The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2511
- Question
- Answer
- CISA Question 2512
- Question
- Answer
- CISA Question 2513
- Question
- Answer
- CISA Question 2514
- Question
- Answer
- CISA Question 2515
- Question
- Answer
- CISA Question 2516
- Question
- Answer
- CISA Question 2517
- Question
- Answer
- CISA Question 2518
- Question
- Answer
- CISA Question 2519
- Question
- Answer
- CISA Question 2520
- Question
- Answer
CISA Question 2511
Question
Which of the following would be an appropriate role of internal audit in helping to establish an organization’s privacy program?
A. Analyzing risks posed by new regulations
B. Defining roles within the organization related to privacy
C. Developing procedures to monitor the use of personal data
D. Designing controls to protect personal data
Answer
D. Designing controls to protect personal data
CISA Question 2512
Question
An organization has decided to implement a third-party system in its existing IT environment. Which of the following is MOST important for the IS auditor to confirm?
A. The organization has created a clone of the third party’s IT infrastructure to host the IT system .
B. The organization has analyzed the IT infrastructure to determine the feasibility of hosting the IT system.
C. The organization has maintained a clone of the existing infrastructure as backup.
D. The organization has purchased a newly released IT infrastructure environment relevant to the IT system.
Answer
B. The organization has analyzed the IT infrastructure to determine the feasibility of hosting the IT system.
CISA Question 2513
Question
Which of the following is the GREATEST risk associated with end-user computing used in financial statement reporting?
A. Inability of IT to support the application
B. Loss of operational efficiency
C. Loss of data integrity
D. Inability to implement segregation of duties
Answer
C. Loss of data integrity
CISA Question 2514
Question
An IS auditor who was instrumental in designing an application is called upon to review the application. The auditor should:
A. inform audit management of the earlier involvement.
B. modify the scope of the audit.
C. refuse the assignment to avoid conflict of interest.
D. use the knowledge of the application to carry out the audit.
Answer
A. inform audit management of the earlier involvement.
CISA Question 2515
Question
The MOST appropriate control to ensure that all orders transmitted from remote locations to the production department are received accurately would be to:
A. have data transmitted back to the local site for comparison.
B. verify that parity checking is still active.
C. send and reconcile transaction counts and totals.
D. track and account for the numerical sequence of sales orders.
Answer
C. send and reconcile transaction counts and totals.
CISA Question 2516
Question
Which of the following may be adversely affected when thin client architecture is introduced?
A. Multi-tenancy
B. Portability
C. Availability
D. Concurrency
Answer
C. Availability
CISA Question 2517
Question
A white box testing method is applicable with which of the following testing processes?
A. User acceptance testing
B. Sociability testing
C. Parallel testing
D. Integration testing
Answer
A. User acceptance testing
CISA Question 2518
Question
Coding standards provide which of the following?
A. Access control tables
B. Field naming conventions
C. Data flow diagrams
D. Program documentation
Answer
B. Field naming conventions
CISA Question 2519
Question
Which of the following is the MOST effective control to mitigate against the risk of inappropriate activity by employees?
A. Network segmentation
B. User activity monitoring
C. Access recertification
D. Two-factor authentication
Answer
B. User activity monitoring
CISA Question 2520
Question
During a pre-implementation system review, an IS auditor notes that several identified defects will not be fixed prior to go-live. Which of the following is the auditor’s BEST course of action?
A. Determine which developer’s code is responsible for each defect.
B. Recommend the system does not go live.
C. Recommend staff augmentation after implementation.
D. Evaluate the workarounds in place.
Answer
D. Evaluate the workarounds in place.