Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 20

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 2141

Question

Which of the following is the BEST way to determine the effectiveness of a recently installed intrusion detection system (IDS)?

A. Implement access control.
B. Conduct attack simulation.
C. Review audit logs.
D. Inspect IDS configuration.

Answer

B. Conduct attack simulation.

CISA Question 2142

Question

Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?

A. Classification
B. Correlation analysis
C. Deviation detection
D. Clustering

Answer

B. Correlation analysis

CISA Question 2143

Question

An organization uses electronic funds transfer (EFT) to pay its vendors. Which of the following should be an IS auditor’s MAIN focus while reviewing controls in the accounts payable application?

A. Changes to the vendor master file
B. Volume of transactions
C. Amount of disbursements
D. Frequency of transactions

Answer

A. Changes to the vendor master file

CISA Question 2144

Question

In a complex IS environment, which of the following tasks should be performed by the data owner?

A. Perform technical database maintenance.
B. Perform data restoration when necessary.
C. Review data classifications periodically.
D. Test the validity of backup data.

Answer

C. Review data classifications periodically.

CISA Question 2145

Question

Overall responsibility for approving logical access rights to information assets should reside with the:

A. data and systems owners.
B. systems delivery and operations group.
C. security administrator.
D. systems administrator

Answer

A. data and systems owners.

CISA Question 2146

Question

Outsourcing the development of business systems is MOST likely to result in the loss of:

A. control over strategic direction.
B. accountability for end products.
C. in-house competencies.
D. responsibility for IT security.

Answer

A. control over strategic direction.

CISA Question 2147

Question

Which of the following would be the PRIMARY benefit of replacing physical keys with an electronic badge system for access to a data center?

A. Increasing accountability
B. Maintaining compliance
C. Tracking employee work hours
D. Increasing reliability

Answer

A. Increasing accountability

CISA Question 2148

Question

Which of the following approaches would utilize data analytics to facilitate the testing of a new account creation process?

A. Review the business requirements document for date of birth field requirements.
B. Review new account applications submitted in the past month for invalid dates of birth.
C. Evaluate configuration settings for the date of birth field requirements.
D. Attempt to submit new account applications with invalid dates of birth.

Answer

A. Review the business requirements document for date of birth field requirements.

CISA Question 2149

Question

Which of the following would be the MOST effective method to identify high risk areas in the business to be included in the audit plan?

A. Validate current risk from prior internal audit findings.
B. Review industry reports to identify common risk areas.
C. Engage with management to understand the business.
D. Review external audit reports of the business.

Answer

D. Review external audit reports of the business.

CISA Question 2150

Question

An IS audit manager finds that data manipulation logic developed by the audit analytics team leads to incorrect conclusions. This inaccurate logic is MOST likely an indication of which of the following?

A. Incompatibility between data volume and analytics processing capacity.
B. Poor security controls that grant inappropriate access to analysis produced.
C. The team’s poor understanding of the business process being analyzed.
D. Poor change controls over data sets collected from the business.

Answer

C. The team’s poor understanding of the business process being analyzed.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker