Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 14

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1441

Question

Which of the following must be in place before an IS auditor initiates audit follow-up activities?

A. A heat map with the gaps and recommendations displayed in terms of risk
B. A management response in the final report with a committed implementation date
C. Supporting evidence for the gaps and recommendations mentioned in the audit report
D. Available resources for the activities included in the action plan

Answer

C. Supporting evidence for the gaps and recommendations mentioned in the audit report

CISA Question 1442

Question

An IS auditor is asked to identify risk within an organization’s software development project. The project manager tells the auditor that an agile development methodology is being used to minimize the lengthy development process. Which of the following would be of GREATEST concern to the auditor?

A. Each team does its own testing.
B. The needed work has not yet been fully identified.
C. Some of the developers have not attended recent training.
D. Elements of the project have not been documented.

Answer

B. The needed work has not yet been fully identified.

CISA Question 1443

Question

Which of the following controls can BEST detect accidental corruption during transmission of data across a network?

A. Sequence checking
B. Parity checking
C. Symmetric encryption
D. Check digit verification

Answer

B. Parity checking

Explanation

Parity check is used to detect transmission errors in the data. When a parity check is applied to a single character, it is called vertical or column check. In addition, if a parity check is applied to all the data it is called vertical or row check. By using both types of parity check simultaneously can greatly increase the error detection possibility, which may not be possible when only one type of parity check is used.

CISA Question 1444

Question

An IS auditor is reviewing the results of a business process improvement project. Which of the following should be performed FIRST?

A. Evaluate control gaps between the old and the new processes.
B. Develop compensating controls.
C. Document the impact of control weaknesses in the process.
D. Ensure that lessons learned during the change process are documented.

Answer

A. Evaluate control gaps between the old and the new processes.

CISA Question 1445

Question

Which of the following should be the PRIMARY basis for prioritizing follow-up audits?

A. Complexity of management’s actions plans
B. Recommendation from executive management
C. Audit cycle defined in the audit plan
D. Residual risk from the findings of previous audits

Answer

D. Residual risk from the findings of previous audits

CISA Question 1446

Question

When providing a vendor with data containing personally identifiable information (PII) for offsite testing, the data should be:

A. current
B. encrypted.
C. sanitized.
D. backed up.

Answer

B. encrypted.

CISA Question 1447

Question

A purpose of project closure is to determine the:

A. potential risks affecting the quality of deliverables.
B. lessons learned for use in future projects.
C. project feasibility requirements
D. professional expertise of the project manager.

Answer

B. lessons learned for use in future projects.

CISA Question 1448

Question

The use of symmetric key encryption controls to protect sensitive data transmitted over a communications network requires that:

A. primary keys for encrypting the data be stored in encrypted form.
B. encryption keys be changed only when a compromise is detected at both ends.
C. encryption keys at one end be changed on a regular basis.
D. public keys be stored in encrypted form.

Answer

A. primary keys for encrypting the data be stored in encrypted form.

CISA Question 1449

Question

Which of the following is a reason for implementing a decentralized IT governance model?

A. Standardized controls and economies of scale
B. IT synergy among business units
C. Greater consistency among business units
D. Greater responsiveness to business needs

Answer

D. Greater responsiveness to business needs

CISA Question 1450

Question

An organization allows its employees to use personal mobile devices for work. Which of the following would BEST maintain information security without compromising employee privacy?

A. Partitioning the work environment from personal space on devices
B. Preventing users from adding applications
C. Restricting the use of devices for personal purposes during working hours
D. Installing security software on the devices

Answer

C. Restricting the use of devices for personal purposes during working hours

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker