Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 31

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3211

Question

What should be of MOST concern to an IS auditor reviewing an organization’s proposal to combine its online transaction processing (OLTP) data and data warehouse in the same database environment?

A. The quality of business intelligence reporting may be impacted.
B. A significant amount of data computing resources will be required.
C. The combination of static data with dynamic data could reduce data quality.
D. The complexity of the solution could lead to delays in deployment.

Answer

C. The combination of static data with dynamic data could reduce data quality.

CISA Question 3212

Question

Which of the following would an IS auditor MOST likely recommend to ensure that an organization’s IT systems are effectively kept up-to-date regarding vulnerabilities?

A. Release management
B. Version management
C. Patch management
D. Risk management

Answer

C. Patch management

CISA Question 3213

Question

Which of the following would be MOST useful to an IS auditor confirming that an IS department meets its service level agreements (SLAs)?

A. System downtime reports
B. IS strategic plan
C. Capacity planning tools
D. System utilization reports

Answer

C. Capacity planning tools

CISA Question 3214

Question

While reviewing transactions, an IS auditor discovers inconsistencies in a relational database. Which of the following would be the auditor’s BEST recommendation?

A. Perform data modeling.
B. Re-index the database.
C. Normalize the database.
D. Implement edit checks.

Answer

C. Normalize the database.

CISA Question 3215

Question

An IS auditor is conducting an interim review of an IT project. Which of the following would provide the MOST useful information regarding project performance?

A. Milestone review
B. Earned value analysis
C. Cost-benefit analysis
D. Function point analysis

Answer

B. Earned value analysis

CISA Question 3216

Question

An IS auditor finds an IT department does not perform periodic discovery of hardware and software deployed in an environment. What is the GREATEST associated risk?

A. Increase in unused licenses within the organization
B. Inaccurate inventory of hardware and software
C. Inaccurate cost estimates of hardware and software
D. Incomplete lists for third-party license audits

Answer

B. Inaccurate inventory of hardware and software

CISA Question 3217

Question

An IS auditor identifies that the accounts payable clerk has direct access to the payment file after it has been generated. The MOST significant risk to the organization is that payments may be:

A. rejected.
B. duplicated.
C. late to customers.
D. altered.

Answer

D. altered.

CISA Question 3218

Question

An IS auditor is reviewing an end-user computing program. Which of the following is the BEST way to maintain the accuracy of calculations embedded in the tool?

A. Assign an owner and developer for each tool.
B. Maintain version control.
C. Review calculations periodically.
D. Use standardized tool calculations.

Answer

D. Use standardized tool calculations.

CISA Question 3219

Question

An IS auditor finds that capacity management for a key system is being performed by IT with no input from the business. The auditor’s PRIMARY concern would be:

A. unanticipated increase in business’s capacity needs
B. impact to future business project funding
C. failure to maximize the use of equipment
D. cost of excessive data center storage capacity

Answer

C. failure to maximize the use of equipment

CISA Question 3220

Question

During an internal review of the system development life cycle management, an IS auditor finds that customer production data has been displayed in the user acceptance testing (UAT) environment. Which of the following is the auditor’s BEST recommendation?

A. Request approval for the use of production data in the UAT environment
B. Use de-identified data in the UAT environment.
C. Use data encryption in the UAT environment.
D. Perform a risk assessment to establish the impact of data leakage.

Answer

D. Perform a risk assessment to establish the impact of data leakage.

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker