The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 431
- Question
- Answer
- Explanation
- CISA Question 432
- Question
- Answer
- Explanation
- CISA Question 433
- Question
- Answer
- Explanation
- CISA Question 434
- Question
- Answer
- Explanation
- CISA Question 435
- Question
- Answer
- Explanation
- CISA Question 436
- Question
- Answer
- Explanation
- CISA Question 437
- Question
- Answer
- Explanation
- CISA Question 438
- Question
- Answer
- Explanation
- CISA Question 439
- Question
- Answer
- Explanation
- CISA Question 440
- Question
- Answer
- Explanation
CISA Question 431
Question
When reviewing a hardware maintenance program, an IS auditor should assess whether:
A. the schedule of all unplanned maintenance is maintained.
B. it is in line with historical trends.
C. it has been approved by the IS steering committee.
D. the program is validated against vendor specifications.
Answer
D. the program is validated against vendor specifications.
Explanation
Though maintenance requirements vary based on complexity and performance workloads, a hardware maintenance schedule should be validated against the vendor-provided specifications. For business reasons, an organization may choose a more aggressive maintenance program than the vendor’s program. The maintenance program should include maintenance performance history, be it planned, unplanned, executed or exceptional. Unplanned maintenance cannot be scheduled. Hardware maintenance programs do not necessarily need to be in line with historical trends. Maintenance schedules normally are not approved by the steering committee.
CISA Question 432
Question
Which of the following BEST limits the impact of server failures in a distributed environment?
A. Redundant pathways
B. Clustering
C. Dial backup lines
D. Standby power
Answer
B. Clustering
Explanation
Clustering allows two or more servers to work as a unit, so that when one of them fails, the other takes over. Choices A and C are intended to minimize the impact of channel communications failures, but not a server failure. Choice D provides an alternative power source in the event of an energy failure.
CISA Question 433
Question
An IS auditor reviewing an organization’s data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:
A. source documentation retention.
B. data file security.
C. version usage control.
D. one-for-one checking.
Answer
C. version usage control.
Explanation
For processing to be correct, it is essential that the proper version of a file is used. Transactions should be applied to the most current database, while restart procedures should use earlier versions. Source documentation should be retained for an adequate time period to enable documentation retrieval, reconstruction or verification of data, but it does not aid in ensuring that the correct version of a file will be used. Data file security controls prevent access by unauthorized users who could then alter the data files; however, it does not ensure that the correct file will be used. It is necessary to ensure that all documents have been received for processing, one-for-one; however, this does not ensure the use of the correct file.
CISA Question 434
Question
The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
A. compression software to minimize transmission duration.
B. functional or message acknowledgments.
C. a packet-filtering firewall to reroute messages.
D. leased asynchronous transfer mode lines.
Answer
D. leased asynchronous transfer mode lines.
Explanation
Leased asynchronous transfer mode lines are a way to avoid using public and shared infrastructures from the carrier or Internet service provider that have a greater number of communication failures. Choice A, compression software, is a valid way to reduce the problem, but is not as good as leased asynchronous transfer mode lines. Choice B is a control based on higher protocol layers and helps if communication lines are introducing noise, but not if a link is down. Choice C, a packet-filtering firewall, does not reroute messages.
CISA Question 435
Question
Web and e-mail filtering tools are PRIMARILY valuable to an organization because they:
A. protect the organization from viruses and nonbusiness materials.
B. maximize employee performance.
C. safeguard the organization’s image.
D. assist the organization in preventing legal issues
Answer
A. protect the organization from viruses and nonbusiness materials.
Explanation
The main reason for investing in web and e-mail filtering tools is that they significantly reduce risks related to viruses, spam, mail chains, recreational surfing and recreational e- mail. Choice B could be true in some circumstances (i.e., it would need to be implemented along with an awareness program, so that employee performance can be significantly improved). However, in such cases, it would not be as relevant as choice A. Choices C and D are secondary or indirect benefits.
CISA Question 436
Question
The database administrator (DBA) suggests that DB efficiency can be improved by denormalizing some tables. This would result in:
A. loss of confidentiality.
B. increased redundancy.
C. unauthorized accesses.
D. application malfunctions.
Answer
B. increased redundancy.
Explanation
Normalization is a design or optimization process for a relational database (DB) that minimizes redundancy; therefore, denormalization would increase redundancy. Redundancy which is usually considered positive when it is a question of resource availability is negative in a database environment, since it demands additional and otherwise unnecessary data handling efforts.
Denormalization is sometimes advisable for functional reasons. It should not cause loss of confidentiality, unauthorized accesses or application malfunctions.
CISA Question 437
Question
The MOST significant security concerns when using flash memory (e.g., USB removable disk) is that the:
A. contents are highly volatile.
B. data cannot be backed up.
C. data can be copied.
D. device may not be compatible with other peripherals.
Answer
C. data can be copied.
Explanation
Unless properly controlled, flash memory provides an avenue for anyone to copy any content with ease. The contents stored in flash memory are not volatile. Backing up flash memory data is not a control concern, as the data are sometimes stored as a backup. Flash memory will be accessed through a PC rather than any other peripheral; therefore, compatibility is not an issue.
CISA Question 438
Question
Which of the following BEST ensures the integrity of a server’s operating system?
A. Protecting the server in a secure location
B. Setting a boot password
C. Hardening the server configuration
D. Implementing activity logging
Answer
C. Hardening the server configuration
Explanation
Hardening a system means to configure it in the most secure manner (install latest security patches, properly define the access authorization for users and administrators, disable insecure options and uninstall unused services) to prevent nonprivileged users from gaining the right to execute privileged instructions and thus take control of the entire machine, jeopardizing the OS’s integrity. Protecting the server in a secure location and setting a boot password are good practices, but do not ensure that a user will not try to exploit logical vulnerabilities and compromise the OS. Activity logging has two weaknesses in this scenario-it is a detective control (not a preventive one), and the attacker who already gained privileged access can modify logs or disable them.
CISA Question 439
Question
IT operations for a large organization have been outsourced. An IS auditor reviewing the outsourced operation should be MOST concerned about which of the following findings?
A. The outsourcing contract does not cover disaster recovery for the outsourced IT operations.
B. The service provider does not have incident handling procedures.
C. Recently a corrupted database could not be recovered because of library management problems.
D. incident logs are not being reviewed.
Answer
A. The outsourcing contract does not cover disaster recovery for the outsourced IT operations.
Explanation
The lack of a disaster recovery provision presents a major business risk. Incorporating such a provision into the contract will provide the outsourcing organization leverage over the service provider. Choices B, C and D are problems that should be addressed by the service provider, but are not as important as contract requirements for disaster recovery.
CISA Question 440
Question
An intruder accesses an application server and makes changes to the system log. Which of the following would enable the identification of the changes?
A. Mirroring the system log on another server
B. Simultaneously duplicating the system log on a write-once disk
C. Write-protecting the directory containing the system log
D. Storing the backup of the system log offsite
Answer
B. Simultaneously duplicating the system log on a write-once disk
Explanation
A write-once CD cannot be overwritten. Therefore, the system log duplicated on the disk could be compared to the original log to detect differences, which could be the result of changes made by an intruder. Write-protecting the system log does not prevent deletion or modification, since the superuser can override the write protection. Backup and mirroring may overwrite earlier files and may not be current.