ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 16

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

CISA Question 1671

Question

Network ILD&P are typically installed:

A. on the organization’s internal network connection.
B. on the organization’s internet network connection.
C. on each end user stations.
D. on the firewall.
E. None of the choices

Answer

B. on the organization’s internet network connection.

Explanation

Information Leakage Detection and Prevention (ILD&P) is a computer security term referring to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders. Network ILD&P are gateway-based systems installed on the organization’s internet network connection and analyze network traffic to search for unauthorized information transmissions. Host Based ILD&P systems run on end-user workstations to monitor and control access to physical devices and access information before it has been encrypted.

CISA Question 1672

Question

Which of the following would have the HIGHEST priority in a business continuity plan (BCP)?

A. Resuming critical processes
B. Recovering sensitive processes
C. Restoring the site
D. Relocating operations to an alternative site

Answer

A. Resuming critical processes

Explanation

The resumption of critical processes has the highest priority as it enables business processes to begin immediately after the interruption and not later than the declared mean time between failure (MTBF). Recovery of sensitive processes refers to recovering the vital and sensitive processes that can be performed manually at a tolerable cost for an extended period of time and those that are not marked as high priority.
Repairing and restoring the site to original status and resuming the business operations are time consuming operations and are not the highest priority. Relocating operations to an alternative site, either temporarily or permanently depending on the interruption, is a time consuming process; moreover, relocation may not be required.

CISA Question 1673

Question

A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can:

A. Identify high-risk areas that might need a detailed review later
B. Reduce audit costs
C. Reduce audit time
D. Increase audit accuracy

Answer

C. Reduce audit time

Explanation

A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it can identify high-risk areas that might need a detailed review later.

CISA Question 1674

Question

What is the PRIMARY purpose of audit trails?

A. To document auditing efforts
B. To correct data integrity errors
C. To establish accountability and responsibility for processed transactions
D. To prevent unauthorized access to data

Answer

C. To establish accountability and responsibility for processed transactions

Explanation

The primary purpose of audit trails is to establish accountability and responsibility for processed transactions.

CISA Question 1675

Question

Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital?

A. Multiplexer
B. Modem
C. Protocol converter
D. Concentrator

Answer

B. Modem

Explanation

A modem is a device that translates data from digital to analog and back to digital.

CISA Question 1676

Question

Which of the following is MOST likely to result from a business process reengineering (BPR) project?

A. An increased number of people using technology
B. Significant cost savings, through a reduction in the complexity of information technology
C. A weaker organizational structures and less accountability
D. Increased information protection (IP) risk will increase

Answer

A. An increased number of people using technology

Explanation

A BPR project more often leads to an increased number of people using technology, and this would be a cause for concern.
Incorrect answers:
B. As BPR is often technology oriented, and this technology is usually more complex and volatile than in the past, cost savings do not often materialize in this area.
D. There is no reason for IP to conflict with a BPR project, unless the project is not run properly

CISA Question 1677

Question

An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls would BEST mitigate the risk of undetected and unauthorized program changes to the production environment?

A. Commands typed on the command line are logged
B. Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs
C. Access to the operating system command line is granted through an access restriction tool with preapproved rights
D. Software development tools and compilers have been removed from the production environment

Answer

B. Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs

Explanation

The matching of hash keys over time would allow detection of changes to files. Choice A is incorrect because having a log is not a control, reviewing the log is a control. Choice C is incorrect because the access was already granted-it does not matter how. Choice D is wrong because files can be copied to and from the production environment.

CISA Question 1678

Question

Which of the following types of attack works by taking advantage of the unenforced and unchecked assumptions the system makes about its inputs?

A. format string vulnerabilities
B. integer overflow
C. code injection
D. command injection
E. None of the choices.

Answer

C. code injection

Explanation

Code injection is a technique to introduce code into a computer program or system by taking advantage of the unenforced and unchecked assumptions the system makes about its inputs.

CISA Question 1679

Question

Integer overflow occurs primarily with:

A. string formatting
B. debug operations
C. output formatting
D. input verifications
E. arithmetic operations
F. None of the choices.

Answer

E. arithmetic operations

Explanation

An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is larger than can be represented within the available storage space. On some processors the result saturates – once the maximum value is reached attempts to make it larger simply return the maximum result.

CISA Question 1680

Question

Which of the following kinds of function are particularly vulnerable to format string attacks?

A. C functions that perform output formatting
B. C functions that perform integer computation
C. C functions that perform real number subtraction
D. VB functions that perform integer conversion
E. SQL functions that perform string conversion
F. SQL functions that perform text conversion

Answer

A. C functions that perform output formatting

Explanation

Format string attacks are a new class of vulnerabilities recently discovered. It can be used to crash a program or to execute harmful code. The problem stems from the use of unfiltered user input as the format string parameter in certain C functions that perform formatting, such as print (). A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token.