DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Boost Your ISACA Exam Preparation with CISA Practice Tests

Preparing for the ISACA Certified Information Systems Auditor (CISA) exam can be a daunting task, but with the right exam resources and study materials, you can increase your chances of passing successfully. SPOTO offers a comprehensive collection of CISA exam questions and answers, test questions, mock exams, and exam preparation resources tailored to the CISA exam objectives. These resources are designed to simulate the real exam environment, providing you with a realistic experience and boosting your confidence. With SPOTO's CISA exam questions, you can identify areas where you need further study and practice, ensuring you have the knowledge and skills necessary to audit, control, monitor, and assess an organization's IT and business systems effectively. By leveraging these exam resources and practicing with mock exams, you can effectively prepare and increase your chances of passing the CISA certification exam on your first attempt. Certified Information Systems Auditor® (CISA®) is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization's IT and business systems. If you are a mid-career professional, CISA can showcase your expertise and assert your ability to apply a risk-based approach to planning, executing and reporting on audit engagements.
Take other online exams

Question #1
Secure code reviews as part of a continuous deployment program are which type of control?
A. Detective
B. Logical
C. Preventive
D. Corrective
View answer
Correct Answer: C
Question #2
In an environment that automatically reports all program changes, which of the following is the MOST efficient way to detect unauthorized changes to production programs?
A. Reviewing the last compile date of production programs
B. Manually comparing code in production programs to controlled copies
C. Periodically running and reviewing test data against production programs
D. Verifying user management approval of modifications
View answer
Correct Answer: A
Question #3
Which task should an IS auditor complete FIRST during the preliminary planning phase of a database security review?
A. Perform a business impact analysis (BIA)
B. Determine which databases will be in scope
C. Identify the most critical database controls
D. Evaluate the types of databases being used
View answer
Correct Answer: B
Question #4
When planning an audit to assess application controls of a cloud-based system, it is MOST important tor the IS auditor to understand the.
A. architecture and cloud environment of the system
B. business process supported by the system
C. policies and procedures of the business area being audited
D. availability reports associated with the cloud-based system
View answer
Correct Answer: B
Question #5
Which of the following MOST effectively minimizes downtime during system conversions?
A. Phased approach
B. Direct cutover
C. Pilot study
D. Parallel run
View answer
Correct Answer: D
Question #6
What should an IS auditor do FIRST upon discovering that a service provider did not notify its customers of a security breach?
A. Notify law enforcement of the finding
B. Require the third party to notify customers
C. The audit report with a significant finding
D. Notify audit management of the finding
View answer
Correct Answer: C
Question #7
The PRIMARY objective of value delivery in reference to IT governance is to:
A. promote best practices
B. increase efficiency
C. optimize investments
D. ensure compliance
View answer
Correct Answer: C
Question #8
Coding standards provide which of the following?
A. Program documentation
B. Access control tables
C. Data flow diagrams
D. Field naming conventions
View answer
Correct Answer: D
Question #9
Which of the following BEST guards against the risk of attack by hackers?
A. Tunneling
B. Encryption
C. Message validation
D. Firewalls
View answer
Correct Answer: B
Question #10
An IS auditor plans to review all access attempts to a video-monitored and proximity card-controlled communications room.Which of the following would be MOST useful to the auditor?
A. Manual sign-in and sign-out log
B. System electronic log
C. Alarm system with CCTV
D. Security incident log
View answer
Correct Answer: A
Question #11
In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:
A. hire another person to perform migration to production
B. implement continuous monitoring controls
C. remove production access from the developers
D. perform a user access review for the development team
View answer
Correct Answer: C
Question #12
An IS auditor Is reviewing a recent security incident and is seeking information about me approval of a recent modification to a database system's security settings Where would the auditor MOST likely find this information?
A. System event correlation report
B. Database log
C. Change log
D. Security incident and event management (SIEM) report
View answer
Correct Answer: C
Question #13
Which of the following is the MOST effective way for an organization to project against data loss?
A. Limit employee internet access
B. Implement data classification procedures
C. Review firewall logs for anomalies
D. Conduct periodic security awareness training
View answer
Correct Answer: B
Question #14
The IS auditor has recommended that management test a new system before using it in production mode. The BEST approach for management in developing a test plan is to use processing parameters that are:
A. randomly selected by a test generator
B. provided by the vendor of the application
C. randomly selected by the user
D. simulated by production entities and customers
View answer
Correct Answer: D
Question #15
From an IS auditor's perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?
A. Inability to close unused ports on critical servers
B. Inability to identify unused licenses within the organization
C. Inability to deploy updated security patches
D. Inability to determine the cost of deployed software
View answer
Correct Answer: C
Question #16
Which of the following IT service management activities is MOST likely to help with identifying the root cause of repeated instances of network latency?
A. Change management
B. Problem management
C. incident management
D. Configuration management
View answer
Correct Answer: C
Question #17
In an online application, which of the following would provide the MOST information about the transaction audit trail?
A. System/process flowchart
B. File layouts
C. Data architecture
D. Source code documentation
View answer
Correct Answer: C
Question #18
Which of the following is the PRIMARY advantage of using visualization technology for corporate applications?
A. Improved disaster recovery
B. Better utilization of resources
C. Stronger data security
D. Increased application performance
View answer
Correct Answer: A
Question #19
Which of the following would BEST facilitate the successful implementation of an IT-related framework?
A. Aligning the framework to industry best practices
B. Establishing committees to support and oversee framework activities
C. Involving appropriate business representation within the framework
D. Documenting IT-related policies and procedures
View answer
Correct Answer: C
Question #20
An organization recently implemented a cloud document storage solution and removed the ability for end users to save data to their local workstation hard drives.Which of the following findings should be the IS auditor's GREATEST concern?
A. Users are not required to sign updated acceptable use agreements
B. Users have not been trained on the new system
C. The business continuity plan (BCP) was not updated
D. Mobile devices are not encrypted
View answer
Correct Answer: C
Question #21
An information systems security officer's PRIMARY responsibility for business process applications is to:
A. authorize secured emergency access
B. approve the organization's security policy
C. ensure access rules agree with policies
D. create role-based rules for each business process
View answer
Correct Answer: D
Question #22
Which of the following is MOST important for an IS auditor to do during an exit meeting with an auditee?
A. Ensure that the facts presented in the report are correct
B. Communicate the recommendations lo senior management
C. Specify implementation dates for the recommendations
D. Request input in determining corrective action
View answer
Correct Answer: A
Question #23
Which of the following should an IS auditor recommend as a PRIMARY area of focus when an organization decides to outsource technical support for its external customers?
A. Align service level agreements (SLAs) with current needs
B. Monitor customer satisfaction with the change
C. Minimize costs related to the third-party agreement
D. Ensure right to audit is included within the contract
View answer
Correct Answer: A
Question #24
An internal audit department recently established a quality assurance (QA) program.Which of the following activities Is MOST important to include as part of the QA program requirements?
A. Long-term Internal audit resource planning
B. Ongoing monitoring of the audit activities
C. Analysis of user satisfaction reports from business lines
D. Feedback from Internal audit staff
View answer
Correct Answer: C
Question #25
The waterfall life cycle model of software development is BEST suited for which of the following situations?
A. The protect requirements are wall understood
B. The project is subject to time pressures
C. The project intends to apply an object-oriented design approach
D. The project will involve the use of new technology
View answer
Correct Answer: C
Question #26
An IS auditor finds a high-risk vulnerability in a public-facing web server used to process online customer payments. The IS auditor should FIRST
A. document the exception in an audit report
B. review security incident reports
C. identify compensating controls
D. notify the audit committee
View answer
Correct Answer: C
Question #27
An IS auditor is analyzing a sample of accesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found Which sampling method would be appropriate?
A. Discovery sampling
B. Judgmental sampling
C. Variable sampling
D. Stratified sampling
View answer
Correct Answer: A
Question #28
A manager Identifies active privileged accounts belonging to staff who have left the organization.Which of the following is the threat actor In this scenario?
A. Terminated staff
B. Unauthorized access
C. Deleted log data
D. Hacktivists
View answer
Correct Answer: A
Question #29
Which of the following is the MAIN purpose of an information security management system?
A. To identify and eliminate the root causes of information security incidents
B. To enhance the impact of reports used to monitor information security incidents
C. To keep information security policies and procedures up-to-date
D. To reduce the frequency and impact of information security incidents
View answer
Correct Answer: D
Question #30
Which of the following is the BEST reason for an organization to use clustering?
A. To decrease system response time
B. To Improve the recovery lime objective (RTO)
C. To facilitate faster backups
D. To improve system resiliency
View answer
Correct Answer: B
Question #31
Due to a recent business divestiture, an organization has limited IT resources to deliver critical projects Reviewing the IT staffing plan against which of the following would BEST guide IT management when estimating resource requirements for future projects?
A. Human resources (HR) sourcing strategy
B. Records of actual time spent on projects
C. Peer organization staffing benchmarks
D. Budgeted forecast for the next financial year
View answer
Correct Answer: D
Question #32
An IS auditor reviewing the threat assessment tor a data center would be MOST concerned if:
A. some of the identified throats are unlikely to occur
B. all identified throats relate to external entities
C. the exercise was completed by local management
D. neighboring organizations operations have been included
View answer
Correct Answer: C
Question #33
Which audit approach is MOST helpful in optimizing the use of IS audit resources?
A. Agile auditing
B. Continuous auditing
C. Outsourced auditing
D. Risk-based auditing
View answer
Correct Answer: D
Question #34
The IS quality assurance (OA) group is responsible for:
A. ensuring that program changes adhere to established standards
B. designing procedures to protect data against accidental disclosure
C. ensuring that the output received from system processing is complete
D. monitoring the execution of computer processing tasks
View answer
Correct Answer: A
Question #35
Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?
A. Alignment with the IT tactical plan
B. IT steering committee minutes
C. Compliance with industry best practice
D. Business objectives
View answer
Correct Answer: D
Question #36
Due to limited storage capacity, an organization has decided to reduce the actual retention period for media containing completed low-value transactions.Which of the following is MOST important for the organization to ensure?
A. The policy includes a strong risk-based approach
B. The retention period allows for review during the year-end audit
C. The total transaction amount has no impact on financial reporting
D. The retention period complies with data owner responsibilities
View answer
Correct Answer: D
Question #37
Which of the following occurs during the issues management process for a system development project?
A. Contingency planning
B. Configuration management
C. Help desk management
D. Impact assessment
View answer
Correct Answer: D
Question #38
Which of the following would MOST effectively ensure the integrity of data transmitted over a network?
A. Message encryption
B. Certificate authority (CA)
C. Steganography
D. Message digest
View answer
Correct Answer: D
Question #39
During an ongoing audit, management requests a briefing on the findings to date.Which of the following is the IS auditor's BEST course of action?
A. Review working papers with the auditee
B. Request the auditee provide management responses
C. Request management wait until a final report is ready for discussion
D. Present observations for discussion only
View answer
Correct Answer: D
Question #40
The performance, risks, and capabilities of an IT infrastructure are BEST measured using a:
A. risk management review
B. control self-assessment (CSA)
C. service level agreement (SLA)
D. balanced scorecard
View answer
Correct Answer: B
Question #41
During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?
A. Conduct a walk-through to view results of an employee plugging in a device to transfer confidential data
B. Review compliance with data loss and applicable mobile device user acceptance policies
C. Verify the data loss prevention (DLP) tool is properly configured by the organization
D. Verify employees have received appropriate mobile device security awareness training
View answer
Correct Answer: B
Question #42
An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that
A. security parameters are set in accordance with the manufacturer s standards
B. a detailed business case was formally approved prior to the purchase
C. security parameters are set in accordance with the organization's policies
D. the procurement project invited lenders from at least three different suppliers
View answer
Correct Answer: C
Question #43
The due date of an audit project is approaching, and the audit manager has determined that only 60% of the audit has been completed.Which of the following should the audit manager do FIRST?
A. Determine where delays have occurred
B. Assign additional resources to supplement the audit
C. Escalate to the audit committee
D. Extend the audit deadline
View answer
Correct Answer: A
Question #44
A proper audit trail of changes to server start-up procedures would include evidence of:
A. subsystem structure
B. program execution
C. security control options
D. operator overrides
View answer
Correct Answer: D
Question #45
Which of the following is the MOST important reason to classify a disaster recovery plan (DRP) as confidential?
A. Ensure compliance with the data classification policy
B. Protect the plan from unauthorized alteration
C. Comply with business continuity best practice
D. Reduce the risk of data leakage that could lead to an attack
View answer
Correct Answer: D
Question #46
A warehouse employee of a retail company has been able to conceal the theft of inventory items by entering adjustments of either damaged or lost stock items lo the inventory system.Which control would have BEST prevented this type of fraud in a retail environment?
A. Separate authorization for input of transactions
B. Statistical sampling of adjustment transactions
C. Unscheduled audits of lost stock lines
D. An edit check for the validity of the inventory transaction
View answer
Correct Answer: A
Question #47
An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit.Which of the following should be the auditor's NEXT course of action?
A. Evaluate the appropriateness of the remedial action taken
B. Conduct a risk analysis incorporating the change
C. Report results of the follow-up to the audit committee
D. Inform senior management of the change in approach
View answer
Correct Answer: A
Question #48
Which of the following is MOST important for an IS auditor to consider when performing the risk assessment poor to an audit engagement?
A. The design of controls
B. Industry standards and best practices
C. The results of the previous audit
D. The amount of time since the previous audit
View answer
Correct Answer: A
Question #49
Which of the following would BEST ensure that a backup copy is available for restoration of mission critical data after a disaster''
A. Use an electronic vault for incremental backups
B. Deploy a fully automated backup maintenance system
C. Periodically test backups stored in a remote location
D. Use both tape and disk backup systems
View answer
Correct Answer: C
Question #50
Which of the following BEST enables the effectiveness of an agile project for the rapid development of a new software application?
A. Project segments are established
B. The work is separated into phases
C. The work is separated into sprints
D. Project milestones are created
View answer
Correct Answer: D
Question #51
IT disaster recovery time objectives (RTOs) should be based on the:
A. maximum tolerable loss of data
B. nature of the outage
C. maximum tolerable downtime (MTD)
D. business-defined criticality of the systems
View answer
Correct Answer: D
Question #52
in a controlled application development environment the MOST important segregation of duties should be between the person who implements changes into the production environment and the:
A. application programmer
B. systems programmer
C. computer operator
D. quality assurance (QA) personnel
View answer
Correct Answer: A
Question #53
Which of the following provides the MOST reliable audit evidence on the validity of transactions in a financial application?
A. Walk-through reviews
B. Substantive testing
C. Compliance testing
D. Design documentation reviews
View answer
Correct Answer: B
Question #54
Which of the following would be an IS auditor's GREATEST concern when reviewing the early stages of a software development project?
A. The lack of technical documentation to support the program code
B. The lack of completion of all requirements at the end of each sprint
C. The lack of acceptance criteria behind user requirements
D. The lack of a detailed unit and system test plan
View answer
Correct Answer: C
Question #55
Which of the following should be of GREATEST concern to an IS auditor reviewing a network printer disposal process?
A. Disposal policies and procedures are not consistently implemented
B. Evidence is not available to verify printer hard drives have been sanitized prior to disposal
C. Business units are allowed to dispose printers directly to
D. Inoperable printers are stored in an unsecured area
View answer
Correct Answer: B
Question #56
Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?
A. Configure a single server as a primary authentication server and a second server as a secondary authentication server
B. Configure each authentication server as belonging to a cluster of authentication servers
C. Configure each authentication server and ensure that each disk of its RAID is attached to the primary controller
D. Configure each authentication server and ensure that the disks of each server form part of a duplex
View answer
Correct Answer: B
Question #57
An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor's BEST recommendation would be to:
A. establish criteria for reviewing alerts
B. recruit more monitoring personnel
C. reduce the firewall rules
D. fine tune the intrusion detection system (IDS)
View answer
Correct Answer: D
Question #58
An IS auditor discovers that an IT organization serving several business units assigns equal priority to all initiatives, creating a risk of delays in securing project funding Which of the following would be MOST helpful in matching demand for projects and services with available resources in a way that supports business objectives?
A. Project management
B. Risk assessment results
C. IT governance framework
D. Portfolio management
View answer
Correct Answer: A
Question #59
Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system.Which of the following is the IS auditor's BEST recommendation for a compensating control?
A. Require written authorization for all payment transactions
B. Restrict payment authorization to senior staff members
C. Reconcile payment transactions with invoices
D. Review payment transaction history
View answer
Correct Answer: A
Question #60
Which of the following should an IS auditor consider the MOST significant risk associated with a new health records system that replaces a legacy system?
A. Staff were not involved in the procurement process, creating user resistance to the new system
B. Data is not converted correctly, resulting in inaccurate patient records
C. The deployment project experienced significant overruns, exceeding budget projections
D. The new system has capacity issues, leading to slow response times for users
View answer
Correct Answer: B
Question #61
Which of the following is a social engineering attack method?
A. An employee is induced to reveal confidential IP addresses and passwords by answering questions over the phone
B. A hacker walks around an office building using scanning tools to search for a wireless network to gain access
C. An intruder eavesdrops and collects sensitive information flowing through the network and sells it to third parties
D. An unauthorized person attempts to gain access to secure premises by following an authorized person through a secure door
View answer
Correct Answer: A
Question #62
A project team has decided to switch to an agile approach to develop a replacement for an existing business application.Which of the following should an IS auditor do FIRST to ensure the effectiveness of the protect audit?
A. Compare the agile process with previous methodology
B. Identify and assess existing agile process control
C. Understand the specific agile methodology that will be followed
D. Interview business process owners to compile a list of business requirements
View answer
Correct Answer: C
Question #63
When reviewing a data classification scheme, it is MOST important for an IS auditor to determine if.
A. each information asset is to a assigned to a different classification
B. the security criteria are clearly documented for each classification
C. Senior IT managers are identified as information owner
D. the information owner is required to approve access to the asset
View answer
Correct Answer: B
Question #64
To confirm integrity for a hashed message, the receiver should use:
A. he same hashing algorithm as the sender's to create a binary image of the file
B. different hashing algorithm from the sender's to create a numerical representation of the file
C. different hashing algorithm from the sender's to create a binary image of the file
D. he same hashing algorithm as the sender's to create a numerical representation of the file
View answer
Correct Answer: D
Question #65
Which of the following would BEST detect that a distributed denial of service (DDoS) attack is occurring?
A. Customer service complaints
B. Automated monitoring of logs
C. Server crashes
D. Penetration testing
View answer
Correct Answer: A
Question #66
In a 24/7 processing environment, a database contains several privileged application accounts with passwords set to never expire.Which of the following recommendations would BEST address the risk with minimal disruption to the business?
A. Modify applications to no longer require direct access to the database
B. Introduce database access monitoring into the environment
C. Modify the access management policy to make allowances for application accounts
D. Schedule downtime to implement password changes
View answer
Correct Answer: B
Question #67
When auditing the security architecture of an online application, an IS auditor should FIRST review the:
A. firewall standards
B. configuration of the firewall
C. firmware version of the firewall
D. location of the firewall within the network
View answer
Correct Answer: D
Question #68
The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:
A. is more effective at suppressing flames
B. allows more time to abort release of the suppressant
C. has a decreased risk of leakage
D. disperses dry chemical suppressants exclusively
View answer
Correct Answer: C
Question #69
During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS).Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?
A. Sampling risk
B. Detection risk
C. Control risk
D. Inherent risk
View answer
Correct Answer: B
Question #70
Upon completion of audit work, an IS auditor should:
A. provide a report to senior management prior to discussion with the auditee
B. distribute a summary of general findings to the members of the auditing team
C. provide a report to the auditee stating the initial findings
D. review the working papers with the auditee
View answer
Correct Answer: B
Question #71
The PRIMARY advantage of object-oriented technology is enhanced:
A. efficiency due to the re-use of elements of logic
B. management of sequential program execution for data access
C. grouping of objects into methods for data access
D. management of a restricted variety of data types for a data object
View answer
Correct Answer: C
Question #72
During an external review, an IS auditor observes an inconsistent approach in classifying system criticality within the organization.Which of the following should be recommended as the PRIMARY factor to determine system criticality?
A. Key performance indicators (KPIs)
B. Maximum allowable downtime (MAD)
C. Recovery point objective (RPO)
D. Mean time to restore (MTTR)
View answer
Correct Answer: B
Question #73
Capacity management enables organizations to:
A. forecast technology trends
B. establish the capacity of network communication links
C. identify the extent to which components need to be upgraded
D. determine business transaction volumes
View answer
Correct Answer: D
Question #74
An IS auditor finds that the process for removing access for terminated employees is not documented What is the MOST significant risk from this observation?
A. Procedures may not align with best practices
B. Human resources (HR) records may not match system access
C. Unauthorized access cannot he identified
D. Access rights may not be removed in a timely manner
View answer
Correct Answer: D
Question #75
Which of the following attack techniques will succeed because of an inherent security weakness in an Internet firewall?
A. Phishing
B. Using a dictionary attack of encrypted passwords
C. Intercepting packets and viewing passwords
D. Flooding the site with an excessive number of packets
View answer
Correct Answer: D
Question #76
Which of the following strategies BEST optimizes data storage without compromising data retention practices?
A. Limiting the size of file attachments being sent via email
B. Automatically deleting emails older than one year
C. Moving emails to a virtual email vault after 30 days
D. Allowing employees to store large emails on flash drives
View answer
Correct Answer: A
Question #77
Which of the following would be MOST effective to protect information assets in a data center from theft by a vendor?
A. Monitor and restrict vendor activities
B. Issues an access card to the vendor
C. Conceal data devices and information labels
D. Restrict use of portable and wireless devices
View answer
Correct Answer: A
Question #78
Which of the following BEST indicates the effectiveness of an organization's risk management program?
A. Inherent risk is eliminated
B. Residual risk is minimized
C. Control risk is minimized
D. Overall risk is quantified
View answer
Correct Answer: B
Question #79
An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider.Which of the following would be the BEST way to prevent accepting bad data?
A. Obtain error codes indicating failed data feeds
B. Appoint data quality champions across the organization
C. Purchase data cleansing tools from a reputable vendor
D. Implement business rules to reject invalid data
View answer
Correct Answer: D
Question #80
Which of the following weaknesses would have the GREATEST impact on the effective operation of a perimeter firewall?
A. Use of stateful firewalls with default configuration
B. Ad hoc monitoring of firewall activity
C. Misconfiguration of the firewall rules
D. Potential back doors to the firewall software
View answer
Correct Answer: C
Question #81
An IS auditor is reviewing the release management process for an in-house software development solution. In which environment Is the software version MOST likely to be the same as production?
A. Staging
B. Testing
C. Integration
D. Development
View answer
Correct Answer: B
Question #82
An organization plans to receive an automated data feed into its enterprise data warehouse from a third-party service provider.Which of the following would be the BEST way to prevent accepting bad data?
A. Obtain error codes indicating failed data feeds
B. Purchase data cleansing tools from a reputable vendor
C. Appoint data quality champions across the organization
D. Implement business rules to reject invalid data
View answer
Correct Answer: D
Question #83
To confirm integrity for a hashed message, the receiver should use:
A. the same hashing algorithm as the sender's to create a binary image of the file
B. a different hashing algorithm from the sender's to create a binary image of the file
C. the same hashing algorithm as the sender's to create a numerical representation of the file
D. a different hashing algorithm from the sender's to create a numerical representation of the file
View answer
Correct Answer: A
Question #84
An IS auditor is following up on prior period items and finds management did not address an audit finding.Which of the following should be the IS auditor's NEXT course of action?
A. Note the exception in a new report as the item was not addressed by management
B. Recommend alternative solutions to address the repeat finding
C. Conduct a risk assessment of the repeat finding
D. Interview management to determine why the finding was not addressed
View answer
Correct Answer: D
Question #85
Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?
A. Whether there is explicit permission from regulators to collect personal data
B. The organization's legitimate purpose for collecting personal data
C. Whether sharing of personal information with third-party service providers is prohibited
D. The encryption mechanism selected by the organization for protecting personal data
View answer
Correct Answer: B
Question #86
An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern is that:
A. clear business case has been established
B. he new hardware meets established security standards
C. full, visible audit trail will be included
D. he implementation plan meets user requirements
View answer
Correct Answer: A
Question #87
A review of Internet security disclosed that users have individual user accounts with Internet service providers (ISPs) and use these accounts for downloading business dat
A. The organization wants to ensure that only the corporate network is used
B. use a proxy server to filter out Internet sites that should not be accessed
C. keep a manual log of Internet access
D. monitor remote access activities
E. include a statement in its security policy about Internet use
View answer
Correct Answer: D
Question #88
Which of the following concerns is BEST addressed by securing production source libraries?
A. Programs are not approved before production source libraries are updated
B. Production source and object libraries may not be synchronized
C. Changes are applied to the wrong version of production source libraries
D. Unauthorized changes can be moved into production
View answer
Correct Answer: D
Question #89
Which of the following is the MOST appropriate and effective fire suppression method for an unstaffed computer room?
A. Water sprinkler
B. Fire extinguishers
C. Carbon dioxide (CO2)
D. Dry pipe
View answer
Correct Answer: C
Question #90
An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:
A. violation reports may not be reviewed in a timely manner
B. a significant number of false positive violations may be reported
C. violations may not be categorized according to the organization's risk profile
D. violation reports may not be retained according to the organization's risk profile
View answer
Correct Answer: C
Question #91
Management has requested a post-implementation review of a newly implemented purchasing package to determine to what extent business requirements are being met.Which of the following is MOST likely to be assessed?
A. Purchasing guidelines and policies
B. Implementation methodology
C. Results of line processing
D. Test results
View answer
Correct Answer: D
Question #92
Which of the following would MOST effectively help to reduce the number of repealed incidents in an organization?
A. Testing incident response plans with a wide range of scenarios
B. Prioritizing incidents after impact assessment
C. Linking incidents to problem management activities
D. Training incident management teams on current incident trends
View answer
Correct Answer: C
Question #93
Which of the following would be MOST useful when analyzing computer performance?
A. Statistical metrics measuring capacity utilization
B. Operations report of user dissatisfaction with response time
C. Tuning of system software to optimize resource usage
D. Report of off-peak utilization and response time
View answer
Correct Answer: B
Question #94
What is the GREATEST concern for an IS auditor reviewing contracts for licensed software that executes a critical business process?
A. The contract does not contain a right-to-audit clause
B. An operational level agreement (OLA) was not negotiated
C. Several vendor deliverables missed the commitment date
D. Software escrow was not negotiated
View answer
Correct Answer: D
Question #95
An organization has assigned two now IS auditors to audit a now system implementation. One of the auditors has an IT-related degree, and one has a business degree.Which ol the following is MOST important to meet the IS audit standard for proficiency?
A. The standard is met as long as one member has a globally recognized audit certification
B. Technical co-sourcing must be used to help the new staff
C. Team member assignments must be based on individual competencies
D. The standard is met as long as a supervisor reviews the new auditors' work
View answer
Correct Answer: C
Question #96
An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers.Which of the following should be of GREATEST concern for the IS auditor reviewing this process?
A. An imaging process was used to obtain a copy of the data from each computer
B. The legal department has not been engaged
C. The chain of custody has not been documented
D. Audit was only involved during extraction of the Information
View answer
Correct Answer: C
Question #97
Which of the following is an example of a preventative control in an accounts payable system?
A. The system only allows payments to vendors who are included In the system's master vendor list
B. Backups of the system and its data are performed on a nightly basis and tested periodically
C. The system produces daily payment summary reports that staff use to compare against invoice totals
D. Policies and procedures are clearly communicated to all members of the accounts payable department
View answer
Correct Answer: A
Question #98
Which of the following is MOST important to determine during the planning phase of a cloud-based messaging and collaboration platform acquisition?
A. Role-based access control policies
B. Types of data that can be uploaded to the platform
C. Processes for on-boarding and off-boarding users to the platform
D. Processes for reviewing administrator activity
View answer
Correct Answer: B
Question #99
An organization's security policy mandates that all new employees must receive appropriate security awareness training.Which of the following metrics would BEST assure compliance with this policy?
A. Percentage of new hires that have completed the training
B. Number of new hires who have violated enterprise security policies
C. Number of reported incidents by new hires
D. Percentage of new hires who report incidents
View answer
Correct Answer: C
Question #100
Which of the following is MOST important for an effective control self-assessment (CSA) program?
A. Determining the scope of the assessment
B. Performing detailed test procedures
C. Evaluating changes to the risk environment
D. Understanding the business process
View answer
Correct Answer: D
Question #101
During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective.Which of the following is the auditor's BEST action?
A. Explain to IT management that the new control will be evaluated during follow-up
B. Re-perform the audit before changing the conclusion
C. Change the conclusion based on evidence provided by IT management
D. Add comments about the action taken by IT management in the report
View answer
Correct Answer: B
Question #102
Which of the following should be the IS auditor's PRIMARY focus, when evaluating an organization's offsite storage facility?
A. Shared facilities
B. Adequacy of physical and environmental controls
C. Results of business continuity plan (BCP) test
D. Retention policy and period
View answer
Correct Answer: B
Question #103
Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?
A. Identifying relevant roles for an enterprise IT governance framework
B. Making decisions regarding risk response and monitoring of residual risk
C. Verifying that legal, regulatory, and contractual requirements are being met
D. Providing independent and objective feedback to facilitate improvement of IT processes
View answer
Correct Answer: D
Question #104
Which of the following is MOST important for an IS auditor to verify when evaluating an organization's firewall?
A. Logs are being collected in a separate protected host
B. Automated alerts are being sent when a risk is detected
C. Insider attacks are being controlled
D. Access to configuration files Is restricted
View answer
Correct Answer: A
Question #105
Which of the following business continuity activities prioritizes the recovery of critical functions?
A. Business continuity plan (BCP) testing
B. Business impact analysis (BIA)
C. Disaster recovery plan (DRP) testing
D. Risk assessment
View answer
Correct Answer: B
Question #106
To develop meaningful recommendations 'or findings, which of the following is MOST important 'or an IS auditor to determine and understand?
A. Root cause
B. Responsible party
C. impact
D. Criteria
View answer
Correct Answer: A
Question #107
When implementing Internet Protocol security (IPsec) architecture, the servers involved in application delivery:
A. communicate via Transport Layer Security (TLS),
B. block authorized users from unauthorized activities
C. channel access only through the public-facing firewall
D. channel access through authentication
View answer
Correct Answer: D
Question #108
An IS auditor has been asked to advise on measures to improve IT governance within the organization.Which at the following is the BEST recommendation?
A. Implement key performance indicators (KPIs)
B. Implement annual third-party audits
C. Benchmark organizational performance against industry peers
D. Require executive management to draft IT strategy
View answer
Correct Answer: A
Question #109
Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
A. Number of successful penetration tests
B. Percentage of protected business applications
C. Financial impact per security event
D. Number of security vulnerability patches
View answer
Correct Answer: C
Question #110
An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes.Which of the following recommendations would BEST help to reduce the risk of data leakage?
A. Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees
B. Establishing strong access controls on confidential data
C. Providing education and guidelines to employees on use of social networking sites
D. Monitoring employees' social networking usage
View answer
Correct Answer: C
Question #111
The PRIMARY benefit of information asset classification is that it:
A. prevents loss of assets
B. helps to align organizational objectives
C. facilitates budgeting accuracy
D. enables risk management decisions
View answer
Correct Answer: D
Question #112
Which of the following issues associated with a data center's closed circuit television (CCTV) surveillance cameras should be of MOST concern to an IS auditor?
A. CTV recordings are not regularly reviewed
B. CTV records are deleted after one year
C. CTV footage is not recorded 24 x 7
D. CTV cameras are not installed in break rooms
View answer
Correct Answer: A
Question #113
Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?
A. Balanced scorecard
B. Enterprise dashboard
C. Enterprise architecture (EA)
D. Key performance indicators (KPIs)
View answer
Correct Answer: A
Question #114
An accounting department uses a spreadsheet to calculate sensitive financial transactions.Which of the following is the MOST important control for maintaining the security of data in the spreadsheet?
A. There Is a reconciliation process between the spreadsheet and the finance system
B. A separate copy of the spreadsheet is routinely backed up
C. The spreadsheet is locked down to avoid inadvertent changes
D. Access to the spreadsheet is given only to those who require access
View answer
Correct Answer: D
Question #115
Which of the following is the MOST effective way to maintain network integrity when using mobile devices?
A. Implement network access control
B. Implement outbound firewall rules
C. Perform network reviews
D. Review access control lists
View answer
Correct Answer: A
Question #116
Which of the following is the GREATEST risk associated with storing customer data on a web server?
A. Data availability
B. Data confidentiality
C. Data integrity
D. Data redundancy
View answer
Correct Answer: B
Question #117
IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance.Which of the following controls will MOST effectively compensate for the lack of referential integrity?
A. More frequent data backups
B. Periodic table link checks
C. Concurrent access controls
D. Performance monitoring tools
View answer
Correct Answer: B
Question #118
Which of the following findings should be of GREATEST concern for an IS auditor when auditing the effectiveness of a phishing simulation test administered for staff members?
A. Staff members who failed the test did not receive follow-up education
B. Test results were not communicated to staff members
C. Staff members were not notified about the test beforehand
D. Security awareness training was not provided prior to the test
View answer
Correct Answer: D
Question #119
Which of the following are BEST suited for continuous auditing?
A. Low-value transactions
B. Real-lime transactions
C. Irregular transactions
D. Manual transactions
View answer
Correct Answer: C
Question #120
An IS auditor has been asked to audit the proposed acquisition of new computer hardware. The auditor's PRIMARY concern Is that:
A. the implementation plan meets user requirements
B. a full, visible audit trail will be Included
C. a dear business case has been established
D. the new hardware meets established security standards
View answer
Correct Answer: C
Question #121
During an exit interview, senior management disagrees with some of me facts presented m the draft audit report and wants them removed from the report.Which of the following would be the auditor's BEST course of action?
A. Revise the assessment based on senior management's objections
B. Escalate the issue to audit management
C. Finalize the draft audit report without changes
D. Gather evidence to analyze senior management's objections
View answer
Correct Answer: D
Question #122
Which of the following types of environmental equipment will MOST likely be deployed below the floor tiles of a data center?
A. Temperature sensors
B. Humidity sensors
C. Water sensors
D. Air pressure sensors
View answer
Correct Answer: C
Question #123
Which of the following would BEST demonstrate that an effective disaster recovery plan (DRP) is in place?
A. Frequent testing of backups
B. Annual walk-through testing
C. Periodic risk assessment
D. Full operational test
View answer
Correct Answer: D
Question #124
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
A. Audit cycle defined in the audit plan
B. Complexity of management's action plans
C. Recommendation from executive management
D. Residual risk from the findings of previous audits
View answer
Correct Answer: D
Question #125
Which of the following is the MOST important activity in the data classification process?
A. Labeling the data appropriately
B. Identifying risk associated with the data
C. Determining accountability of data owners
D. Determining the adequacy of privacy controls
View answer
Correct Answer: A
Question #126
Which of the following activities provides an IS auditor with the MOST insight regarding potential single person dependencies that might exist within the organization?
A. Reviewing vacation patterns
B. Reviewing user activity logs
C. Interviewing senior IT management
D. Mapping IT processes to roles
View answer
Correct Answer: D
Question #127
When testing the adequacy of tape backup procedures, which step BEST verifies that regularly scheduled Backups are timely and run to completion?
A. Observing the execution of a daily backup run
B. Evaluating the backup policies and procedures
C. Interviewing key personnel evolved In the backup process
D. Reviewing a sample of system-generated backup logs
View answer
Correct Answer: A
Question #128
An IS auditor is evaluating an organization's IT strategy and plans.Which of the following would be of GREATEST concern?
A. There is not a defined IT security policy
B. The business strategy meeting minutes are not distributed
C. IT is not engaged in business strategic planning
D. There is inadequate documentation of IT strategic planning
View answer
Correct Answer: C
Question #129
An IS auditor reviewing security incident processes realizes incidents are resolved and closed, but root causes are not investigated.Which of the following should be the MAJOR concern with this situation?
A. Abuses by employees have not been reported
B. Lessons learned have not been properly documented
C. vulnerabilities have not been properly addressed
D. Security incident policies are out of date
View answer
Correct Answer: C
Question #130
An IS auditor finds that firewalls are outdated and not supported by vendors.Which of the following should be the auditor's NEXT course of action?
A. Report the mitigating controls
B. Report the security posture of the organization
C. Determine the value of the firewall
D. Determine the risk of not replacing the firewall
View answer
Correct Answer: D
Question #131
The PRIMARY focus of a post-implementation review is to verify that:
A. enterprise architecture (EA) has been complied with
B. user requirements have been met
C. acceptance testing has been properly executed
D. user access controls have been adequately designed
View answer
Correct Answer: B
Question #132
Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?
A. he BCP has not been tested since it was first issued
B. he BCP is not version-controlled
C. he BCP's contact information needs to be updated
D. he BCP has not been approved by senior management
View answer
Correct Answer: A
Question #133
A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification.Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?
A. Include the requirement in the incident management response plan
B. Establish key performance indicators (KPIs) for timely identification of security incidents
C. Enhance the alert functionality of the intrusion detection system (IDS)
D. Engage an external security incident response expert for incident handling
View answer
Correct Answer: A
Question #134
When verifying the accuracy and completeness of migrated data for a new application system replacing a legacy system. It is MOST effective for an IS auditor to review;
A. data analytics findings
B. audit trails
C. acceptance lasting results
D. rollback plans
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: