The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 3441
- Question
- Answer
- CISA Question 3442
- Question
- Answer
- CISA Question 3443
- Question
- Answer
- CISA Question 3444
- Question
- Answer
- CISA Question 3445
- Question
- Answer
- CISA Question 3446
- Question
- Answer
- CISA Question 3447
- Question
- Answer
- CISA Question 3448
- Question
- Answer
- CISA Question 3449
- Question
- Answer
- CISA Question 3450
- Question
- Answer
CISA Question 3441
Question
Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process?
A. Release documentation is not updated to reflect successful deployment.
B. Test libraries have not been reviewed in over six months.
C. Developers are able to approve their own releases.
D. Testing documentation is not attached to production releases.
Answer
C. Developers are able to approve their own releases.
CISA Question 3442
Question
Which of the following would be MOST important for an IS auditor to review during an audit of an automated continuous monitoring process being used by the finance department?
A. Resiliency of the monitoring service
B. Dual control and approvals embedded in processes
C. Management sign-off of test documentation
D. Configuration of the monitoring tool
Answer
B. Dual control and approvals embedded in processes
CISA Question 3443
Question
An IS auditor finds that firewalls are outdated and not supported by vendors. Which of the following should be the auditor’s NEXT course of action?
A. Determine the value of the firewall.
B. Report the security posture of the organization.
C. Report the mitigating controls.
D. Determine the risk of not replacing the firewall.
Answer
B. Report the security posture of the organization.
CISA Question 3444
Question
An IS auditor discovered that a firewall has more services than needed. The IS auditor’s FIRST recommendation should be to:
A. ensure logging is turned on.
B. deploy a network penetration team.
C. review configurations.
D. eliminate services except for HTTPS.
Answer
C. review configurations.
CISA Question 3445
Question
During an audit, it is discovered that several suppliers with standing orders have been deleted from the supplier master file. Which of the following controls would have BEST prevented such an occurrence?
A. Logical relationship check
B. Existence check
C. Table look-ups
D. Referential integrity
Answer
A. Logical relationship check
CISA Question 3446
Question
A database administrator (DBA) extracts a user listing for an auditor as testing evidence. Which of the following will provide the GREATEST assurance that the user listing is reliable?
A. Requesting a query that returns the count of the users.
B. Requesting a copy of the query that generated the user listing
C. Obtaining sign-off from the DBA to attest that the list is complete
D. Witnessing the DBA running the query in-person
Answer
C. Obtaining sign-off from the DBA to attest that the list is complete
CISA Question 3447
Question
To select a sample for testing, which must include the 80 largest client balances and a random sample of the rest, the IS auditor should recommend:
A. sorting the file with a utility.
B. use of generalized audit software.
C. applying attribute sampling using software.
D. development of an integrated test facility (ITF).
Answer
C. applying attribute sampling using software.
CISA Question 3448
Question
An organization was recently notified by its regulatory body of significant discrepancies in its reporting data. A preliminary investigation revealed that the discrepancies were caused by problems with the organization’s data quality. Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be advisors to the process. After the data quality team identifies the system data at fault, which of the following should internal audit recommend as the NEXT step in the process?
A. Create business rules that validate data quality.
B. Develop an improvement plan.
C. Identify the root cause of data quality problems.
D. Identify the source data owners.
Answer
A. Create business rules that validate data quality.
CISA Question 3449
Question
Which of the following should be an IS auditor’s FIRST activity when planning an audit?
A. Gain an understanding of the area to be audited.
B. Document specific questions in the audit program.
C. Create a list of key controls to be reviewed.
D. Identify proper resources for audit activities.
Answer
A. Gain an understanding of the area to be audited.
CISA Question 3450
Question
Which of the following is the PRIMARY objective of the IS audit function?
A. Perform reviews based on standards developed by professional organizations.
B. Reports to management on the functioning of internal controls.
C. Certify the accuracy of financial data.
D. Facilitate extraction of computer-based data for substantive testing.
Answer
A. Perform reviews based on standards developed by professional organizations.