CISA Actual Questions Answers PDF 100% Cover Real Exam Questions
CISA Exam questions and answers
Information Systems Acquisition, Development, & Implementation: This subject will measure the candidates’ skills in the following subtopics:
- Information systems implementation – testing methodologies; system migration, data conversion, and infrastructure deployment; post-implementation review.
- Information system acquisition and development – project management and governance; control identification & design; system development methodologies; business case & feasibility analysis;
NEW QUESTION 250
Which of the following is the BEST detective control for a job scheduling process involving data transmission?
- A. Jobs are scheduled to be completed daily end data is transmitted using a secure Fife Transfer Protocol (SFTP)
- B. Jobs are scheduled and a log of this activity n retained for subsequent review
- C. Job failure alerts are automatically generated and routed to support personnel
- D. Metrics denoting the volume of monthly job failures are reported and reviewed by senior management
Answer: A
NEW QUESTION 251
Which function in the purchasing module of an enterprise resource planning (ERP) system ensures payments are not issued for incorrect invoices'
- A. Management workflow approval
- B. Three-way match
- C. Sequential payment numbers
- D. Purchasing authority levels
Answer: B
NEW QUESTION 252
In an online banking application, which of the following would BEST protect against identity theft?
- A. Encryption of personal password
- B. Periodic review of access logs
- C. Two-factor authentication
- D. Restricting the user to a specific terminal
Answer: C
Explanation:
Explanation/Reference:
Explanation:
Two-factor authentication requires two independent methods for establishing identity and privileges.
Factors include something you know, such as a password; something you have, such as a token; and something you are, which is biometric. Requiring two of these factors makes identity theft more difficult. A password could be guessed or broken. Restricting the user to a specific terminal is not a practical alternative for an online application. Periodic review of access logs is a detective control and does not protect against identity theft.
NEW QUESTION 253
Network ILD&P are typically installed:
- A. on the organization's internet network connection.
- B. on the organization's internal network connection.
- C. on each end user stations.
- D. on the firewall.
- E. None of the choices.
Answer: A
Explanation:
Explanation/Reference:
Explanation:
Information Leakage Detection and Prevention (ILD&P) is a computer security term referring to systems designed to detect and prevent the unauthorized transmission of information from the computer systems of an organization to outsiders. Network ILD&P are gateway-based systems installed on the organization's internet network connection and analyze network traffic to search for unauthorized information transmissions. Host Based ILD&P systems run on end-user workstations to monitor and control access to physical devices and access information before it has been encrypted.
NEW QUESTION 254
Effective transactional controls are often capable of offering which of the following benefits (choose all that apply):
- A. shortened contract cycle times
- B. diminished legal risk
- C. reduced administrative and material costs
- D. enhanced procurement decisions
- E. None of the choices.
Answer: A,B,C,D
Explanation:
Transactional systems provide a baseline necessary to measure and monitor contract performance and provide a method for appraising efficiency against possible areas of exposure. Effective transactional controls reduce administrative and material costs, shorten contract cycle times, enhance procurement decisions, and diminish legal risk.
NEW QUESTION 255
In a client-server system, which of the following control techniques is used to inspect activity from known or unknown users?
- A. Data encryption techniques
- B. Diskless workstations
- C. Authentication systems
- D. Network monitoring devices
Answer: D
Explanation:
Section: Protection of Information Assets
Explanation:
Network monitoring devices may be used to inspect activities from known or unknown users and can identify client addresses, which may assist in finding evidence of unauthorized access. This serves as a detective control. Diskless workstations prevent access control software from being bypassed. Data encryption techniques can help protect sensitive or propriety data from unauthorized access, thereby serving as a preventive control. Authentication systems may provide environment wide, logical facilities that can differentiate among users, before providing access to systems.
NEW QUESTION 256
Which of the following types of firewall treats each network frame or packet in isolation?
- A. stateless firewall
- B. statefull firewall
- C. packet filtering firewall
- D. combination firewall
- E. None of the choices.
- F. hardware firewall
Answer: A
Explanation:
Explanation/Reference:
Explanation:
A stateless firewall treats each network frame or packet in isolation.
Such a firewall has no way of knowing if any given packet is part of an existing connection, is trying to establish a new connection, or is just a rogue packet.
NEW QUESTION 257
Which of the following data validation control validates input data against predefined range values?
- A. Table lookups
- B. Range Check
- C. Existence check
- D. Reasonableness check
Answer: B
Explanation:
Section: Information System Acquisition, Development and Implementation
Explanation/Reference:
In the Range Check control data should not exceed a predefined range of values
For CISA exam you should know below mentioned data validation edits and controls
Sequence Check - The control number follows sequentially and any sequence or duplicated control
numbers are rejected or noted on an exception report for follow-up purposes. For example, invoices are
numbered sequentially. The day's invoice begins with 12001 and ends with 15045. If any invoice larger than
15045 is encountered during processing, that invoice would be rejected as an invalid invoice number.
Limit Check -Data should not exceed a predefined amount. For example, payroll checks should not exceed
US $ 4000. If a check exceeds US $ 4000, data would be rejected for further verification/authorization.
Validity Check -Programmed checking of data validity in accordance with predefined criteria. For example,
a payroll record contains a field for marital status and the acceptable status codes are M or
S. If any other
code is entered, record should be rejected.
Range Check -Data should not exceed a predefined range of values. For example, product type code
range from 100 to 250. Any code outside this range should be rejected as an invalid product type.
Reasonableness check - Input data are matched to predefined reasonable limits or occurrence rates. For
example, a widget manufacturer usually receives an order for no more than 20 widgets. If an order for more
than 20 widgets is received, the computer program should be designed to print the record with a warning
indicating that the order appears unreasonable.
Table Lookups - Input data comply with predefined criteria maintained in computerized table of possible
values. For example, an input check enters a city code of 1 to 10. This number corresponds with a
computerize table that matches a code to a city name.
Existence Check - Data are entered correctly and agree with valid predefined criteria. For example, a valid
transaction code must be entered in transaction code field.
Key verification -The keying process is repeated by a separate individual using a machine that compares
the original key stroke to the repeated keyed input. For ex. the worker number is keyed twice and
compared to verify the keying process.
Check digit - a numeric value that has been calculated mathematically is added to a data to ensure that
original data have not been p[ altered or incorrect, but Valid, value substituted. This control is effective in
detecting transposition and transcription error. For ex. A check digit is added to an account number so it
can be checked for accuracy when it is used.
Completeness check - a filed should always contain data rather than zero or blanks. A check of each byte
of that field should be performed to determine that some form of data, or not blanks or zeros, is present.
For ex. A worker number on a new employee record is left blank. His is identified as a key in filed and the
record would be rejected, with a request that the field be completed before the record is accepted for
processing.
Duplicate check- new transaction is matched to those previously input to ensure that they have not already
been entered. For ex. A vendor invoice number agrees with previously recorded invoice to ensure that the
current order is not a duplicate and, therefore, the vendor will not be paid twice.
Logical relationship check - if a particular condition is true, then one or more additional conditions or data
input relationship may be required to be true and consider the input valid. For ex. The hire data of an
employee may be required to be true and consider the input valid. For ex. The hire date of an employee
may be required to be more than 16 years past his her date of birth.
The following were incorrect answers:
Table Lookups - Input data comply with predefined criteria maintained in computerized table of possible
values. For example, an input check enters a city code of 1 to 10. This number corresponds with a
computerize table that matches a code to a city name.
Existence Check - Data are entered correctly and agree with valid predefined criteria. For example, a valid
transaction code must be entered in transaction code field.
Reasonableness check - Input data are matched to predefined reasonable limits or occurrence rates. For
example, a widget manufacturer usually receives an order for no more than 20 widgets. If an order for more
than 20 widgets is received, the computer program should be designed to print the record with a warning
indicating that the order appears unreasonable.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 215
NEW QUESTION 258
Which of the following types of spyware was originally designed for determining the sources of error or for measuring staff productivity?
- A. Keystroke logging
- B. Directory logging
- C. Password logging
- D. Keywords logging
- E. None of the choices.
Answer: A
Explanation:
Explanation/Reference:
Explanation:
Keystroke logging (in the form of spyware) was originally a function of diagnostic tool deployed by software developers for capturing user's keystrokes.
This is done for determining the sources of error or for measuring staff productivity.
NEW QUESTION 259
Passwords should be:
- A. changed every 30 days at the discretion of the user.
- B. assigned by the security administrator for first time logon.
- C. displayed on the screen so that the user can ensure that it has been entered properly.
- D. reused often to ensure the user does not forget the password.
Answer: B
Explanation:
Section: Protection of Information Assets
Explanation:
Initial password assignment should be done discretely by the security administrator. Passwords should be changed often (e.g., every 30 days); however, changing should not be voluntary, it should be required by the system. Systems should not permit previous passwords to be used again. Old passwords may have been compromised and would thus permit unauthorized access. Passwords should not be displayed in any form.
NEW QUESTION 260
Prior to the of acquired software into production, it is MOST important that the IS auditor review the:
- A. user acceptance lest report.
- B. system documentation.
- C. source code escrow agreement.
- D. vendor testing report.
Answer: B
NEW QUESTION 261
Which of the following is protocol data unit (PDU) of transport layer in TCP/IP model?
- A. Packet
- B. Segment
- C. Frame
- D. Data
Answer: B
Explanation:
Explanation/Reference:
For your exam you should know below information about TCP/IP model:
Network models
Layer 4. Application Layer
Application layer is the top most layer of four layer TCP/IP model. Application layer is present on the top of the Transport layer. Application layer defines TCP/IP application protocols and how host programs interface with Transport layer services to use the network.
Application layer includes all the higher-level protocols like DNS (Domain Naming System), HTTP (Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transfer Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows, RDP (Remote Desktop Protocol) etc.
Layer 3. Transport Layer
Transport Layer is the third layer of the four layer TCP/IP model. The position of the Transport layer is between Application layer and Internet layer. The purpose of Transport layer is to permit devices on the source and destination hosts to carry on a conversation. Transport layer defines the level of service and status of the connection used when transporting data.
The main protocols included at Transport layer are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
Layer 2. Internet Layer
Internet Layer is the second layer of the four layer TCP/IP model. The position of Internet layer is between Network Access Layer and Transport layer. Internet layer pack data into data packets known as IP datagram's, which contain source and destination address (logical address or IP address) information that is used to forward the datagram's between hosts and across networks. The Internet layer is also responsible for routing of IP datagram's.
Packet switching network depends upon a connectionless internetwork layer. This layer is known as Internet layer. Its job is to allow hosts to insert packets into any network and have them to deliver independently to the destination. At the destination side data packets may appear in a different order than they were sent. It is the job of the higher layers to rearrange them in order to deliver them to proper network applications operating at the Application layer.
The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol) and IGMP (Internet Group Management Protocol).
Layer 1. Network Access Layer
Network Access Layer is the first layer of the four layer TCP/IP model. Network Access Layer defines details of how data is physically sent through the network, including how bits are electrically or optically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted pair copper wire.
The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25, Frame Relay etc.
The most popular LAN architecture among those listed above is Ethernet. Ethernet uses an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to access the media, when Ethernet operates in a shared media. An Access Method determines how a host will place data on the medium.
IN CSMA/CD Access Method, every host has equal access to the medium and can place data on the wire when the wire is free from network traffic. When a host wants to place data on the wire, it will check the wire to find whether another host is already using the medium. If there is traffic already in the medium, the host will wait and if there is no traffic, it will place the data in the medium. But, if two systems place data on the medium at the same instance, they will collide with each other, destroying the data. If the data is destroyed during transmission, the data will need to be retransmitted. After collision, each host will wait for a small interval of time and again the data will be retransmitted.
Protocol Data Unit (PDU) :
Protocol Data Unit - PDU
The following answers are incorrect:
Data - Application layer PDU
Packet - Network interface layer PDU
Frame/bit - LAN or WAN interface layer PDU
The following reference(s) were/was used to create this question:
CISA review manual 2014 page number 272
NEW QUESTION 262
When considering whether to adopt bring your own device (BYOD), it is MOST important for the information security manager to ensure that:
- A. users have read and signed acceptable use agreements
- B. the applications are tested prior to implementation
- C. security controls are applied to each device when joining the network
- D. business leaders have an understanding of security risks
Answer: C
Explanation:
Section: Information System Acquisition, Development and Implementation Explanation/Reference:
NEW QUESTION 263
An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
- A. a disruption of operations.
- B. dependency on a single person.
- C. one person knowing all parts of a system.
- D. inadequate succession planning.
Answer: C
Explanation:
Cross-training is a process of training more than one individual to perform a specific job or procedure. This practice helps decrease the dependence on a single person and assists in succession planning. This provides for the backup of personnel in the event of an absence and, thereby, provides for the continuity of operations. However, in using this approach, it is prudent to have first assessed the risk of any person knowing all parts of a system and the related potential exposures. Cross-training reduces the risks addressed in choices A, B and D.
NEW QUESTION 264
Applying a retention date on a file will ensure that:
- A. datasets having the same name are differentiated.
- B. data cannot be read until the date is set.
- C. backup copies are not retained after that date.
- D. data will not be deleted before that date.
Answer: D
Explanation:
Section: Protection of Information Assets
Explanation:
A retention date will ensure that a file cannot be overwritten before that date has passed. The retention
date will not affect the ability to read the file. Backup copies would be expected to have a different retention
date and therefore may be retained after the file has been overwritten. The creation date, not the retention
date, will differentiate files with the same name.
NEW QUESTION 265
Which of the following is the BEST indicator of a mature quality management system (QMS)?
- A. Most IT projects have been completed on time and within budget.
- B. Projects are showing continuous improvement
- C. Continuous improvement has been integrated into business processes.
- D. End users are satisfied with the outcome of IT projects.
Answer: C
NEW QUESTION 266
When conducting a post-implementation review, which of the following is the BEST way to determine whether the value from an IT project has been achieved?
- A. Interview stakeholders.
- B. Survey end users.
- C. Conduct an earned value analysis (EVA).
- D. Calculate the return on investment (ROI).
Answer: C
Explanation:
Section: Protection of Information Assets
NEW QUESTION 267
Which of the following is the MOST effective type of antivirus software?
- A. Scanners
- B. Vaccines
- C. Active monitors
- D. integrity checkers
Answer: D
Explanation:
Integrity checkers compute a binary number on a known virus-free program that is then stored in a database file. This number is called a cyclical redundancy check (CRC). When that program is called to execute, the checker computes the CRC on the program about to be executed and compares it to the number in the database. A match means no infection; a mismatch means that a change in the program has occurred. A change in the program could mean a virus. Scanners look for sequences of bits called signatures that are typical of virus programs. They examine memory, disk boot sectors, executables and command files for bit patterns that match a known virus. Therefore, scanners need to be updated periodically to remain effective. Active monitors interpret DOS and ROM basic input-output system (BIOS) calls, looking for virus-like actions. Active monitors can be misleading, because they cannot distinguish between a user request and a program or virus request. As a result, users are asked to confirm actions like formatting a disk or deleting a file or set of files. Vaccines are known to be good antivirus software. However, they also need to be updated periodically to remain effective.
NEW QUESTION 268
Which of the following will BEST ensure the successful offshore development of business applications?
- A. Stringent contract management practices
- B. Post implementation reviews
- C. Awareness of cultural and political differences
- D. Detailed and correctly applied specifications
Answer: D
Explanation:
Section: Protection of Information Assets
Explanation:
When dealing with offshore operations, it is essential that detailed specifications be created. Language differences and a lack of interaction between developers and physically remote end users could create gaps in communication in which assumptions and modifications may not be adequately communicated.
Contract management practices, cultural and political differences, and post implementation reviews, although important, are not as pivotal to the success of the project.
NEW QUESTION 269
Which of the following is MOST important to ensure that electronic evidence collected during a forensic investigation will be admissible in future legal proceeding?
- A. Restricting evidence access to professionally certified forensic investigation
- B. Engaging an independent third party to perform the forensic investigation
- C. Performing investigate procedures on the original hard drives rather than images of the hard drives
- D. Documentation evidence handling by personnel throughout the forensic investigation
Answer: A
NEW QUESTION 270
......
How much CISA Exam Cost
- The early Registration fee for the CISA exam is $415 for Members and $545 for Non-Members.
- The final Registration fee for the CISA is $465 USD for members and $595 for Non-Members.
VCE4Dumps CISA Exam Practice Test Questions : https://www.vce4dumps.com/CISA-valid-torrent.html
Pass CISA Exam Info and Free Practice Test : https://drive.google.com/open?id=1Vz_HIcWmtfKFecVmZWctWaKAUOx21yXc