The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 2721
- Question
- Answer
- Explanation
- CISA Question 2722
- Question
- Answer
- Explanation
- CISA Question 2723
- Question
- Answer
- CISA Question 2724
- Question
- Answer
- CISA Question 2725
- Question
- Answer
- CISA Question 2726
- Question
- Answer
- CISA Question 2727
- Question
- Answer
- CISA Question 2728
- Question
- Answer
- CISA Question 2729
- Question
- Answer
- CISA Question 2730
- Question
- Answer
CISA Question 2721
Question
Which of the following is a telecommunication device that translates data from digital to analog form and back to digital?
A. Multiplexer
B. Modem
C. Protocol converter
D. Concentrator
Answer
B. Modem
Explanation
A modem is a device that translates data from digital form and then back to digital for communication over analog lines.
CISA Question 2722
Question
Which device acting as a translator is used to connect two networks or applications from layer 4 up to layer 7 of the ISO/OSI Model?
A. Bridge
B. Repeater
C. Router
D. Gateway
Answer
D. Gateway
Explanation
A gateway is used to connect two networks using dissimilar protocols at the lower layers or it could also be at the highest level of the protocol stack.
Important Note:
For the purpose of the exam, you have to remember that a gateway is not synonymous to the term firewall.
The second thing you must remembers is the fact that a gateway act as a translation device.
It could be used to translate from IPX to TCP/IP for example. It could be used to convert different types of applications protocols and allow them to communicate together. A gateway could be at any of the OSI layers but usually tend to be higher up in the stack.
For your exam you should know below information about network devices:
Repeaters – A repeater provides the simplest type of connectivity, because it only repeats electrical signals between cable segments, which enables it to extend a network.
Repeaters work at the physical layer and are add-on devices for extending a network connection over a greater distance. The device amplifies signals because signals attenuate the farther they have to travel.
Repeaters can also work as line conditioners by actually cleaning up the signals. This works much better when amplifying digital signals than when amplifying analog signals, because digital signals are discrete units, which makes extraction of background noise from them much easier for the amplifier. If the device is amplifying analog signals, any accompanying noise often is amplified as well, which may further distort the signal.
A hub is a multi-port repeater. A hub is often referred to as a concentrator because it is the physical communication device that allows several computers and devices to communicate with each other. A hub does not understand or work with IP or MAC addresses. When one system sends a signal to go to another system connected to it, the signal is broadcast to all the ports, and thus to all the systems connected to the concentrator.
Bridges – A bridge is a LAN device used to connect LAN segments. It works at the data link layer and therefore works with MAC addresses. A repeater does not work with addresses; it just forwards all signals it receives. When a frame arrives at a bridge, the bridge determines whether or not the MAC address is on the local network segment. If the MAC address is not on the local network segment, the bridge forwards the frame to the necessary network segment.
Routers – Routers are layer 3, or network layer, devices that are used to connect similar or different networks. (For example, they can connect two Ethernet LANs or an Ethernet LAN to a Token Ring LAN.) A router is a device that has two or more interfaces and a routing table so it knows how to get packets to their destinations. It can filter traffic based on access control lists (ACLs), and it fragments packets when necessary. Because routers have more network-level knowledge, they can perform higher-level functions, such as calculating the shortest and most economical path between the sending and receiving hosts.
Switches – Switches combine the functionality of a repeater and the functionality of a bridge. A switch amplifies the electrical signal, like a repeater, and has the built-in circuitry and intelligence of a bridge. It is a multi-port connection device that provides connections for individual computers or other hubs and switches.
Gateways – Gateway is a general term for software running on a device that connects two different environments and that many times acts as a translator for them or somehow restricts their interactions.
Usually a gateway is needed when one environment speaks a different language, meaning it uses a certain protocol that the other environment does not understand. The gateway can translate Internetwork Packet Exchange (IPX) protocol packets to IP packets, accept mail from one type of mail server and format it so another type of mail server can accept and understand it, or connect and translate different data link technologies such as FDDI to Ethernet.
The following were incorrect answers:
Repeater – A repeater provides the simplest type of connectivity, because it only repeats electrical signals between cable segments, which enables it to extend a network. Repeaters work at the physical layer and are add-on devices for extending a network connection over a greater distance. The device amplifies signals because signals attenuate the farther they have to travel.
Bridges – A bridge is a LAN device used to connect LAN segments. It works at the data link layer and therefore works with MAC addresses. A repeater does not work with addresses; it just forwards all signals it receives. When a frame arrives at a bridge, the bridge determines whether or not the MAC address is on the local network segment. If the MAC address is not on the local network segment, the bridge forwards the frame to the necessary network segment.
Routers – Routers are layer 3, or network layer, devices that are used to connect similar or different networks. (For example, they can connect two Ethernet LANs or an Ethernet LAN to a Token Ring LAN.) A router is a device that has two or more interfaces and a routing table so it knows how to get packets to their destinations. It can filter traffic based on access control lists (ACLs), and it fragments packets when necessary.
CISA Question 2723
Question
A new information security manager is charged with reviewing and revising the information security strategy. The information security manager’s FIRST course of action should be to gain an understanding of the organization’s:
A. security architecture
B. risk register
C. internal control framework
D. business strategy
Answer
D. business strategy
CISA Question 2724
Question
Which of the following is MOST important for an effective control self-assessment program?
A. Determining the scope of the assessment
B. Evaluating changes to the risk environment
C. Understanding the business process
D. Performing detailed test procedures
Answer
C. Understanding the business process
CISA Question 2725
Question
Which of the following is the BEST source of information when assessing the amount of time a project will take?
A. GANTT chart
B. Workforce estimate
C. Critical path analysis
D. Scheduling budget
Answer
A. GANTT chart
CISA Question 2726
Question
Which of the following would be a result of utilizing a top-down maturity model process?
A. A means of benchmarking the effectiveness of similar processes with peers
B. Identification of older, more established processes to ensure timely review
C. Identification of processes with the most improvement opportunities
D. A means of comparing the effectiveness of other processes within the enterprise
Answer
C. Identification of processes with the most improvement opportunities
CISA Question 2727
Question
Which of the following could an IS auditor recommend to improve the estimated resources required in system development?
A. Business areas involvement
B. Prototyping
C. Function point analysis
D. CASE tools
Answer
C. Function point analysis
CISA Question 2728
Question
Which of the following access control situations represents the MOST serious control weakness?
A. Computer operators have access to system level flowcharts.
B. Programmers have access to development hardware.
C. End users have access to program development tools.
D. System developers have access to production data.
Answer
C. End users have access to program development tools.
CISA Question 2729
Question
Which of the following is the GREATEST risk associated with in-house program development and customization?
A. The lack of a test environment
B. The lack of a quality assurance function
C. The lack of secure coding expertise
D. The lack of documentation for programs developed.
Answer
B. The lack of a quality assurance function
CISA Question 2730
Question
When developing a risk-based IS audit plan, the PRIMARY focus should be on functions:
A. considered important by IT management.
B. with the most ineffective controls.
C. with the greatest number of threats.
D. considered critical to business operations
Answer
D. considered critical to business operations