Skip to Content

ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 34

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

ISACA Certified Information Systems Auditor (CISA) Exam Questions and Answers

CISA Question 3501

Question

An IS auditor is assigned to review the development of a specific application. Which of the following would be the MOST significant step following the feasibility study?

A. Attend project progress meetings to monitor timely implementation of the application.
B. Assist users in the design of proper acceptance-testing procedures.
C. Follow up with project sponsor for project’s budgets and actual costs.
D. Review functional design to determine that appropriate controls are planned.

Answer

D. Review functional design to determine that appropriate controls are planned.

CISA Question 3502

Question

An IS auditor evaluating a three-tier client/server architecture observes an issue with graphical user interface (GUI) tasks. Which layer should the auditor recommend the client address?

A. Presentation layer
B. Application layer
C. Storage layer
D. Transport layer

Answer

A. Presentation layer

CISA Question 3503

Question

Which of the following should be of GREATEST concern to an IS auditor reviewing actions taken during a forensic investigation?

A. The investigation report does not indicate a conclusion.
B. An image copy of the attacked system was not taken.
C. The proper authorities were not notified.
D. The handling procedures of the attacked system are not documented.

Answer

C. The proper authorities were not notified.

CISA Question 3504

Question

During an audit of the organization’s data privacy policy, the IS auditor identified that only some IT application databases have encryption in place.
What should be the auditor’s FIRST action?

A. Assess the resources required to implement encryption to unencrypted databases.
B. Review the most recent database penetration testing results.
C. Determine whether compensating controls are in place.
D. Review a comprehensive list of databases with the information they contain.

Answer

C. Determine whether compensating controls are in place.

CISA Question 3505

Question

An IS auditor is observing transaction processing and notes that a high-priority update job ran out of sequence. What is the MOST significant risk from this observation?

A. Previous jobs may have failed.
B. The job may not have run to completion.
C. Daily schedules may not be accurate.
D. The job competes with invalid data.

Answer

D. The job competes with invalid data.

CISA Question 3506

Question

Which of the following should the IS auditor use to BEST determine whether a project has met its business objectives?

A. Earned-value analysis
B. Completed project plan
C. Issues log with resolutions
D. Benefits realization document

Answer

D. Benefits realization document

CISA Question 3507

Question

An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions. Which of the following is MOST important for the auditor to confirm when sourcing the population data?

A. There is no privacy information in the data.
B. The data analysis tools have been recently updated.
C. The data can be obtained in a timely manner.
D. The data is taken directly from the system.

Answer

A. There is no privacy information in the data.

CISA Question 3508

Question

Which of the following would be the MOST efficient audit approach, given that a compliance-based approach was adopted in the previous year?

A. Validate all applications using test data.
B. Interview systems personnel to evaluate all automated controls.
C. Evaluate the controls surrounding changes to programs.
D. Perform a review of significant transactions posted within the system.

Answer

D. Perform a review of significant transactions posted within the system.

CISA Question 3509

Question

Which of the following is the BEST way to facilitate proper follow-up for audit findings?

A. Schedule a follow-up audit for two weeks after the initial audit was completed.
B. Conduct a surprise audit to determine whether remediation is in progress.
C. Conduct a follow-up audit when findings escalate to incidents.
D. Schedule a follow-up audit based on remediation due dates.

Answer

D. Schedule a follow-up audit based on remediation due dates.

CISA Question 3510

Question

An IS auditor reviewed the business case for a proposed investment to virtualize an organization’s server infrastructure. Which of the following is MOST likely to be included among the benefits in the project proposal?

A. Fewer operating system licenses
B. Better efficiency of logical resources
C. Reduced hardware footprint
D. Less memory and storage space

Answer

C. Reduced hardware footprint

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.