The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2141
- Question
- Answer
- CISA Question 2142
- Question
- Answer
- CISA Question 2143
- Question
- Answer
- CISA Question 2144
- Question
- Answer
- CISA Question 2145
- Question
- Answer
- CISA Question 2146
- Question
- Answer
- CISA Question 2147
- Question
- Answer
- CISA Question 2148
- Question
- Answer
- CISA Question 2149
- Question
- Answer
- CISA Question 2150
- Question
- Answer
CISA Question 2141
Question
Which of the following is the BEST way to determine the effectiveness of a recently installed intrusion detection system (IDS)?
A. Implement access control.
B. Conduct attack simulation.
C. Review audit logs.
D. Inspect IDS configuration.
Answer
B. Conduct attack simulation.
CISA Question 2142
Question
Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?
A. Classification
B. Correlation analysis
C. Deviation detection
D. Clustering
Answer
B. Correlation analysis
CISA Question 2143
Question
An organization uses electronic funds transfer (EFT) to pay its vendors. Which of the following should be an IS auditor’s MAIN focus while reviewing controls in the accounts payable application?
A. Changes to the vendor master file
B. Volume of transactions
C. Amount of disbursements
D. Frequency of transactions
Answer
A. Changes to the vendor master file
CISA Question 2144
Question
In a complex IS environment, which of the following tasks should be performed by the data owner?
A. Perform technical database maintenance.
B. Perform data restoration when necessary.
C. Review data classifications periodically.
D. Test the validity of backup data.
Answer
C. Review data classifications periodically.
CISA Question 2145
Question
Overall responsibility for approving logical access rights to information assets should reside with the:
A. data and systems owners.
B. systems delivery and operations group.
C. security administrator.
D. systems administrator
Answer
A. data and systems owners.
CISA Question 2146
Question
Outsourcing the development of business systems is MOST likely to result in the loss of:
A. control over strategic direction.
B. accountability for end products.
C. in-house competencies.
D. responsibility for IT security.
Answer
A. control over strategic direction.
CISA Question 2147
Question
Which of the following would be the PRIMARY benefit of replacing physical keys with an electronic badge system for access to a data center?
A. Increasing accountability
B. Maintaining compliance
C. Tracking employee work hours
D. Increasing reliability
Answer
A. Increasing accountability
CISA Question 2148
Question
Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?
A. Review the business requirements document for date of birth field requirements.
B. Review new account applications submitted in the past month for invalid dates of birth.
C. Evaluate configuration settings for the date of birth field requirements.
D. Attempt to submit new account applications with invalid dates of birth.
Answer
A. Review the business requirements document for date of birth field requirements.
CISA Question 2149
Question
Which of the following would be the MOST effective method to identify high risk areas in the business to be included in the audit plan?
A. Validate current risk from prior internal audit findings.
B. Review industry reports to identify common risk areas.
C. Engage with management to understand the business.
D. Review external audit reports of the business.
Answer
D. Review external audit reports of the business.
CISA Question 2150
Question
An IS audit manager finds that data manipulation logic developed by the audit analytics team leads to incorrect conclusions. This inaccurate logic is MOST likely an indication of which of the following?
A. Incompatibility between data volume and analytics processing capacity.
B. Poor security controls that grant inappropriate access to analysis produced.
C. The team’s poor understanding of the business process being analyzed.
D. Poor change controls over data sets collected from the business.
Answer
C. The team’s poor understanding of the business process being analyzed.