Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 19

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 1951

Question

Which of the following encryption methods offers the BEST wireless security?

A. Wired equivalent privacy (WEP)
B. Secure Sockets Layer (SSL)
C. Data encryption standard (DES)
D. Wi-Fi Protected Access 2 (WPA2)

Answer

D. Wi-Fi Protected Access 2 (WPA2)

CISA Question 1952

Question

Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?

A. Transaction log review
B. User awareness training
C. Mandatory holidays
D. Background check

Answer

A. Transaction log review

CISA Question 1953

Question

Of the following, who are the MOST appropriate staff for ensuring the alignment of user authorization tables with approved authorization forms?

A. IT managers
B. System owners
C. Database administrators (DBAs)
D. Security administrators

Answer

B. System owners

CISA Question 1954

Question

An organization maintains an inventory of the IT applications used by its staff. Which of the following would pose the GREATEST concern with regard to the quality of the inventory data?

A. Inventory data is available on and downloadable from the corporate intranet.
B. The application owner and contact information fields are not required to be completed.
C. The inventory does not contain a formal risk ranking for all the IT applications.
D. The organization has not established a formal recertification process for the inventory data.

Answer

B. The application owner and contact information fields are not required to be completed.

CISA Question 1955

Question

The use of which of the following would BEST enhance a process improvement program?

A. Project management methodologies
B. Capability maturity models
C. Balanced scorecard
D. Model-based design notations

Answer

C. Balanced scorecard

CISA Question 1956

Question

Which of the following is the GREATEST concern associated with a high number of IT policy exceptions approved by management?

A. The exceptions may result in noncompliance.
B. The exceptions may negatively impact process efficiency.
C. The exceptions are likely to continue indefinitely.
D. The exceptions may elevate the level of operational risk.

Answer

A. The exceptions may result in noncompliance.

CISA Question 1957

Question

An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system. End users indicated concerns with the accuracy of critical automatic calculations made by the system. The auditor’s FIRST course of action should be to:

A. verify completeness of user acceptance testing (UAT).
B. verify results to determine validity of user concerns.
C. review initial business requirements.
D. review recent changes to the system

Answer

B. verify results to determine validity of user concerns.

CISA Question 1958

Question

Which of the following is the MOST effective accuracy control for entry of a valid numeric part number?

A. Hash totals
B. Comparison to historical order pattern
C. Self-checking digit
D. Online review of description

Answer

C. Self-checking digit

CISA Question 1959

Question

Which of the following is the BEST indication that an information security program is aligned with organizational objectives?

A. The information security steering committee sets organizational security priorities.
B. Senior management conducts regular reviews of information security policies.
C. Information security processes are in place throughout the system development life cycle (SDLC).
D. Risk is managed to within organizational tolerances.

Answer

C. Information security processes are in place throughout the system development life cycle (SDLC).

CISA Question 1960

Question

During an operational audit of a biometric system used to control physical access, which of the following should be of GREATEST concern to an IS auditor?

A. False positives
B. Lack of biometric training
C. User acceptance of biometrics
D. False negatives

Answer

D. False negatives

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.