Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 10

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1021

Question

If a programmer has update access to a live system, IS auditors are more concerned with the programmer’s ability to initiate or modify transactions and the ability to access production than with the programmer’s ability to authorize transactions. True or false?

A. True
B. False

Answer

A. True

Explanation

If a programmer has update access to a live system, IS auditors are more concerned with the programmer’s ability to initiate or modify transactions and the ability to access production than with the programmer’s ability to authorize transactions.

CISA Question 1022

Question

Rather than simply reviewing the adequacy of access control, appropriateness of access policies, and effectiveness of safeguards and procedures, the IS auditor is more concerned with effectiveness and utilization of assets. True or false?

A. True
B. False

Answer

B. False

Explanation

Instead of simply reviewing the effectiveness and utilization of assets, an IS auditor is more concerned with adequate access control, appropriate access policies, and effectiveness of safeguards and procedures.

CISA Question 1023

Question

What are intrusion-detection systems (IDS) primarily used for?

A. To identify AND prevent intrusion attempts to a network
B. To prevent intrusion attempts to a network
C. Forensic incident response
D. To identify intrusion attempts to a network

Answer

D. To identify intrusion attempts to a network

Explanation

Intrusion-detection systems (IDS) are used to identify intrusion attempts on a network.

CISA Question 1024

Question

Which of the following is of greatest concern when performing an IS audit?

A. Users’ ability to directly modify the database
B. Users’ ability to submit queries to the database
C. Users’ ability to indirectly modify the database
D. Users’ ability to directly view the database

Answer

A. Users’ ability to directly modify the database

Explanation

A major IS audit concern is users’ ability to directly modify the database.

CISA Question 1025

Question

Which of the following is the most fundamental step in preventing virus attacks?

A. Adopting and communicating a comprehensive antivirus policy
B. Implementing antivirus protection software on users’ desktop computers
C. Implementing antivirus content checking at all network-to-Internet gateways
D. Inoculating systems with antivirus code

Answer

A. Adopting and communicating a comprehensive antivirus policy

Explanation

Adopting and communicating a comprehensive antivirus policy is the most fundamental step in preventing virus attacks. All other antivirus prevention efforts rely upon decisions established and communicated via policy.

CISA Question 1026

Question

When should systems administrators first assess the impact of applications or systems patches?

A. Within five business days following installation
B. Prior to installation
C. No sooner than five business days following installation
D. Immediately following installation

Answer

B. Prior to installation

Explanation

Systems administrators should always assess the impact of patches before installation.

CISA Question 1027

Question

Using the OSI reference model, what layer(s) is/are used to encrypt data?

A. transport layer
B. Session layer
C. Session and transport layers
D. Data link layer

Answer

C. Session and transport layers

Explanation

User applications often encrypt and encapsulate data using protocols within the OSI session layer or farther down in the transport layer.

CISA Question 1028

Question

What should IS auditors always check when auditing password files?

A. That deleting password files is protected
B. That password files are encrypted
C. That password files are not accessible over the network
D. That password files are archived

Answer

B. That password files are encrypted

Explanation

IS auditors should always check to ensure that password files are encrypted.

CISA Question 1029

Question

Which of the following should an IS auditor review to determine user permissions that have been granted for a particular resource?

A. Systems logs
B. Access control lists (ACL)
C. Application logs
D. Error logs

Answer

B. Access control lists (ACL)

Explanation

IS auditors should review access-control lists (ACL) to determine user permissions that have been granted for a particular resource.

CISA Question 1030

Question

What is often assured through table link verification and reference checks?

A. Database integrity
B. Database synchronization
C. Database normalcy
D. Database accuracy

Answer

A. Database integrity

Explanation

Database integrity is most often ensured through table link verification and reference checks.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker