• Home
  • Blogs
  • Best ISACA CISA Exam Practice Material Updated on Oct 31, 2024 [Q468-Q492]

Best ISACA CISA Exam Practice Material Updated on Oct 31, 2024 [Q468-Q492]

Share

Best ISACA CISA Exam Practice Material Updated on Oct 31, 2024

New CISA Actual Exam Dumps,  ISACA Practice Test

NEW QUESTION # 468
When evaluating information security governance within an organization, which of the following findings should be of MOST concern to an IS auditor?

  • A. An information security governance audit was not conducted within the past year
  • B. The information security department has difficulty filling vacancies
  • C. The data center manager has final sign-off on security projects
  • D. Information security policies are updated annually

Answer: C

Explanation:
Explanation
The finding that should be of most concern to an IS auditor when evaluating information security governance within an organization is that the data center manager has final sign-off on security projects. This indicates a lack of segregation of duties and a potential conflict of interest between the operational and security roles. The data center manager may have access to sensitive information or systems that should be protected by security controls, or may influence or override security decisions that are not in the best interest of the organization.
This finding also suggests that there is no clear accountability or authority for information security governance at a higher level, such as senior management or board of directors. The other findings are not as concerning as this one, although they may indicate some areas for improvement or monitoring. References:
ISACA, CISA Review Manual, 27th Edition, chapter 5, section 5.11
ISACA, IT Governance Using COBIT and Val IT: Student Booklet - 2nd Edition4


NEW QUESTION # 469
.Why does an IS auditor review an organization chart?

  • A. To optimize the responsibilities and authority of individuals
  • B. To better understand the responsibilities and authority of individuals
  • C. To control the responsibilities and authority of individuals
  • D. To identify project sponsors

Answer: B

Explanation:
The primary reason an IS auditor reviews an organization chart is to better understand the responsibilities and authority of individuals.


NEW QUESTION # 470
An organization shares some of its customers' personally identifiable information (Pll) with third-party suppliers for business purposes What is MOST important for the IS auditor to evaluate to ensure that risk associated with leakage of privacy-related data during transmission is effectively managed?

  • A. Encrypting and masking of customer data
  • B. Service and operational level agreements
  • C. The third party's privacy and data security policies
  • D. Nondisclosure and indemnity agreements

Answer: A


NEW QUESTION # 471
Following the sale of a business division, employees will be transferred to a new organization, but they will retain access to IT equipment from the previous employer An IS auditor has recommended that both organizations agree to and document an acceptable use policy for the equipment What type of control has been recommended?

  • A. Directive control
  • B. Preventive control
  • C. Detective control
  • D. Corrective control

Answer: A


NEW QUESTION # 472
An organization that has suffered a cyber-attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?

  • A. An imaging process was used to obtain a copy of the data from each computer.
  • B. The legal department has not been engaged.
  • C. Audit was only involved during extraction of the Information
  • D. The chain of custody has not been documented.

Answer: D

Explanation:
Explanation
The chain of custody has not been documented is a finding that should be of greatest concern for an IS auditor reviewing a forensic analysis process of an organization that has suffered a cyber attack. The chain of custody is a record of who handled, accessed, or modified the evidence during a forensic investigation. Documenting the chain of custody is essential to preserve the integrity, authenticity, and admissibility of the evidence in a court of law. The other options are less concerning findings that may not affect the validity or reliability of the forensic analysis process. References:
CISA Review Manual (Digital Version), Chapter 7, Section 7.51
CISA Review Questions, Answers & Explanations Database, Question ID 220


NEW QUESTION # 473
An IS auditor is reviewing database log settings and notices that only INSERT and DELETE operations are being monitored in the database. What is the MOST significant risk?

  • A. Metadata may not be logged.
  • B. Changes to existing records may not be logged.
  • C. Newly added records may not be logged.
  • D. Purged records may not be logged.

Answer: B


NEW QUESTION # 474
How does a continuous integration/continuous development (CI/CD) process help to reduce software failure risk?

  • A. Automated software testing
  • B. Easy software version rollback
  • C. Smaller incremental changes
  • D. Fewer manual milestones

Answer: C


NEW QUESTION # 475
An integrated test facility is considered a useful audit tool because it:

  • A. compares processing output with independently calculated data.
  • B. enables the financial and IS auditors to integrate their audit tests.
  • C. is a cost-efficient approach to auditing application controls.
  • D. provides the IS auditor with a tool to analyze a large range of information

Answer: A

Explanation:
Explanation/Reference:
Explanation:
An integrated test facility is considered a useful audit tool because it uses the same programs to compare processing using independently calculated datA. This involves setting up dummy entities on an application system and processing test or production data against the entity as a means of verifying processing accuracy.


NEW QUESTION # 476
The objective of using coding standards for systems development is to:

  • A. ensure that business needs are met
  • B. facilitate user testing
  • C. facilitate program maintenance
  • D. ensure the completeness of requirements.

Answer: C


NEW QUESTION # 477
During an audit of information security procedures of a large retailer s online store, an IS auditor notes that operating system (OS) patches are automatically deployed upon -. Which of the following should be of GREATEST concern to the auditor?

  • A. Patches are not tested before installation on critical servers.
  • B. Patches are pushed from the vendor increasing Internet traffic
  • C. Patches are in conflict with current licensing agreements
  • D. Patches are not reflected in the configuration management database

Answer: A


NEW QUESTION # 478
Which of the following is the most important element in the design of a data warehouse?

  • A. Vulnerability of the system
  • B. Volatility of the data
  • C. Speed of the transactions
  • D. Quality of the metadata

Answer: D

Explanation:
Quality of the metadata is the most important element in the design of a data warehouse. A data warehouse is a copy of transaction data specifically structured for query and analysis. Metadata aim to provide a table of contents to the information stored in the data warehouse. Companies that have built warehouses believe that metadata are the most important component of the warehouse.


NEW QUESTION # 479
.Which of the following provides the BEST single-factor authentication?

  • A. Token
  • B. Password
  • C. Biometrics
  • D. PIN

Answer: C

Explanation:
Although biometrics provides only single-factor authentication, many consider it to be an excellent method for user authentication.


NEW QUESTION # 480
Which of the following would be the BEST overall control for an Internet business looking for confidentiality, reliability and integrity of data?

  • A. Intrusion detection system (IDS)
  • B. Secure Sockets Layer (SSL)
  • C. Public key infrastructure (PKI)
  • D. Virtual private network (VPN)

Answer: C

Explanation:
PKl would be the best overall technology because cryptography provides for encryption, digital signatures and non repudiation controls for confidentiality and reliability. SSL can provide confidentiality. IDS is a detective control. A VPN would provide confidentiality and authentication (reliability).


NEW QUESTION # 481
A database administrator (DBA) extracts a user listing for an auditor as testing evidence. Which of the following will provide the GREATEST assurance that the user listing is reliable'

  • A. Witnessing the DBA running the query in-person
  • B. Obtaining sign-off from the DBA to attest that the list is complete
  • C. Requesting a copy of the query that generated the user listing
  • D. Requesting a query that returns the count of the users

Answer: A


NEW QUESTION # 482
Fault-tolerance is a feature particularly sought-after in which of the following kinds of computer systems (choose all that apply):

  • A. laptop systems
  • B. None of the choices.
  • C. desktop systems
  • D. business-critical systems
  • E. handheld PDAs

Answer: D

Explanation:
Fault-tolerance enables a system to continue operating properly in the event of the failure of some parts of it. It avoids total breakdown, and is particularly sought-after in high-availability environment full of businesscritical systems.


NEW QUESTION # 483
A financial institution suspects that a manager has been crediting customer accounts without authorization.
Which of the following is the MOST effective method to validate this concern?

  • A. Stop or go sampling
  • B. Variable sampling
  • C. Attribute sampling
  • D. Discovery sampling

Answer: C


NEW QUESTION # 484
When auditing a quality assurance plan, an IS auditor should be MOST concerned if the:

  • A. quality assurance function is separate from the programming function.
  • B. SDLC is coupled with the quality assurance plan.
  • C. quality assurance function is periodically reviewed by internal audit.
  • D. scope of quality assurance activities is undefined.

Answer: D

Explanation:
Section: The process of Auditing Information System


NEW QUESTION # 485
Input/output controls should be implemented for which applications in an integrated systems environment?

  • A. Output on the sending application and input on the receiving application
  • B. Both the sending and receiving applications
  • C. The sending application
  • D. The receiving application

Answer: B

Explanation:
Explanation/Reference:
Explanation:
Input/output controls should be implemented for both the sending and receiving applications in an integrated systems environment


NEW QUESTION # 486
An IS auditor learns a server administration team regularly applies work arounds to address repeated failures of critical data processing services. Which of the following would BEST enable the organization to resolve the issue?

  • A. Problem management
  • B. Service level management
  • C. Change management
  • D. Incident management

Answer: D


NEW QUESTION # 487
The output of the risk management process is an input for making:

  • A. business plans.
  • B. software design decisions.
  • C. audit charters.
  • D. security policy decisions.

Answer: D

Explanation:
Section: Protection of Information Assets
Explanation:
The risk management process is about making specific, security-related decisions, such as the level of
acceptable risk. Choices A, B and D are not ultimate goals of the risk management process.


NEW QUESTION # 488
In attribute sampling, what is the relationship between expected error rate and sample size?

  • A. The greater the expected error rate, the smaller the sample size.
  • B. The greater the expected error rate. The greater the sample size.
  • C. The greater the sample size, the tower The expected error rate.
  • D. The sample size is not affected by expected error rate.

Answer: A


NEW QUESTION # 489
Which of the following should an IS auditor validate FIRST when reviewing the security of an organization's IT infrastructure as it relates to Internet of Things (loT) devices?

  • A. Strong password protection for loT devices
  • B. Access control and network segmentation for loT devices
  • C. Identification and inventory of loT devices
  • D. Physical security of loT devices

Answer: C


NEW QUESTION # 490
Which of the following layer of an OSI model transmits and receives the bit stream as electrical, optical or radio signals over an appropriate medium or carrier?

  • A. Physical Layer
  • B. Network Layer
  • C. Data Link Layer
  • D. Transport Layer

Answer: A

Explanation:
Section: Information System Operations, Maintenance and Support
Explanation:
The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium. It describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers.
For your exam you should know below information about OSI model:
The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the identification ISO/IEC 7498-1.
The model groups communication functions into seven logical layers. A layer serves the layer above it and is served by the layer below it. For example, a layer that provides error-free communications across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that make up the contents of that path. Two instances at one layer are connected by a horizontal.
OSI Model

PHYSICAL LAYER
The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium. It describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers. It provides:
Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better accommodate the characteristics of the physical medium, and to aid in bit and frame synchronization. It determines:
What signal state represents a binary 1
How the receiving station knows when a "bit-time" starts
How the receiving station delimits a frame
DATA LINK LAYER
The data link layer provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link. To do this, the data link layer provides:
Link establishment and termination: establishes and terminates the logical link between two nodes.
Frame traffic control: tells the transmitting node to "back-off" when no frame buffers are available.
Frame sequencing: transmits/receives frames sequentially.
Frame acknowledgment: provides/expects frame acknowledgments. Detects and recovers from errors that occur in the physical layer by retransmitting non-acknowledged frames and handling duplicate frame receipt.
Frame delimiting: creates and recognizes frame boundaries.
Frame error checking: checks received frames for integrity.
Media access management: determines when the node "has the right" to use the physical medium.
NETWORK LAYER
The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors. It provides:
Routing: routes frames among networks.
Subnet traffic control: routers (network layer intermediate systems) can instruct a sending station to
"throttle back" its frame transmission when the router's buffer fills up.
Frame fragmentation: if it determines that a downstream router's maximum transmission unit (MTU) size is less than the frame size, a router can fragment a frame for transmission and re-assembly at the destination station.
Logical-physical address mapping: translates logical addresses, or names, into physical addresses.
Subnet usage accounting: has accounting functions to keep track of frames forwarded by subnet intermediate systems, to produce billing information.
Communications Subnet
The network layer software must build headers so that the network layer software residing in the subnet intermediate systems can recognize them and use them to route data to the destination address.
This layer relieves the upper layers of the need to know anything about the data transmission and intermediate switching technologies used to connect systems. It establishes, maintains and terminates connections across the intervening communications facility (one or several intermediate systems in the communication subnet).
In the network layer and the layers below, peer protocols exist between a node and its immediate neighbor, but the neighbor may be a node through which data is routed, not the destination station. The source and destination stations may be separated by many intermediate systems.
TRANSPORT LAYER
The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
The size and complexity of a transport protocol depends on the type of service it can get from the network layer. For a reliable network layer with virtual circuit capability, a minimal transport layer is required. If the network layer is unreliable and/or only supports datagram's, the transport protocol should include extensive error detection and recovery.
The transport layer provides:
Message segmentation: accepts a message from the (session) layer above it, splits the message into smaller units (if not already small enough), and passes the smaller units down to the network layer. The transport layer at the destination station reassembles the message.
Message acknowledgment: provides reliable end-to-end message delivery with acknowledgments.
Message traffic control: tells the transmitting station to "back-off" when no message buffers are available.
Session multiplexing: multiplexes several message streams, or sessions onto one logical link and keeps track of which messages belong to which sessions (see session layer).
Typically, the transport layer can accept relatively large messages, but there are strict message size limits imposed by the network (or lower) layer. Consequently, the transport layer must break up the messages into smaller units, or frames, pretending a header to each frame.
The transport layer header information must then include control information, such as message start and message end flags, to enable the transport layer on the other end to recognize message boundaries. In addition, if the lower layers do not maintain sequence, the transport header must contain sequence information to enable the transport layer on the receiving end to get the pieces back together in the right order before handing the received message up to the layer above.
End-to-end layers
Unlike the lower "subnet" layers whose protocol is between immediately adjacent nodes, the transport layer and the layers above are true "source to destination" or end-to-end layers, and are not concerned with the details of the underlying communications facility. Transport layer software (and software above it) on the source station carries on a conversation with similar software on the destination station by using message headers and control messages.
SESSION LAYER
The session layer allows session establishment between processes running on different stations. It provides:
Session establishment, maintenance and termination: allows two application processes on different machines to establish, use and terminate a connection, called a session.
Session support: performs the functions that allow these processes to communicate over the network, performing security, name recognition, logging, and so on.
PRESENTATION LAYER
The presentation layer formats the data to be presented to the application layer. It can be viewed as the translator for the network. This layer may translate data from a format used by the application layer into a common format at the sending station, then translate the common format to a format known to the application layer at the receiving station.
The presentation layer provides:
Character code translation: for example, ASCII to EBCDIC.
Data conversion: bit order, CR-CR/LF, integer-floating point, and so on.
Data compression: reduces the number of bits that need to be transmitted on the network.
Data encryption: encrypt data for security purposes. For example, password encryption.
APPLICATION LAYER
The application layer serves as the window for users and application processes to access network services. This layer contains a variety of commonly needed functions:
Resource sharing and device redirection
Remote file access
Remote printer access
Inter-process communication
Network management
Directory services
Electronic messaging (such as mail)
Network virtual terminals
The following were incorrect answers:
Transport layer - The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
Network layer - The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors.
Data link layer - The data link layer provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
Reference:
CISA review manual 2014 Page number 260


NEW QUESTION # 491
During an audit, the IS auditor finds that in many cases excessive rights were not removed from a system. Which of the following is the auditor's BEST recommendation?

  • A. System administrators should ensure consistency of assigned rights.
  • B. Line management should regularly review and request modification of access rights.
  • C. Human resources (HR) should delete access rights of terminated employees.
  • D. IT security should regularly revoke excessive system rights.

Answer: B


NEW QUESTION # 492
......


ISACA CISA (Certified Information Systems Auditor) exam is a globally recognized certification exam that evaluates the knowledge and expertise of professionals in the field of information systems auditing, control, and security. The CISA certification provides a competitive edge in the job market and demonstrates a high level of expertise in the field of information systems auditing.

 

Study HIGH Quality CISA Free Study Guides and Exams Tutorials: https://testking.practicematerial.com/CISA-questions-answers.html

Related Blogs

more
ISACA CISA Certification Practice Exam

The best professional practice material help you prepare for the real exam easily. Study and prepare efficiently with the exam materials of PracticeMaterial.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PRACTICEMATERIAL.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor. Privacy Policy