them?
A. Overwriting the tapes
B. initializing the tape labels
C. Degaussing the tapes
D. Erasing the tapes
View answer
Correct Answer: D
Question #131
Access rules normally are included in which of the following documentation categories?
A. Technical reference documentation
B. User manuals
C. Functional design specifications
D. System development methodology documents
View answer
Correct Answer: B
Question #132
Which of the following component of an expert system allows the expert to enter knowledge into the system without the traditional mediation of a software engineer?
A. Decision tree
B. Rules
C. Semantic nets
D. Knowledge interface
View answer
Correct Answer: D
Question #133
The use of statistical sampling procedures helps minimize:
A. Detection risk
B. Business risk
C. Controls risk
D. Compliance risk
View answer
Correct Answer: C
Question #134
A source code repository should be designed to:
A. provide automatic incorporation and distribution of modified code
B. prevent changes from being incorporated into existing code
C. provide secure versioning and backup capabilities for existing code
D. prevent developers from accessing secure source code
View answer
Correct Answer: A
Question #135
Digital signatures require the sender to "sign" the data by encrypting the data with the sender's public key, to then be decrypted by the recipient using the recipient's private key. True or false?
A. False
B. True
View answer
Correct Answer: B
Question #136
When should an application-level edit check to verify that availability of funds was completed at the electronic funds transfer (EFT) interface?
A. Before transaction completion
B. Immediately after an EFT is initiated
C. During run-to-run total testing
D. Before an EFT is initiated
View answer
Correct Answer: A
Question #137
In a small organization, developers may release emergency changes directly to production. Which of the following will BEST control the risk in this situation?
A. Approve and document the change the next business day
B. Limit developer access to production to a specific timeframe
C. Obtain secondary approval before releasing to production
D. Disable the compiler option in the production machine
View answer
Correct Answer: A
Question #138
Which of the following type of testing validate functioning of the application under test with other system, where a set of data is transferred from one system to another?
A. Interface testing
B. Unit Testing
C. System Testing
D. Final acceptance testing
View answer
Correct Answer: A
Question #139
You are part of a security staff at a highly profitable bank and each day, all traffic on the network is logged for later review. Every Friday when major deposits are made you're seeing a series of bits placed in the "Urgent Pointer" field of a TCP packet. This is only 16 bits which isn't much but it concerns you because:
A. This could be a sign of covert channeling in bank network communications and should be investigated
B. It could be a sign of a damaged network cable causing the issue
C. It could be a symptom of malfunctioning network card or drivers and the source system should be checked for the problem
D. It is normal traffic because sometimes the previous fields 16-bit checksum value can over run into the urgent pointer's 16-bit field causing the condition
View answer
Correct Answer: A
Question #140
Codes from exploit programs are frequently reused in:
A. trojan horses only
B. computer viruses only
C. OS patchers
D. eavedroppers
E. trojan horses and computer viruses
F. None of the choices
View answer
Correct Answer: A
Question #141
Which of the following statement correctly describes the difference between IPSec and SSH protocols?
A. IPSec works at the transport layer where as SSH works at the network layer of an OSI Model
B. IPSec works at the network layer where as SSH works at the application layer of an OSI Model
C. IPSec works at the network layer and SSH works at the transport layer of an OSI Model
D. IPSec works at the transport layer and SSH works at the network layer of an OSI Model
View answer
Correct Answer: C
Question #142
Which of the following is NOT a component of IPSec?
A. Authentication Header
B. Encapsulating Security Payload
C. Key Distribution Center
D. Internet Key Exchange
View answer
Correct Answer: B
Question #143
Which of the following statement INCORRECTLY describes network device such as a Router?
A. Router creates a new header for each packet
B. Router builds a routing table based on MAC address
C. Router does not forward broadcast packet
D. Router assigns a different network address per port
View answer
Correct Answer: B
Question #144
Ensuring that security and control policies support business and IT objectives is a primary objective of:
A. An IT security policies audit
B. A processing audit
C. A software audit
D. A vulnerability assessment
View answer
Correct Answer: B
Question #145
Which of the following control fixes a component or system after an incident has occurred?
A. Deterrent
B. Preventive
C. Corrective
D. Recovery
View answer
Correct Answer: C
Question #146
Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to ecommerce?
A. Registration authority
B. Certificate authority (CA)
C. Certification relocation list
D. Certification practice statement
View answer
Correct Answer: B
Question #147
Which of the following characteristics pertaining to databases is not true?
A. A data model should exist and all entities should have a significant name
B. Justifications must exist for normalized data
C. No NULLs should be allowed for primary keys
D. All relations must have a specific cardinality
View answer
Correct Answer: B
Question #148
You should keep all computer rooms at reasonable temperatures, which is in between (choose all that apply):
A. 60 - 75 degrees Fahrenheit
B. 10 - 25 degrees Celsius
C. 30 - 45 degrees Fahrenheit
D. 1 - 15 degrees Celsius
E. 20 - 35 degrees Fahrenheit
F. 0 - 5 degrees Celsius
View answer
Correct Answer: ABCD
Question #149
Which of the following audit mainly focuses on discovering and disclosing on frauds and crimes?
A. Compliance Audit
B. Financial Audit
C. Integrated Audit
D. Forensic audit
View answer
Correct Answer: D
Question #150
A certificate authority (CA) can delegate the processes of:
A. revocation and suspension of a subscriber's certificate
B. generation and distribution of the CA public key
C. establishing a link between the requesting entity and its public key
D. issuing and distributing subscriber certificates
View answer
Correct Answer: A
Question #151
Which of the following is the MOST critical step in planning an audit?
A. Implementing a prescribed auditing framework such as COBIT
B. Identifying current controls
C. Identifying high-risk audit targets
D. Testing controls
View answer
Correct Answer: A
Question #152
Which of the following is the most important benefit of control self-assessment (CSA)?
A. CSA is a policy/rule driven
B. In CSA approach, risk is identified sooner
C. CSA requires limited employee participations
D. In CSA, resources are being used in an effective manner
View answer
Correct Answer: B
Question #153
Which of the following methods of providing telecommunications continuity involves the use of an alternative media?
A. Alternative routing
B. Diverse routing
C. Long haul network diversity
D. Last mile circuit protection
View answer
Correct Answer: A
Question #154
Which of the following audit tools is MOST useful to an IS auditor when an audit trail is required?
A. Integrated test facility (ITF)
B. Continuous and intermittent simulation (CIS)
C. Audit hooks
D. Snapshots
View answer
Correct Answer: A
Question #155
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the:
A. hardware is protected against power surges
B. integrity is maintained if the main power is interrupted
C. immediate power will be available if the main power is lost
D. hardware is protected against long-term power fluctuations
View answer
Correct Answer: A
Question #156
Which of the following E-commerce model covers all the transactions between companies and government organization?
A. B-to-C relationships
B. B-to-B relationships
C. B-to-E relationships
D. B-to-G relationships
View answer
Correct Answer: B
Question #157
Which of the following is MOST critical when creating data for testing the logic in a new or modified application system?
A. A sufficient quantity of data for each test case
B. Data representing conditions that are expected in actual processing
C. Completing the test on schedule
D. A random sample of actual data
View answer
Correct Answer: B
Question #158
One of the purposes of library control software is to allow:
A. programmers access to production source and object libraries
B. batch program updating
C. operators to update the control library with the production version before testing is completed
D. read-only access to source code
View answer
Correct Answer: D
Question #159
Which of the following types of firewalls would BEST protect a network from an Internet attack?
A. Screened subnet firewall
B. Application filtering gateway
C. Packet filtering router
D. Circuit-level gateway
View answer
Correct Answer: B
Question #160
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project?
A. Evaluate the efficiency of resource utilization
B. Develop audit programs for subsequent audits of the system
C. Evaluate the selection of hardware to be used by the system
D. Ensure that adequate controls are built into the system during development
View answer
Correct Answer: A
Question #161
Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
A. Check digit
B. Existence check
C. Completeness check
D. Reasonableness check
View answer
Correct Answer: D
Question #162
An IS auditor performing a review of an application's controls would evaluate the:
A. efficiency of the application in meeting the business processes
B. impact of any exposures discovered
C. business processes served by the application
D. the application's optimization
View answer
Correct Answer: A
Question #163
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:
A. database integrity checks
B. validation checks
C. input controls
D. database commits and rollbacks
View answer
Correct Answer: A
Question #164
An organization has created a policy that defines the types of web sites that users are forbidden to access. What is the MOST effective technology to enforce this policy?
A. Stateful inspection firewall
B. Web content filter
C. Web cache server
D. Section: Protection of Information Assets Proxy server
View answer
Correct Answer: A
Question #165
A computer system is no more secure than the human systems responsible for its operation. Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them. zombie computers are being HEAVILY relied upon on by which of the following types of attack?
A. Eavedropping
B. DoS
C. DDoS
D. ATP
E. Social Engineering
F. None of the choices
View answer
Correct Answer: B
Question #166
Gimmes often work through:
A. SMS
B. IRC chat
C. email attachment
D. news file download
F. None of the choices
View answer
Correct Answer: ABC
Question #167
As an IS auditor it is very important to understand software release management process. Which of the following software release normally contains small enhancements and fixes?
A. Major software Release
B. Minor software Release
C. Emergency software release
D. General software Release
View answer
Correct Answer: A
Question #168
Network Data Management Protocol (NDMP) technology should be used for backup if:
A. a network attached storage (NAS) appliance is required
B. the use of TCP/I P must be avoided
C. file permissions that can not be handled by legacy backup systems must be backed up
D. backup consistency over several related data volumes must be ensured
View answer
Correct Answer: C
Question #169
Which of the following statement INCORRECTLY describes the traditional audit approach in comparison to the Control self-assessment approach?
A. In traditional approach, Staffs at all level, in all functions, are the primary control analyst
B. Traditional approach assigns duties/supervises staff
C. Traditional approach is a policy driven approach
D. Traditional approach requires limited employee participations
View answer
Correct Answer: A
Question #170
Which of the following insurance types provide for a loss arising from fraudulent acts by employees?
A. Business interruption
B. Fidelity coverage
C. Errors and omissions
D. Extra expense
View answer
Correct Answer: C
Question #171
What is wrong with a Black Box type of intrusion detection system?
A. you cannot patch it
B. you cannot test it
C. you cannot examine its internal workings from outside
D. you cannot tune it
E. None of the choices
View answer
Correct Answer: B
Question #172
Which of the following control is intended to discourage a potential attacker?
A. Deterrent
B. Preventive
C. Corrective
D. Recovery
View answer
Correct Answer: A
Question #173
What kind of testing should programmers perform following any changes to an application or system?
A. Unit, module, and full regression testing
B. Module testing
C. Unit testing
D. Regression testing
View answer
Correct Answer: C
Question #174
A small startup organization does not have the resources to implement segregation of duties. Which of the following would be the MOST effective compensating control?
A. Rotation of log monitoring and analysis responsibilities
B. Additional management reviews and reconciliations
C. Third-party assessments
D. Mandatory vacations
View answer
Correct Answer: C
Question #175
Well-written risk assessment guidelines for IS auditing should specify which of the following elements at the least (Choose four.)
A. A maximum length for audit cycles
B. The timing of risk assessments
C. Documentation requirements
D. Guidelines for handling special cases
E. None of the choices
View answer
Correct Answer: A
Question #176
Which of the following physical access controls would provide the highest degree of security over unauthorized access?
A. Bolting door lock
B. Cipher lock
C. Electronic door lock
D. Fingerprint scanner
View answer
Correct Answer: A
Question #177
Which of the following data validation edits is effective in detecting transposition and transcription errors?
A. Range check
B. Check digit
C. Validity check
D. Duplicate check
View answer
Correct Answer: A
Question #178
ISO 9126 is a standard to assist in evaluating the quality of a product. Which of the following is defined as a set of attributes that bear on the existence of a set of functions and their specified properties?
A. Reliability
B. Usability
C. Functionality
D. Maintainability
View answer
Correct Answer: B
Question #179
During what process should router access control lists be reviewed?
A. Environmental review
B. Network security review
C. Business continuity review
D. Data integrity review
View answer
Correct Answer: C
Question #180
IS management has decided to rewrite a legacy customer relations system using fourth-generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs?
A. Inadequate screen/report design facilities
B. Complex programming language subsets
C. Lack of portability across operating systems
D. Inability to perform data intensive operations
View answer
Correct Answer: D
Question #181
Which of the following function in traditional EDI translate data between the standard format and trading partner's propriety format?
A. Communication handler
B. Application Interface
C. Application System
D. EDI Translator
View answer
Correct Answer: B
Question #182
A hard disk containing confidential data was damaged beyond repair. What should be done to the hard disk to prevent access to the data residing on it?
A. Rewrite the hard disk with random Os and Is
B. Low-level format the hard disk
C. Demagnetize the hard disk
D. Physically destroy the hard disk
View answer
Correct Answer: C
Question #183
Sam is the security Manager of a financial institute. Senior management has requested he performs a risk analysis on all critical vulnerabilities reported by an IS auditor. After completing the risk analysis, Sam has observed that for a few of the risks, the cost benefit analysis shows that risk mitigation cost (countermeasures, controls, or safeguard) is more than the potential lost that could be incurred. What kind of a strategy should Sam recommend to the senior management to treat these risks?
A. Risk Mitigation
B. Risk Acceptance
C. Risk Avoidance
D. Risk transfer
View answer
Correct Answer: B
Question #184
A major portion of what is required to address nonrepudiation is accomplished through the use of:
A. strong methods for authentication and ensuring data validity
B. strong methods for authentication and ensuring data integrity
C. strong methods for authorization and ensuring data integrity
D. strong methods for authentication and ensuring data reliability
View answer
Correct Answer: A
Question #185
Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when:
A. a firewall exists
B. a secure web connection is used
C. the source of the executable is certain
D. the host website is part of your organization
View answer
Correct Answer: A
Question #186
An IS auditor has been asked to audit a complex system with computerized and manual elements. Which of the following should be identified FIRST?
A. Manual controls
B. System risks
C. Programmed controls
D. Input validation
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.