The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 3211
- Question
- Answer
- CISA Question 3212
- Question
- Answer
- CISA Question 3213
- Question
- Answer
- CISA Question 3214
- Question
- Answer
- CISA Question 3215
- Question
- Answer
- CISA Question 3216
- Question
- Answer
- CISA Question 3217
- Question
- Answer
- CISA Question 3218
- Question
- Answer
- CISA Question 3219
- Question
- Answer
- CISA Question 3220
- Question
- Answer
CISA Question 3211
Question
What should be of MOST concern to an IS auditor reviewing an organization’s proposal to combine its online transaction processing (OLTP) data and data warehouse in the same database environment?
A. The quality of business intelligence reporting may be impacted.
B. A significant amount of data computing resources will be required.
C. The combination of static data with dynamic data could reduce data quality.
D. The complexity of the solution could lead to delays in deployment.
Answer
C. The combination of static data with dynamic data could reduce data quality.
CISA Question 3212
Question
Which of the following would an IS auditor MOST likely recommend to ensure that an organization’s IT systems are effectively kept up-to-date regarding vulnerabilities?
A. Release management
B. Version management
C. Patch management
D. Risk management
Answer
C. Patch management
CISA Question 3213
Question
Which of the following would be MOST useful to an IS auditor confirming that an IS department meets its service level agreements (SLAs)?
A. System downtime reports
B. IS strategic plan
C. Capacity planning tools
D. System utilization reports
Answer
C. Capacity planning tools
CISA Question 3214
Question
While reviewing transactions, an IS auditor discovers inconsistencies in a relational database. Which of the following would be the auditor’s BEST recommendation?
A. Perform data modeling.
B. Re-index the database.
C. Normalize the database.
D. Implement edit checks.
Answer
C. Normalize the database.
CISA Question 3215
Question
An IS auditor is conducting an interim review of an IT project. Which of the following would provide the MOST useful information regarding project performance?
A. Milestone review
B. Earned value analysis
C. Cost-benefit analysis
D. Function point analysis
Answer
B. Earned value analysis
CISA Question 3216
Question
An IS auditor finds an IT department does not perform periodic discovery of hardware and software deployed in an environment. What is the GREATEST associated risk?
A. Increase in unused licenses within the organization
B. Inaccurate inventory of hardware and software
C. Inaccurate cost estimates of hardware and software
D. Incomplete lists for third-party license audits
Answer
B. Inaccurate inventory of hardware and software
CISA Question 3217
Question
An IS auditor identifies that the accounts payable clerk has direct access to the payment file after it has been generated. The MOST significant risk to the organization is that payments may be:
A. rejected.
B. duplicated.
C. late to customers.
D. altered.
Answer
D. altered.
CISA Question 3218
Question
An IS auditor is reviewing an end-user computing program. Which of the following is the BEST way to maintain the accuracy of calculations embedded in the tool?
A. Assign an owner and developer for each tool.
B. Maintain version control.
C. Review calculations periodically.
D. Use standardized tool calculations.
Answer
D. Use standardized tool calculations.
CISA Question 3219
Question
An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business. The auditor’s PRIMARY concern would be:
A. unanticipated increase in business’s capacity needs
B. impact to future business project funding
C. failure to maximize the use of equipment
D. cost of excessive data center storage capacity
Answer
C. failure to maximize the use of equipment
CISA Question 3220
Question
During an internal review of the system development life cycle management, an IS auditor finds that customer production data has been displayed in the user acceptance testing (UAT) environment. Which of the following is the auditor’s BEST recommendation?
A. Request approval for the use of production data in the UAT environment
B. Use de-identified data in the UAT environment.
C. Use data encryption in the UAT environment.
D. Perform a risk assessment to establish the impact of data leakage.
Answer
D. Perform a risk assessment to establish the impact of data leakage.