Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 18

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1811

Question

To provide protection for media backup stored at an offsite location, the storage site should be:

A. located on a different floor of the building.
B. easily accessible by everyone.
C. clearly labeled for emergency access.
D. protected from unauthorized access.

Answer

D. protected from unauthorized access.

Explanation

The offsite storage site should always be protected against unauthorized access and have at least the same security requirements as the primary site. Choice A is incorrect because, if the backup is in the same building, it may suffer the same event and may be inaccessible.
Choices B and C represent access risks.

CISA Question 1812

Question

Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:

A. database integrity checks.
B. validation checks.
C. input controls.
D. database commits and rollbacks.

Answer

D. database commits and rollbacks.

Explanation

Database commits ensure the data are saved to disk, while the transaction processing is underway or complete. Rollback ensures that the already completed processing is reversed back, and the data already processed are not saved to the disk in the event of the failure of the completion of the transaction processing.
All other options do not ensure integrity while processing is underway.

CISA Question 1813

Question

Which of the following findings should an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault?

A. There are three individuals with a key to enter the area.
B. Paper documents are also stored in the offsite vault.
C. Data files that are stored in the vault are synchronized.
D. The offsite vault is located in a separate facility.

Answer

C. Data files that are stored in the vault are synchronized.

Explanation

Choice A is incorrect because more than one person would typically need to have a key to the vault to ensure that individuals responsible for the offsite vault can take vacations and rotate duties. Choice B is not correct because an IS auditor would not be concerned with whether paper documents are stored in the offsite vault. In fact, paper documents, such as procedural documents and a copy of the contingency plan, would most likely be stored in the offsite vault, and the location of the vault is important, but not as important as the files being synchronized.

CISA Question 1814

Question

Which of the following procedures would BEST determine whether adequate recovery/restart procedures exist?

A. Reviewing program code
B. Reviewing operations documentation
C. Turning off the UPS, then the power
D. Reviewing program documentation

Answer

B. Reviewing operations documentation

Explanation

Operations documentation should contain recovery/restart procedures, so operations can return to normal processing in a timely manner.
Turning off the uninterruptible power supply (UPS) and then turning off the power might create a situation for recovery and restart, but the negative effect on operations would prove this method to be undesirable. The review of program code and documentation generally does not provide evidence regarding recovery/restart procedures.

CISA Question 1815

Question

An IS auditor performing a review of the backup processing facilities should be MOST concerned that:

A. adequate fire insurance exists.
B. regular hardware maintenance is performed.
C. offsite storage of transaction and master files exists.
D. backup processing facilities are fully tested.

Answer

C. offsite storage of transaction and master files exists.

Explanation

Adequate fire insurance and fully tested backup processing facilities are important elements for recovery, but without the offsite storage of transaction and master files, it is generally impossible to recover. Regular hardware maintenance does not relate to recovery.

CISA Question 1816

Question

An offsite information processing facility:

A. should have the same amount of physical access restrictions as the primary processing site.
B. should be easily identified from the outside so that, in the event of an emergency, it can be easily found.
C. should be located in proximity to the originating site, so it can quickly be made operational.
D. need not have the same level of environmental monitoring as the originating site.

Answer

A. should have the same amount of physical access restrictions as the primary processing site.

Explanation

An offsite information processing facility should have the same amount of physical control as the originating site. It should not be easily identified from the outside to prevent intentional sabotage. The offsite facility should not be subject to the same natural disaster that could affect the originating site and thus should not be located in proximity of the original site. The offsite facility should possess the same level of environmental monitoring and control as the originating site.

CISA Question 1817

Question

As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost.
Which of the following is necessary to restore these files?

A. The previous day’s backup file and the current transaction tape
B. The previous day’s transaction file and the current transaction tape
C. The current transaction tape and the current hard copy transaction log
D. The current hard copy transaction log and the previous day’s transaction file

Answer

A. The previous day’s backup file and the current transaction tape

Explanation

The previous day’s backup file will be the most current historical backup of activity in the system. The current day’s transaction file will contain all of the day’s activity. Therefore, the combination of these two files will enable full recovery up to the point of interruption.

CISA Question 1818

Question

In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems?

A. Maintaining system software parameters
B. Ensuring periodic dumps of transaction logs
C. Ensuring grandfather-father-son file backups
D. Maintaining important data at an offsite location

Answer

B. Ensuring periodic dumps of transaction logs

Explanation

Ensuring periodic dumps of transaction logs is the only safe way of preserving timely historical data. The volume of activity usually associated with an online system makes other more traditional methods of backup impractical.

CISA Question 1819

Question

If a database is restored using before-image dumps, where should the process begin following an interruption?

A. Before the last transaction
B. After the last transaction
C. As the first transaction after the latest checkpoint
D. At the last transaction before the latest checkpoint

Answer

A. Before the last transaction

Explanation

If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken. The last transaction will not have updated the database and must be reprocessed. Program checkpoints are irrelevant in this situation.

CISA Question 1820

Question

Which of the following is the MOST important criterion when selecting a location for an offsite storage facility for IS backup files? The offsite facility must be:

A. physically separated from the data center and not subject to the same risks.
B. given the same level of protection as that of the computer data center.
C. outsourced to a reliable third party.
D. equipped with surveillance capabilities.

Answer

A. physically separated from the data center and not subject to the same risks.

Explanation

It is important that there be an offsite storage location for IS files and that it be in a location not subject to the same risks as the primary data center. The other choices are all issues that must be considered when establishing the offsite location, but they are not as critical as the location selection.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.