DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your CISA Exam Prep: CISA Study Materials, Certified Information Systems Auditor | SPOTO

Looking to excel in your CISA exam prep? SPOTO offers comprehensive study materials and mock tests to help you succeed as a Certified Information Systems Auditor (CISA). Utilizing mock tests is a proven strategy to enhance your preparation for certification exams.Mock exams provide a realistic exam experience, allowing you to practice with exam questions and sample questions under timed conditions. This practice helps you become familiar with the exam format, improve your speed and accuracy in answering questions, and identify areas that require further study.With SPOTO's exam materials, including practice tests, exam dumps, and exam simulators, you can strengthen your knowledge and confidence. Take advantage of mock exams to refine your exam strategy, assess your readiness, and maximize your chances of passing the CISA exam with flying colors.

Take other online exams
Question #1
Which of the following BEST helps to identify errors during data transfer?
A. Decrease the size of data transfer packets
B. Test the integrity of the data transfer
C. Review and verify the data transfer sequence numbers
D. Enable a logging process for data transfer
View answer
Correct Answer: B
Question #2
Which of the following ensures a sender's authenticity and an e-mail's confidentiality?
A. Encrypting the hash of the message with the sender's private key and thereafter encrypting the hash of the message with the receiver's public key
B. The sender digitally signing the message and thereafter encrypting the hash of the message with the sender's private key
C. Encrypting the hash of the message with the sender's private key and thereafter encrypting the message with the receiver's public key
D. Encrypting the message with the sender's private key and encrypting the message hash with the receiver's public key
View answer
Correct Answer: B
Question #3
The FIRST step in data classification is to:
A. establish ownership
B. perform a criticality analysis
C. define access rules
D. create a data dictionary
View answer
Correct Answer: D
Question #4
For several years, a vendor has been providing offsite backup media and record storage for a bank. Due to familiarity with bank employees, the vendor does not consistently require authorization forms from them to retrieve media. Which of the following is the GREATEST risk from this situation? Explanation/Reference: A. Bank employees can inappropriately obtain sensitive records
B. Backup tapes may not be available
C. Chain of custody could not be validated
D. The vendor provides the incorrect media to employees
View answer
Correct Answer: B
Question #5
The objective of using coding standards for systems development is to:
A. facilitate program maintenance
B. facilitate user testing
C. ensure the completeness of requirements
D. ensure that business needs are met
View answer
Correct Answer: D
Question #6
Which of the following is a network diagnostic tool that monitors and records network information?
A. Online monitor
B. Downtime report
C. Help desk report
D. Protocol analyzer
View answer
Correct Answer: C
Question #7
Following an unauthorized disclosure of data, an organization needs to implement data loss prevention (DLP) measures. The IS auditor’s BEST recommendation should be to:
A. install DLP software on corporate servers to prevent recurrence
B. monitor and block outgoing emails based on common DLP criteria
C. restrict removable media access on all computer systems
D. establish a risk and control framework
View answer
Correct Answer: B
Question #8
Which of the following concerns is BEST addressed by securing production source libraries?
A. Production source and object libraries may not be synchronized
B. Unauthorized changes can be moved into production
C. Programs are not approved before production source libraries are updated
D. Changes are applied to the wrong version of production source libraries
View answer
Correct Answer: D
Question #9
An IS auditor should review the configuration of which of the following protocols to detect unauthorized mappings between the IP address and the media access control (MAC) address? A. Simple Object Access Protocol (SOAP)
B. Address Resolution Protocol (ARP)
C. Routing Information Protocol (RIP)
D. Transmission Control Protocol (TCP)
View answer
Correct Answer: B
Question #10
An organization has purchased a security information and event management (SIEM) tool. Which of the following would be MOST important to consider before implementation?
A. The contract with the SIEM vendor
B. Controls to be monitored
C. Available technical support
D. Reporting capabilities
View answer
Correct Answer: A
Question #11
To develop a successful business continuity plan, end user involvement is critical during which of the following phases?
A. Business recovery strategy
B. Detailed plan development
C. Business impact analysis (BIA)
D. Testing and maintenance
View answer
Correct Answer: A
Question #12
Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata
B. Speed of the transactions
C. Volatility of the data
D. Vulnerability of the system
View answer
Correct Answer: A
Question #13
The logical exposure associated with the use of a checkpoint restart procedure is:
A. denial of service
B. an asynchronous attack
C. wire tapping
D. computer shutdown
View answer
Correct Answer: B
Question #14
Following best practices, formal plans for implementation of new information systems are developed during the:
A. development phase
B. design phase
D. deployment phase
View answer
Correct Answer: B
Question #15
Which of the following should an IS auditor recommend for the protection of specific sensitive information stored in the data warehouse?
A. implement column- and row-level permissions
B. Enhance user authentication via strong passwords
C. Organize the data warehouse into subject matter-specific databases
D. Log user access to the data warehouse
View answer
Correct Answer: S
Question #16
Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them? A. Overwriting the tapes
B. initializing the tape labels
C. Degaussing the tapes
D. Erasing the tapes
View answer
Correct Answer: C
Question #17
Sending a message and a message hash encrypted by the sender's private key will ensure:
A. authenticity and integrity
B. authenticity and privacy
C. integrity and privacy
D. privacy and nonrepudiation
View answer
Correct Answer: B
Question #18
Why would a database be renormalized?
A. To ensure data integrity
B. To increase processing efficiency
C. To prevent duplication of data
D. To save storage space
View answer
Correct Answer: D
Question #19
When developing a risk-based IS audit plan, the PRIMARY focus should be on functions:
A. considered important by IT management
B. with the most ineffective controls
C. with the greatest number of threats
D. considered critical to business operations
View answer
Correct Answer: A
Question #20
The MOST effective biometric control system is the one:
A. which has the highest equal-error rate (EER)
B. which has the lowest EER
D. for which the FRR is equal to the failure-to-enroll rate (FER)
View answer
Correct Answer: D
Question #21
Which of the following is the BEST time for an IS auditor to perform a post-implementation review?
A. When the system has stabilized
B. After the completion of user testing
C. Before decommissioning the legacy system
D. Immediately after the new system goes into production
View answer
Correct Answer: C
Question #22
A message is being sent with a hash. The risk of an attacker changing the message and generating an authentic hash value can be mitigated by:
A. requiring the recipient to use a different hash algorithm
B. generating hash output that is the same size as the original message
C. using a secret key in conjunction with the hash algorithm
D. using the sender’s public key to encrypt the message
View answer
Correct Answer: C
Question #23
After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools?
A. Differential reporting
B. False-positive reporting
C. False-negative reporting
D. Less-detail reporting
View answer
Correct Answer: B
Question #24
An organization is choosing key performance indicators (KPIs) for its information security management. Which of the following KPIs would provide stakeholders with the MOST useful information about whether information security risk is being managed?
A. Time from initial reporting of an incident to appropriate escalation
B. Time from identifying a security threat to implementing a solution
C. The number of security controls implemented
D. The number of security incidents during the past quarter B Which of the following control checks would utilize data analytics?
A. Evaluating configuration settings for the credit card application system
B. Reviewing credit card applications submitted in the past month for blank data fields
C. Attempting to submit credit card applications with blank data fields
D. Reviewing the business requirements document for the credit card application system
View answer
Correct Answer: A
Question #25
Identify the network topology from below diagram presented below: Network Topology
A. Bus
B. Star
C. Ring
D. Mesh
View answer
Correct Answer: C
Question #26
Which of the following type of a computer network are variation of LAN and are dedicated to connecting storage devices to servers and other computing devices?
A. LAN
B. MAN
C. SAN
D. PAN
View answer
Correct Answer: B
Question #27
Which of the following would be MOST helpful in ensuring security procedures are followed by employees in a multinational organization? A. Security architecture review
B. Regular clean desk reviews
C. Comprehensive end-user training
D. Regular policy updates by management
View answer
Correct Answer: B
Question #28
Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)?
A. Minimum operating requirements
B. Acceptable data loss
C. Mean time between failures
D. Acceptable time for recovery
View answer
Correct Answer: C
Question #29
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users?
A. System analysis
B. Authorization of access to data
C. Application programming
D. Data administration
View answer
Correct Answer: A
Question #30
Which of the following is NOT a component of IPSec? A. Authentication Header
B. Encapsulating Security Payload
C. Key Distribution Center
D. Internet Key Exchange
View answer
Correct Answer: D
Question #31
To protect a VoIP infrastructure against a denial-of-service (DoS) attack, it is MOST important to secure the:
A. access control servers
B. session border controllers
C. backbone gateways
D. intrusion detection system (IDS)
View answer
Correct Answer: B
Question #32
What is the most effective means of determining that controls are functioning properly within an operating system?
A. Interview with computer operator
B. Review of software control features and/or parameters
C. Review of operating system manual
D. Interview with product vendor
View answer
Correct Answer: B
Question #33
A project manager of a project that is scheduled to take 18 months to complete announces that the project is in a healthy financial position because, after 6 months, only one-sixth of the budget has been spent. The IS auditor should FIRST determine: A. what amount of progress against schedule has been achieved.
B. if the project budget can be reduced
C. if the project could be brought in ahead of schedule
D. if the budget savings can be applied to increase the project scope
View answer
Correct Answer: D
Question #34
A database administrator should be prevented from:
A. using an emergency user ID
B. accessing sensitive information
C. having end user responsibilities
D. having access to production files
View answer
Correct Answer: C
Question #35
An IS auditor reviewing a database application discovers that the current configuration does not match the originally designed structure. Which of the following should be the IS auditor's next action?
A. Analyze the need for the structural change
B. Recommend restoration to the originally designed structure
C. Recommend the implementation of a change control process
D. Determine if the modifications were properly approved
View answer
Correct Answer: B
Question #36
Which of the following is the GREATEST risk when relying on reports generated by end-user computing?
A. Data may be inaccurate
B. Reports may not work efficiently
C. Reports may not be timely
D. Historical data may not be available
View answer
Correct Answer: C
Question #37
Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer 7 of the ISO/OSI Model?
A. Bridge
B. Repeater C
D. Gateway
View answer
Correct Answer: A
Question #38
An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:
A. compromises the Wireless Application Protocol (WAP) gateway
B. installs a sniffing program in front of the server
C. steals a customer's PDA
D. listens to the wireless transmission
View answer
Correct Answer: A
Question #39
Which of the following is the MOST reliable control to prevent double payments made as a result of payment system batch jobs restarting after processing errors? A. Database rollback in case of processing errors
B. Review of batch job competition logs
C. Duplicate verification at the last possible point in processing
D. Restart procedures integrated in job controls
View answer
Correct Answer: S
Question #40
Which of the following statement INCORRECTLY describes Asynchronous Transfer Mode (ATM) technique?
A. ATM uses cell switching method
B. ATM is high speed network technology used for LAN, MAN and WAN
C. ATM works at session layer of an OSI model
D. Data are segmented into fixed size cell of 53 bytes
View answer
Correct Answer: D
Question #41
An organization has a number of branches across a wide geographical area. To ensure that all aspects of the disaster recovery plan are evaluated in a cost effective manner, an IS auditor should recommend the use of a:
A. data recovery test
B. full operational test
C. posttest
D. preparedness test
View answer
Correct Answer: D
Question #42
A company uses a bank to process its weekly payroll. Time sheets and payroll adjustment forms (e.g., hourly rate changes, terminations) are completed and delivered to the bank, which prepares checks (cheques) and reports for distribution. To BEST ensure payroll data accuracy:
A. payroll reports should be compared to input forms
C. checks (cheques) should be compared to input forms
D. checks (cheques) should be reconciled with output reports
View answer
Correct Answer: D
Question #43
To ensure authentication, confidentiality and integrity of a message, the sender should encrypt the hash of the message with the sender's: A. public key and then encrypt the message with the receiver's private key.
B. private key and then encrypt the message with the receiver's public key
C. public key and then encrypt the message with the receiver's public key
D. private key and then encrypt the message with the receiver's private key
View answer
Correct Answer: D
Question #44
Which of the following type of a computer network is a WAN that are limited to a city?
A. LAN
B. MAN
C. SAN
D. PAN
View answer
Correct Answer: B
Question #45
Which of the following is a substantive test procedure?
A. Using audit software to verify the total of an accounts receivable file
B. Observing that user IDs and passwords are required to sign on to the online system
C. Test of invoice calculation process
D. Verifying that appropriate approvals are documented in a sample of program changes
View answer
Correct Answer: D
Question #46
An IS auditor is reviewing a software-based configuration. Which of the following represents the GREATEST vulnerability? The firewall software: A. is configured with an implicit deny rule as the last rule in the rule base.
B. is installed on an operating system with default settings
C. has been configured with rules permitting or denying access to systems or networks
D. is configured as a virtual private network (VPN) endpoint
View answer
Correct Answer: A
Question #47
During maintenance of a relational database, several values of the foreign key in a transaction table of a relational database have been corrupted. The consequence is that:
A. the detail of involved transactions may no longer be associated with master data, causing errors when these transactions are processed
B. there is no way of reconstructing the lost information, except by deleting the dangling tuples and reentering the transactions
C. the database will immediately stop execution and lose more information
D. the database will no longer accept input data
View answer
Correct Answer: D
Question #48
Which of the following control make sure that input data comply with predefined criteria maintained in computerized table of possible values? A. Range Check
B. Table lookups
C. Existence check
D. Reasonableness check
View answer
Correct Answer: D
Question #49
Performance monitoring tools report that servers are significantly below their planned utilization. Which of the following would be the BEST recommendation? Consolidate physical servers.
B. Review the capacity plan
C. Deploy load balancing
D. Reconfigure server settings
View answer
Correct Answer: D
Question #50
Regarding a disaster recovery plan, the role of an IS auditor should include:
A. identifying critical applications
B. determining the external service providers involved in a recovery test
C. observing the tests of the disaster recovery plan
D. establishing a recovery time objective (RTO)
View answer
Correct Answer: B
Question #51
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as:
A. rules
B. decision trees
D. dataflow diagrams
View answer
Correct Answer: A
Question #52
An organization has implemented an automated match between purchase orders, goods receipts, and invoices. Which of the following risks will this control BEST mitigate?
A. Customer discounts not being applied
B. A legitimate transaction being paid multiple times
C. Invalid payments being processed by the system
D. Delay of purchase orders
View answer
Correct Answer: B
Question #53
Which of the following characteristics pertaining to databases is not true?
A. A data model should exist and all entities should have a significant name
B. Justifications must exist for normalized data
C. No NULLs should be allowed for primary keys
D. All relations must have a specific cardinality
View answer
Correct Answer: A
Question #54
When developing an escalation process for an incident response plan, the information security manager should PRIMARLY consider the:
A. affected stakeholders
B. availability of technical resources
C. incident response team
D. media coverage
View answer
Correct Answer: C
Question #55
When performing an audit of a client relationship management (CRM) system migration project, which of the following should be of GREATEST concern to an IS auditor?
A. The technical migration is planned for a Friday preceding a long weekend, and the time window is too short for completing all tasks
B. Employees pilot-testing the system are concerned that the data representation in the new system is completely different from the old system
C. A single implementation is planned, immediately decommissioning the legacy system
D. Five weeks prior to the target date, there are still numerous defects in the printing functionality of the new system’s software
View answer
Correct Answer: B
Question #56
An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records. Which of the following is the MOST effective compensating control for this weakness?
A. Staging and job set up
B. Supervisory review of logs
C. Regular back-up of tapes
D. Offsite storage of tapes
View answer
Correct Answer: C
Question #57
During the audit of an acquired software package, an IS auditor learned that the software purchase was based on information obtained through the Internet, rather than from responses to a request for proposal (RFP). The IS auditor should FIRST: A. test the software for compatibility with existing hardware.
B. perform a gap analysis
C. review the licensing policy
D. ensure that the procedure had been approved
View answer
Correct Answer: D
Question #58
Which of the following statement INCORRECTLY describes network device such as a Router?
A. Router creates a new header for each packet
B. Router builds a routing table based on MAC address
C. Router does not forward broadcast packet
D. Router assigns a different network address per port
View answer
Correct Answer: C
Question #59
Of the following, who should the security manager consult FIRST when determining the severity level of a security incident involving a third-party vendor?
A. IT process owners
B. Business partners
C. Risk manager
D. Business process owners
View answer
Correct Answer: C
Question #60
Which of the following is an appropriate test method to apply to a business continuity plan (BCP)?
A. Pilot
B. Paper
C. Unit
D. System
View answer
Correct Answer: D
Question #61
Which of the following would BEST prevent data from being orphaned? A. Referential integrity
B. Table partitioning
C. Input validation checks
D. Table indexes
View answer
Correct Answer: A
Question #62
Which of the following should be done FIRST when handling multiple confirmed incidents raised at the same time? Categorize incidents by the value of the affected asset.
B. Inform senior management
C. Update the business impact assessment
D. Activate the business continuity plan
View answer
Correct Answer: C
Question #63
When transmitting a payment instruction, which of the following will help verify that the instruction was not duplicated?
A. Use of a cryptographic hashing algorithm
B. Enciphering the message digest Deciphering the message digest
D. A sequence number and time stamp
View answer
Correct Answer: A
Question #64
An IS auditor observes that an organization’s critical IT systems have experienced several failures throughout the year. Which of the following is the BEST recommendation?
A. Perform a disaster recovery test
B. Perform a root cause analysis
C. Contract for a hot site
D. Implement redundant systems
View answer
Correct Answer: B
Question #65
An organization has performance metrics to track how well IT resources are being used, but there has been little progress on meeting the organization’s goals. Which of the following would be MOST helpful to determine the underlying reason?
A. Conducting a root cause analysis B
C. Re-evaluating key performance indicators (KPIs)
D. Conducting a business impact analysis (BIA)
View answer
Correct Answer: S
Question #66
Which of the following controls is MOST appropriate against brute force attacks at login?
A. Storing password files using one-way encryption
B. Locking the account after three invalid passwords
C. Storing passwords under a one-way hash function
D. Increasing the minimum password length to 10 characters
View answer
Correct Answer: A
Question #67
Which of the following tests is MOST likely to detect an error in one subroutine resulting from a recent change in another subroutine?
A. Stress testing
B. Regression testing
C. User acceptance testing
D. Black-box testing
View answer
Correct Answer: B
Question #68
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the: A. Firewall and the organization's network.
B. Internet and the firewall
C. Internet and the web server
D. Web server and the firewall
View answer
Correct Answer: C
Question #69
Which of the following methods BEST ensures that a comprehensive approach is used to direct information security activities?
A. Creating communication channels
B. Promoting security training
C. Establishing a steering committee
D. Holding periodic meetings with business owners
View answer
Correct Answer: A
Question #70
Which of the following is the PRIMARY advantage of single sign-on (SSO)?
A. Improves system performance
B. Ensures good password practices
C. Improves security
D. Reduces administrative workload
View answer
Correct Answer: S
Question #71
An IS auditor performing an application maintenance audit would review the log of program changes for the: A. authorization of program changes.
B. creation date of a current object module
C. number of program changes actually made
D. creation date of a current source program
View answer
Correct Answer: A
Question #72
Which of the following entities is BEST suited to define the data classification levels within an organization?
A. Database administrator based on the data schema
B. Legal compliance team based on the application regulations
C. Business owner responsible for the respective data
D. System administrator responsible for data security controls
View answer
Correct Answer: D
Question #73
Which of the following is MOST important for an organization to complete prior to developing its disaster recovery plan (DRP)?
A. Support staff skill gap analysis
B. Comprehensive IT inventory
View answer
Correct Answer: A
Question #74
Which of the following MOST effectively prevents internal users from modifying sensitive data?
A. Network segmentation
B. Multi-factor authentication
C. Acceptable use policies
D. Role-based access controls
View answer
Correct Answer: D
Question #75
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely: A. check to ensure that the type of transaction is valid for the card type.
B. verify the format of the number entered then locate it on the database
C. ensure that the transaction entered is within the cardholder's credit limit
D. confirm that the card is not shown as lost or stolen on the master file
View answer
Correct Answer: C
Question #76
Which of the following is critical to the successful establishment of an enterprise IT architecture?
A. A well-defined data migration policy
B. Comparison of the architecture with that of other organizations
C. An architecture encompassing only critical systems
D. Organizational support for standardization
View answer
Correct Answer: C
Question #77
An organization has just completed their annual risk assessment. Regarding the business continuity plan, what should an IS auditor recommend as the next step for the organization?
A. Review and evaluate the business continuity plan for adequacy
B. Perform a full simulation of the business continuity plan
C. Train and educate employees regarding the business continuity plan D
View answer
Correct Answer: D
Question #78
An organization has implemented data storage hardware. Which of the following should an IS auditor review to assess if IT is maximizing storage and network utilization?
A. Capacity management plans
View answer
Correct Answer: A
Question #79
Which of the following would BEST indicate the effectiveness of a security awareness training program?
A. Increased number of employees completing training
B. Employee satisfaction with training
C. Reduced unintentional violations
D. Results of third-party social engineering tests
View answer
Correct Answer: B
Question #80
Which of the following type of network service stores information about the various resources in a central database on a network and help network devices locate services?
A. DHCP B
C. Directory Service
D. Network Management
View answer
Correct Answer: B
Question #81
Which of the following would be the PRIMARY benefit of replacing physical keys with an electronic badge system for access to a data center?
A. Increasing accountability
B. Maintaining compliance
C. Tracking employee work hours
D. Increasing reliability
View answer
Correct Answer: C
Question #82
The GREATEST benefit of using a prototyping approach in software development is that it helps to:
A. decrease the time allocated for user testing and review
B. minimize scope changes to the system
C. conceptualize and clarify requirements
D. improve efficiency of quality assurance (QA) testing
View answer
Correct Answer: C
Question #83
An application development team is also promoting changes to production for a critical financial application. Which of the following would be the BEST control to reduce the associated risk?
A. Implementing a change management code review
B. Implementing a peer review process
C. Performing periodic audits
D. Submitting change logs to the business manager for review
View answer
Correct Answer: C
Question #84
The reason for establishing a stop or freezing point on the design of a new system is to:
A. prevent further changes to a project in process
B. indicate the point at which the design is to be completed
D. provide the project management team with more control over the project design
View answer
Correct Answer: D
Question #85
Which of the following are the PRIMARY considerations when determining the timing of remediation testing?
A. The level of management and business commitment to implementing agreed action plans
B. The difficulty of scheduling resources and availability of management for a follow-up engagement
C. The availability and competencies of control owners for implementing the agreed action
D. The significance of the reported findings and the impact if corrective actions are not taken D Which of the following is the BEST way to control the concurrent use of licensed software?
A. User self-discipline
B. Monitor by system administrator
C. Surprise audit conducted by vendors
D. Metering software
View answer
Correct Answer: A
Question #86
For a discretionary access control to be effective, it must:
A. operate within the context of mandatory access controls
B. operate independently of mandatory access controls
C. enable users to override mandatory access controls when necessary
D. be specifically permitted by the security policy
View answer
Correct Answer: C
Question #87
The MOST likely explanation for a successful social engineering attack is:
A. that computers make logic errors
B. that people make judgment errors
C. the computer knowledge of the attackers
D. the technological sophistication of the attack method
View answer
Correct Answer: C
Question #88
Which of the following is MOST likely to reduce the effectiveness of a signature-based intrusion detection system (IDS)?
A. The activities being monitored deviate from what is considered normal
B. The environment is complex
C. The pattern of normal behavior changes quickly and dramatically
D. The information regarding monitored activities becomes state
View answer
Correct Answer: D
Question #89
The purpose of code signing is to provide assurance that:
A. the software has not been subsequently modified
B. the application can safely interface with another signed application
C. the signer of the application is trusted
D. the private key of the signer has not been compromised
View answer
Correct Answer: C
Question #90
Which of the following component of an expert system allows the expert to enter knowledge into the system without the traditional mediation of a software engineer?
A. Decision tree B
C. Semantic nets
D. Knowledge interface
View answer
Correct Answer: B
Question #91
A payroll application system accepts individual user sign-on IDs and then connects to its database using a single application ID. The GREATEST weakness under this system architecture is that:
A. an incident involving unauthorized access to data cannot be tied to a specific user
B. when multiple sessions with the same application ID collide, the database locks up
C. users can gain direct access to the application ID and circumvent data controls
D. the database becomes unavailable if the password of the application ID expires
View answer
Correct Answer: B
Question #92
For a company that outsources payroll processing, which of the following is the BEST way to ensure that only authorized employees are paid?
A. The company’s bank reconciliations should be independently prepared and checked
B. Employees should receive pay statements showing gross pay, net pay, and deductions
C. Only payroll employees should be given the password for data entry and report retrieval
D. Electronic payroll reports should be independently reviewed
View answer
Correct Answer: C
Question #93
Following the discovery of inaccuracies in a data warehouse, an organization has implemented data profiling, cleansing, and handling filters to enhance the quality of data obtained from connected sources. Which type of control has been applied?
A. Preventive control B
C. Compensating control
D. Detective control
View answer
Correct Answer: C
Question #94
Which of the following functions is performed by a virtual private network (VPN)?
A. Hiding information from sniffers on the net
B. Enforcing security policies C
D. Regulating access
View answer
Correct Answer: C
Question #95
Which of the following ensures the availability of transactions in the event of a disaster?
A. Send tapes hourly containing transactions offsite,
B. Send tapes daily containing transactions offsite
C. Capture transactions to multiple storage devices
D. Transmit transactions offsite in real time
View answer
Correct Answer: D
Question #96
In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as:
A. isolation
B. consistency
View answer
Correct Answer: A
Question #97
Which cloud deployment model is MOST likely to be limited in scalability?
A. Public
B. Private
C. Hybrid
D. Community
View answer
Correct Answer: C
Question #98
Which of the following is the process of feeding test data into two systems – the modified system and alternative system and comparing the result?
A. Parallel Test
B. Black box testing
C. Regression Testing
D. Pilot Testing
View answer
Correct Answer: A
Question #99
A design company has multiple name and address files for its customers in several of its independent systems. Which of the following is the BEST control to ensure that the customer name and address agree across all files?
A. Use of hash totals on customer records
B. Periodic review of each master file by management
C. Matching of records and review of exception reports
D. Use of authorized master file change forms
View answer
Correct Answer: B
Question #100
When evaluating the recent implementation of an intrusion detection system (IDS), an IS auditor should be MOST concerned with inappropriate:
A. encryption
B. training
C. tuning
D. patching
View answer
Correct Answer: A
Question #101
The role of the certificate authority (CA) as a third party is to: A. provide secured communication and networking services based on certificates.
B. host a repository of certificates with the corresponding public and secret keys issued by that CA
C. act as a trusted intermediary between two communication partners
D. confirm the identity of the entity owning a certificate issued by that CA
View answer
Correct Answer: A
Question #102
An employee uses a personal mobile device to access corporate data and email, but also allows friends to use it as a mobile hotspot for Internet access when not at work. The information security manager is concerned this situation may expose confidential data. The manager’s FIRST step should be to:
A. update the mobile device usage standards to address the issue and communicate to all employees
B. activate the incident response plan to mitigate the impact and stop the compromise
C. review the associated risks to determine if additional controls are needed
D. implement additional security controls that will mitigate the situation and then reassess risks A
View answer
Correct Answer: B
Question #103
Which of the following practices associated with capacity planning provides the GREATEST assurance that future incidents related to server performance will be prevented?
A. Anticipating current service level agreements (SLAs) will remain unchanged
B. Prorating the current processing workloads
C. Negotiating agreements to acquire required cloud services
D. Duplicating existing disk drive systems to improve redundancy and data storage
View answer
Correct Answer: A
Question #104
A. An organization that has outsourced its incident management capabilities just discovered a significant privacy breach by an unknown attacker. Which of the following is the MOST important action of the security manager?
A. Follow the outsourcer’s response plan
B. Refer to the organization’s response plan
C. Notify the outsourcer of the privacy breach
D. Alert the appropriate law enforcement authorities C An external penetration test identified a serious security vulnerability in a critical business application
A. determine the potential impact with the business owner
B. initiate the incident response process
C. block access to the vulnerable business application
D. report the vulnerability to IT for remediation
View answer
Correct Answer: D
Question #105
The information security function in a large organization is MOST effective when:
A. decentralized as close to the user as possible
B. the function reports directly to the IS operations manager
C. partnered with the IS development team to determine access rights
D. established at a corporate-wide level
View answer
Correct Answer: A
Question #106
An IS auditor finds that, at certain times of the day, the data warehouse query performance decreases significantly. Which of the following controls would it be relevant for the IS auditor to review?
A. Permanent table-space allocation
B. Commitment and rollback controls
C. User spool and database limit controls
D. Read/write access log controls C Explanation: User spool limits restrict the space available for running user queries
A. Integrity
B. Availability
C. Completeness
D. Confidentiality
View answer
Correct Answer: C
Question #107
The PRIMARY objective of testing a business continuity plan is to: A. familiarize employees with the business continuity plan.
B. ensure that all residual risks are addressed
C. exercise all possible disaster scenarios
D. identify limitations of the business continuity plan
View answer
Correct Answer: B
Question #108
During a business continuity audit, an IS auditor found that the business continuity plan (BCP) covers only critical processes. The IS auditor should::
A. recommend that the BCP cover all business processes
B. assess the impact of the processes not covered
C. report the findings to the IT manager
D. redefine the critical processes
View answer
Correct Answer: D
Question #109
Which of the following is the MOST effective mitigation strategy to protect confidential information from insider threats?
A. Implementing authentication mechanisms
B. Performing an entitlement review process
C. Defining segregation of duties
D. Establishing authorization controls
View answer
Correct Answer: D
Question #110
Several remote users have been unable to communicate with a secured network news transfer protocol (NNTP) server. Of the following, the MOST likely cause is:
A. the use of a password cracker
B. a hacker impersonating the server
C. a hacker using a sniffer D
View answer
Correct Answer: D
Question #111
The IS auditor of a power company finds that the radio link to a remote mountain site is experiencing systematic outages under specific weather conditions. The communications manager explains that increasing the radio power would require a new license and would help little. What is the MOST appropriate action by the IS auditor?
A. Recommend that the site’s data collection and transmission be non-interruptible
B. Review the installation license, permissions and associated costs
C. Recommend that the site’s hardware be upgraded to record data during outages
D. Gather additional information to identify threats, vulnerabilities, and impact
View answer
Correct Answer: D
Question #112
When reviewing an end-user computing (EUC) application, which of the following techniques is MOST appropriate for testing program logic?
A. Integrated testing facility
B. Test decking
C. Re-performance
D. Key calculation inspection
View answer
Correct Answer: C
Question #113
The BEST filter rule for protecting a network from being used as an amplifier in a denial of service (DoS) attack is to deny all:
A. outgoing traffic with IP source addresses externa! to the network
B. incoming traffic with discernible spoofed IP source addresses
C. incoming traffic with IP options set
D. incoming traffic to critical hosts
View answer
Correct Answer: B
Question #114
Which of the following is the PRIMARY objective of an IT performance measurement process?
A. Minimize errors
B. Gather performance data
C. Establish performance baselines
D. Optimize performance
View answer
Correct Answer: B
Question #115
An organization has a mix of access points that cannot be upgraded to stronger security and newer access points having advanced wireless security. An IS auditor recommends replacing the non-upgradeable access points. Which of the following would BEST justify the IS auditor's recommendation?
A. The new access points with stronger security are affordable
B. The old access points are poorer in terms of performance
C. The organization's security would be as strong as its weakest points
D. The new access points are easier to manage
View answer
Correct Answer: C
Question #116
An IS auditor has been asked to participate in project initiation meetings for a critical project. The IS auditor's MAIN concern should be that the: A. complexity and risks associated with the project have been analyzed.
B. resources needed throughout the project have been determined
C. project deliverables have been identified
D. a contract for external parties involved in the project has been completed
View answer
Correct Answer: B
Question #117
An existing system is being replaced with a new application package. User acceptance testing (UAT) should ensure that:
A. data from the old system has been converted correctly
B. the new system functions as expected
C. the new system is better than the old system
D. there is a business need for the new system
View answer
Correct Answer: A
Question #118
An employee of an organization has reported losing a smartphone that contains sensitive information. The BEST step to address this situation should be to:
A. terminate the device connectivity
B. escalated to the user’s management C
D. remotely wipe the device
View answer
Correct Answer: B
Question #119
Which of the following statement correctly describes the difference between QAT and UAT?
A. QAT focuses on technical aspect of the application and UAT focuses on functional aspect of the application
B. UAT focuses on technical aspect of the application and QAT focuses on functional aspect of the application
C. UAT and QAT both focuses on functional aspect of the application
D. UAT and QAT both focuses on technical aspect of the application
View answer
Correct Answer: C
Question #120
Overall responsibility for approving logical access rights to information assets should reside with the:
A. data and systems owners
B. systems delivery and operations group
C. security administrator
D. systems administrator
View answer
Correct Answer: C
Question #121
The FIRST step in a successful attack to a system would be:
A. gathering information
B. gaining access
C. denying services
View answer
Correct Answer: A
Question #122
The MOST important factors in determining the scope and timing for testing a business continuity plan are:
A. manual processing capabilities and the test location
B. the importance of the function to be tested and the cost of testing
C. the experience level of personnel and the function location
D. prior testing results and the degree of detail of the business continuity plan
A. Gap analysis
B. Risk assessment
C. Business impact analysis (BIA)
D. Penetration testing
View answer
Correct Answer: D
Question #123
Reconciliations have identified data discrepancies between an enterprise data warehouse and a revenue system for key financial reports. What is the GREATEST risk to the organization in this situation?
A. The key financial reports may no longer be produced
B. Financial reports may be delayed
C. Undetected fraud may occur
D. Decisions may be made based on incorrect information
View answer
Correct Answer: A
Question #124
A security administrator should have read-only access for which of the following?
A. Router configuration
B. Password policy
C. Security logs
D. Services/daemons configuration
View answer
Correct Answer: B
Question #125
In a typical network architecture used for e-commerce, a load balancer is normally found between the:
A. routers and the web servers
B. mail servers and the mail repositories
C. users and the external gateways
D. databases and the external gateways
View answer
Correct Answer: C
Question #126
When reviewing input controls, an IS auditor observes that, in accordance with corporate policy, procedures allow supervisory override of data validation edits. The IS auditor should:
A. not be concerned since there may be other compensating controls to mitigate the risks
B. ensure that overrides are automatically logged and subject to review
C. verify whether all such overrides are referred to senior management for approval
D. recommend that overrides not be permitted
View answer
Correct Answer: C
Question #127
An IT organization’s incident response plan is which type of control?
A. Preventive
B. Corrective
C. Detective
D. Directive
View answer
Correct Answer: C
Question #128
When conducting a post-incident review, the GREATEST benefit of collecting mean time to resolution (MTTR) data is the ability to:
A. reduce the costs of future preventive controls
B. provide metrics for reporting to senior management
C. verify compliance with the service level agreement (SLA)
View answer
Correct Answer: A
Question #129
Which of the following term related to network performance refers to the number of corrupted bits expressed as a percentage or fraction of the total sent?
A. Bandwidth
B. Throughput
C. Latency D
View answer
Correct Answer: C
Question #130
An organization has detected sensitive data leakage caused by an employee of a third-party contractor. What is the BEST course of action to address this issue? A. Include security requirements in outsourcing contracts.
B. Activate the organization’s incident response plan
C. Limit access to the third-party contractor
D. Terminate the agreement with the third-party contractor
View answer
Correct Answer: A
Question #131
To develop meaningful recommendations for findings, which of the following is MOST important for an IS auditor to determine and understand?
A. Criteria
B. Responsible party
C. Impact
D. Root cause
View answer
Correct Answer: B
Question #132
Which of the following is the GREATEST risk to the effectiveness of application system controls? A. Removal of manual processing steps
B. inadequate procedure manuals
C. Collusion between employees
D. Unresolved regulatory compliance issues
View answer
Correct Answer: D
Question #133
Which of the following is the GREATEST concern with conducting penetration testing on an internally developed application in the production environment?
A. The testing could create application availability issues
B. The testing may identify only known operating system vulnerabilities
C. The issues identified during the testing may require significant remediation efforts
D. Internal security staff may not be qualified to conduct application penetration testing
View answer
Correct Answer: B
Question #134
Which of the following does a lack of adequate security controls represent? A. Threat
B. Asset
C. Impact
D. Vulnerability
View answer
Correct Answer: A
Question #135
A decision support system (DSS):
A. is aimed at solving highly structured problems
B. combines the use of models with nontraditional data access and retrieval functions
D. supports only structured decision making tasks
View answer
Correct Answer: C
Question #136
The waterfall life cycle model of software development is most appropriately used when: A. requirements are well understood and are expected to remain stable, as is the business environment in which the system will operate.
B. requirements are well understood and the project is subject to time pressures
C. the project intends to apply an object-oriented design and programming approach
D. the project will involve the use of new technology
View answer
Correct Answer: B
Question #137
Which of the following internet security threats could compromise integrity? A. Theft of data from the client
B. Exposure of network configuration information
C. A Trojan horse browser
D. Eavesdropping on the net
View answer
Correct Answer: C
Question #138
During an audit of the logical access control of an ERP financial system an IS auditor found some user accounts shared by multiple individuals. The user IDs were based on roles rather than individual identities. These accounts allow access to financial transactions on the ERP. What should the IS auditor do next?
A. Look for compensating controls
B. Review financial transactions logs
C. Review the scope of the audit
D. Ask the administrator to disable these accounts
View answer
Correct Answer: B
Question #139
Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility?
A. verify compatibility with the hot site
B. Review the implementation report
C. Perform a walk-through of the disaster recovery plan
D. Update the IS assets inventory
View answer
Correct Answer: B
Question #140
Which of the following methodologies is MOST appropriate to use for developing software with incomplete requirements?
A. Process-based
B. Critical chain
C. Waterfall
D. Agile
View answer
Correct Answer: B
Question #141
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure with digital certificates for its business-to- consumer transactions via the internet? A. Customers are widely dispersed geographically, but the certificate authorities are not.
B. Customers can make their transactions from any computer or mobile device
C. The certificate authority has several data processing subcenters to administer certificates
D. The organization is the owner of the certificate authority
View answer
Correct Answer: B
Question #142
In an IT organization where many responsibilities are shared, which of the following would be the BEST control for detecting unauthorized data changes?
A. Data changes are independently reviewed by another group
B. Users are required to periodically rotate responsibilities
D. Data changes are logged in an outside application
View answer
Correct Answer: B
Question #143
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following is necessary to restore these files? A. The previous day's backup file and the current transaction tape
B. The previous day's transaction file and the current transaction tape
C. The current transaction tape and the current hard copy transaction log
D. The current hard copy transaction log and the previous day's transaction file
View answer
Correct Answer: A
Question #144
Which of the following is the BEST way to improve the timely reporting of information security incidents?
A. Perform periodic simulations with the incident response team
B. Incorporate security procedures in help desk processes
C. Integrate an intrusion detection system (IDS) in the DMZ
D. Regularly reassess and update the incident response plan
View answer
Correct Answer: B
Question #145
Following a recent acquisition, an information security manager has been requested the outstanding risk reported early in the acquisition process. Which of the following would be the manager’s BEST course of action?
A. Perform a vulnerability assessment of the acquired company’s infrastructure
B. Re-evaluate the risk treatment plan for the outstanding risk
C. Re-assess the outstanding risk of the acquired company
D. Add the outstanding risk to the acquiring organization’s risk registry
View answer
Correct Answer: D
Question #146
Which of the following is the BEST way to control scope creep during application system development?
A. Involve key stakeholders
B. Implement project steering committee review
C. Implement a quality management system
D. Establish key performance indicators (KPIs)
View answer
Correct Answer: B
Question #147
A company has implemented an IT segregation of duties policy. In a role-based environment, which of the following roles may be assigned to an approach developer? A. IT operator
B. Database administration
C. System administration
D. Emergency support
View answer
Correct Answer: B
Question #148
An organization considers implementing a system that uses a technology that is not in line with the organization’s IT strategy. Which of the following is the BEST justification for deviating from the IT strategy? A. The system has a reduced cost of ownership.
B. The organization has staff familiar with the technology
C. The business benefits are achieved even with extra costs
D. The system makes use of state-of-the-art technology
View answer
Correct Answer: B
Question #149
Network Data Management Protocol (NDMP) technology should be used for backup if: A. a network attached storage (NAS) appliance is required.
B. the use of TCP/I P must be avoided
C. file permissions that can not be handled by legacy backup systems must be backed up
D. backup consistency over several related data volumes must be ensured
View answer
Correct Answer: C
Question #150
A financial institution that processes millions of transactions each day has a central communications processor (switch) for connecting to automated teller machines (ATMs). Which of the following would be the BEST contingency plan for the communications processor?
A. Reciprocal agreement with another organization
B. Alternate processor in the same location
C. Alternate processor at another network node
D. Installation of duplex communication links
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.