The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.
Table of Contents
- CISA Question 951
- Question
- Answer
- Explanation
- CISA Question 952
- Question
- Answer
- Explanation
- CISA Question 953
- Question
- Answer
- Explanation
- CISA Question 954
- Question
- Answer
- Explanation
- CISA Question 955
- Question
- Answer
- Explanation
- CISA Question 956
- Question
- Answer
- Explanation
- CISA Question 957
- Question
- Answer
- Explanation
- CISA Question 958
- Question
- Answer
- Explanation
- CISA Question 959
- Question
- Answer
- Explanation
- CISA Question 960
- Question
- Answer
- Explanation
CISA Question 951
Question
The vice president of human resources has requested an audit to identify payroll overpayments for the previous year. Which would be the BEST
audit technique to use in this situation?
A. Test data
B. Generalized audit software
C. Integrated test facility
D. Embedded audit module
Answer
B. Generalized audit software
Explanation
Generalized audit software features include mathematical computations, stratification, statistical analysis, sequence checking, duplicate checking and recomputations. An IS auditor, using generalized audit software, could design appropriate tests to recompute the payroll, thereby determining if there were overpayments and to whom they were made. Test data would test for the existence of controls that might prevent overpayments, but it would not detect specific, previous miscalculations. Neither an integrated test facility nor an embedded audit module would detect errors for a previous period.
CISA Question 952
Question
An IS auditor has imported data from the client’s database. The next step-confirming whether the imported data are complete-is performed by:
A. matching control totals of the imported data to control totals of the original data.
B. sorting the data to confirm whether the data are in the same order as the original data.
C. reviewing the printout of the first 100 records of original data with the first 100 records of imported data.
D. filtering data for different categories and matching them to the original data.
Answer
A. matching control totals of the imported data to control totals of the original data.
Explanation
Matching control totals of the imported data with control totals of the original data is the next logical step, as this confirms the completeness of the imported datA. It is not possible to confirm completeness by sorting the imported data, because the original data may not be in sorted order. Further, sorting does not provide control totals for verifying completeness. Reviewing a printout of 100 records of original data with 100 records of imported data is a process of physical verification and confirms the accuracy of only these records. Filtering data for different categories and matching them to original data would still require that control totals be developed to confirm the completeness of the data.
CISA Question 953
Question
Which of the following is the PRIMARY advantage of using computer forensic software for investigations?
A. The preservation of the chain of custody for electronic evidence
B. Time and cost savings
C. Efficiency and effectiveness
D. Ability to search for violations of intellectual property rights
Answer
A. The preservation of the chain of custody for electronic evidence
Explanation
The primary objective of forensic software is to preserve electronic evidence to meet the rules of evidence. Choice B, time and cost savings, and choice C, efficiency and effectiveness, are legitimate concerns that differentiate good from poor forensic software packages. Choice D, the ability to search for intellectual property rights violations, is an example of a use of forensic software.
CISA Question 954
Question
An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of the following findings should give the IS auditor
the GREATEST concern?
A. There are a number of external modems connected to the network.
B. Users can install software on their desktops.
C. Network monitoring is very limited.
D. Many user IDs have identical passwords.
Answer
D. Many user IDs have identical passwords.
Explanation
Exploitation of a known user ID and password requires minimal technical knowledge and exposes the network resources to exploitation. The technical barrier is low and the impact can be very high; therefore, the fact that many user IDs have identical passwords represents the greatest threat. External modems represent a security risk, but exploitation still depends on the use of a valid user account. While the impact of users installing software on their desktops can be high {for example, due to the installation of Trojans or key-logging programs), the likelihood is not high due to the level of technical knowledge required to successfully penetrate the network. Although network monitoring can be a useful detective control, it will only detect abuse of user accounts in special circumstances and is, therefore, not a first line of defense.
CISA Question 955
Question
In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover potential anomalies in user or system behavior.
Which of the following tools are MOST suitable for performing that task?
A. CASE tools
B. Embedded data collection tools
C. Heuristic scanning tools
D. Trend/variance detection tools
Answer
D. Trend/variance detection tools
Explanation
Trend/variance detection tools look for anomalies in user or system behavior, for example, determining whether the numbers for prenumbered documents are sequential or increasing. CASE tools are used to assist software development. Embedded (audit) data collection software is used for sampling and to provide production statistics. Heuristic scanning tools can be used to scan for viruses to indicate possible infected code.
CISA Question 956
Question
An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews the logs for one day and finds one case where
logging on a server has failed with the result that backup restarts cannot be confirmed. What should the auditor do?
A. Issue an audit finding
B. Seek an explanation from IS management
C. Review the classifications of data held on the server
D. Expand the sample of logs reviewed
Answer
D. Expand the sample of logs reviewed
Explanation
Audit standards require that an IS auditor gather sufficient and appropriate audit evidence. The auditor has found a potential problem and now needs to determine if this is an isolated incident or a systematic control failure. At this stage it is too preliminary to issue an audit finding and seeking an explanation from management is advisable, but it would be better to gather additional evidence to properly evaluate the seriousness of the situation. A backup failure, which has not been established at this point, will be serious if it involves critical data. However, the issue is not the importance of the data on the server, where a problem has been detected, but whether a systematic control failure that impacts other servers exists.
CISA Question 957
Question
The PRIMARY purpose of an IT forensic audit is:
A. to participate in investigations related to corporate fraud.
B. the systematic collection of evidence after a system irregularity.
C. to assess the correctness of an organization’s financial statements
D. to determine that there has been criminal activity.
Answer
B. the systematic collection of evidence after a system irregularity.
Explanation
Choice B describes a forensic audit. The evidence collected could then be used in judicial proceedings. Forensic audits are not limited to corporate fraud.
Assessing the correctness of an organization’s financial statements is not the purpose of a forensic audit. Drawing a conclusion to criminal activity would be part of a legal process and not the objective of a forensic audit.
CISA Question 958
Question
An IS auditor evaluating logical access controls should FIRST:
A. document the controls applied to the potential access paths to the system.
B. test controls over the access paths to determine if they are functional.
C. evaluate the security environment in relation to written policies and practices
D. obtain an understanding of the security risks to information processing.
Answer
D. obtain an understanding of the security risks to information processing.
Explanation
When evaluating logical access controls, an IS auditor should first obtain an understanding of the security risks facing information processing by reviewing relevant documentation, by inquiries, and by conducting a risk assessment. Documentation and evaluation is the second step in assessing the adequacy, efficiency and effectiveness, thus identifying deficiencies or redundancy in controls. The third step is to test the access paths-to determine if the controls are functioning. Lastly, the lS auditor evaluates the security environment to assess its adequacy by reviewing the written policies, observing practices and comparing them to appropriate security best practices.
CISA Question 959
Question
When selecting audit procedures, an IS auditor should use professional judgment to ensure that:
A. sufficient evidence will be collected.
B. all significant deficiencies identified will be corrected within a reasonable period.
C. all material weaknesses will be identified.
D. audit costs will be kept at a minimum level.
Answer
A. sufficient evidence will be collected.
Explanation
Procedures are processes an IS auditor may follow in an audit engagement. In determining the appropriateness of any specific procedure, an IS auditor should use professional judgment appropriate to the specific circumstances. Professional judgment involves a subjective and often qualitative evaluation of conditions arising in the course of an audit. Judgment addresses a grey area where binary (yes/no) decisions are not appropriate and the auditor’s past experience plays a key role in making a judgment. ISACA’s guidelines provide information on how to meet the standards when performing IS audit work. Identifying material weaknesses is the result of appropriate competence, experience and thoroughness in planning and executing the audit and not of professional judgment.
Professional judgment is not a primary input to the financial aspects of the audit.
CISA Question 960
Question
During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:
A. address audit objectives.
B. collect sufficient evidence.
C. specify appropriate tests.
D. minimize audit resources.
Answer
A. address audit objectives.
Explanation
ISACA auditing standards require that an IS auditor plan the audit work to address the audit objectives. Choice B is incorrect because the auditor does not collect evidence in the planning stage of an audit. Choices C and D are incorrect because they are not the primary goals of audit planning. The activities described in choices B, C and D are all undertaken to address audit objectives and are thus secondary to choice A.