Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1491

Question

Which of the following would a digital signature MOST likely prevent?

A. Corruption
B. Unauthorized change
C. Repudiation
D. Disclosure

Answer

A. Corruption

Explanation

The main reason of using digital signature is to ensure message integrity.it also helps to ensure authenticity and non-repudiation of the message. A digital signature can never ensure the confidentiality of data.

CISA Question 1492

Question

Which should be reviewed FIRST by an IS auditor to ensure that data is being secured appropriately for an application?

A. Data classification
B. Data encryption
C. Data access
D. Data storage

Answer

A. Data classification

Explanation

Data classification is necessary to provide proper access rights to the users. If you do not classify data according to their sensitivity and importance to the business, you cannot apply proper access rules to them. Data owners are responsible for defining access rules. The data classification process starts with the process of establishing ownership of data. This process also helps to prepare data dictionary.

CISA Question 1493

Question

Which of the following is MOST important when an organization contracts for the long-term use of a custom-developed application?

A. Documented coding standards
B. Error correction management
C. Contract renewal provisions
D. Escrow clause

Answer

C. Contract renewal provisions

CISA Question 1494

Question

The final acceptance testing of a new application system should be the responsibility of the:

A. IS audit team.
B. user group
C. IS management
D. quality assurance team

Answer

B. user group

CISA Question 1495

Question

When developing a business continuity plan (BCP), business unit management’s involvement is MOST important during the:

A. performance of a business impact analysis (BIA).
B. development of business recovery procedures.
C. implementation of a document repository.
D. performance of an IT risk assessment.

Answer

B. development of business recovery procedures.

CISA Question 1496

Question

During a follow-up audit, an IS auditor finds that the auditee has updated virus scanner definitions without adopting the original audit recommendation to increase the frequency of using the scanner. The MOST appropriate action for the auditor is to:

A. prepare a follow-up audit report reiterating the recommendation.
B. escalate the issue to senior management.
C. modify the audit opinion based on the new information available.
D. conclude that the residual risk is beyond tolerable levels of risk.

Answer

C. modify the audit opinion based on the new information available.

CISA Question 1497

Question

Which of the following is the MOST effective control to minimize the risk of cross-site scripting (XSS)?

A. Periodic vulnerability assessments
B. Secure coding practices
C. Network intrusion prevention system
D. Web firewall policy

Answer

B. Secure coding practices

CISA Question 1498

Question

Which of the following is the PRIMARY reason an IS auditor should discuss observations with management before delivering a final report?

A. Identify business risks associated with the observations.
B. Assist the management with control enhancements.
C. Record the proposed course of corrective action.
D. Validate the audit observations.

Answer

D. Validate the audit observations.

CISA Question 1499

Question

Reviewing project plans and status reports throughout the development life cycle will:

A. eliminate the need to perform a risk assessment.
B. postpone documenting the project’s progress until the final phase.
C. guarantee that the project will meet its intended deliverables.
D. facilitate the optimal use of resources over the life of the project.

Answer

D. facilitate the optimal use of resources over the life of the project.

CISA Question 1500

Question

When conducting a post-implementation review, which of the following is the BEST way to determine whether the value from an IT project has been achieved?

A. Calculate the return on investment (ROI).
B. Interview stakeholders.
C. Conduct an earned value analysis (EVA).
D. Survey end users.

Answer

C. Conduct an earned value analysis (EVA).

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker