The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 3581
- Question
- Answer
- CISA Question 3582
- Question
- Answer
- CISA Question 3583
- Question
- Answer
- CISA Question 3584
- Question
- Answer
- CISA Question 3585
- Question
- Answer
- CISA Question 3586
- Question
- Answer
- CISA Question 3587
- Question
- Answer
- CISA Question 3588
- Question
- Answer
- CISA Question 3589
- Question
- Answer
- CISA Question 3590
- Question
- Answer
CISA Question 3581
Question
An IS auditor is a member of an application development team that is selecting software. Which of the following would impair the auditor’s independence?
A. Verifying the weighting of each selection criteria
B. Approving the vendor selection methodology
C. Reviewing the request for proposal (RFP)
D. Witnessing the vendor selection process
Answer
B. Approving the vendor selection methodology
CISA Question 3582
Question
An IS auditor finds a number of system accounts that do not have documented approvals. Which of the following should be performed FIRST by the auditor?
A. Have the accounts removed immediately
B. Obtain sign-off on the accounts from the application owner
C. Document a finding and report an ineffective account provisioning control
D. Determine the purpose and risk of the accounts
Answer
D. Determine the purpose and risk of the accounts
CISA Question 3583
Question
Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?
A. Perform a system penetration test
B. Test compliance with operating procedures
C. Review access rights
D. Review router configuration tables
Answer
A. Perform a system penetration test
CISA Question 3584
Question
An IS auditor has found that a vendor has gone out of business and the escrow has an older version of the source code. What is the auditor’s BEST recommendation for the organization?
A. Continue using the existing application since it meets the current requirements
B. Prepare a maintenance plan that will support the application using the existing code
C. Bring the escrow version up to date
D. Undertake an analysis to determine the business risk
Answer
D. Undertake an analysis to determine the business risk
CISA Question 3585
Question
The GREATEST risk when performing data normalization is:
A. the increased complexity of the data model
B. duplication of audit logs
C. reduced data redundancy
D. decreased performance
Answer
A. the increased complexity of the data model
CISA Question 3586
Question
Two servers are deployed in a cluster to run a mission-critical application. To determine whether the system has been designed for optimal efficiency, the IS auditor should verify that:
A. the security features in the operating system are all enabled
B. the number of disks in the cluster meets minimum requirements
C. the two servers are of exactly the same configuration
D. load balancing between the servers has been implemented
Answer
D. load balancing between the servers has been implemented
CISA Question 3587
Question
An IS auditor observes that the CEO has full access to the enterprise resource planning (ERP) system. The IS auditor should FIRST:
A. accept the level of access provided as appropriate
B. recommend that the privilege be removed
C. ignore the observation as not being material to the review
D. document the finding as a potential risk
Answer
D. document the finding as a potential risk
CISA Question 3588
Question
Which of the following is an analytical review procedure for a payroll system?
A. Performing penetration attempts on the payroll system
B. Evaluating the performance of the payroll system using benchmarking software
C. Performing reasonableness tests by multiplying the number of employees by the average wage rate
D. Testing hours reported on time sheets
Answer
C. Performing reasonableness tests by multiplying the number of employees by the average wage rate
CISA Question 3589
Question
Which of the following is the PRIMARY benefit of using an integrated audit approach?
A. Higher acceptance of the findings from the audited business areas
B. The avoidance of duplicated work and redundant recommendations
C. Enhanced allocation of resources and reduced audit costs
D. A holistic perspective of overall risk and a better understanding of controls
Answer
D. A holistic perspective of overall risk and a better understanding of controls
CISA Question 3590
Question
An IS auditor is planning on utilizing attribute sampling to determine the error rate for health care claims processed. Which of the following factors will cause the sample size to decrease?
A. Population size increase
B. Expected error rate increase
C. Acceptable risk level decrease
D. Tolerable error rate increase
Answer
B. Expected error rate increase