CISA - Certified Information Systems Auditor
Go back to ISACA
Which of the following will prevent dangling tuples in a database?
What type of cryptosystem is characterized by data being encrypted by the sender using the recipient's public key, and the data then being decrypted using the recipient's private key?
With public-key encryption, or asymmetric encryption
Which of the following is the BEST way to satisfy a two-factor user authentication?
A smart card requiring the user's PIN
A virtual private network (VPN) provides data confidentiality by using:
Which of the following database controls would ensure that the integrity of transactions is maintained in an online transaction processing system's database?
Commitment and rollback controls
Which of the following activities performed by a database administrator (DBA) should be performed by a different person?
Deleting database activity logs
An organization has outsourced its wide area network (WAN) to a third-party service provider. Under these circumstances, which of the following is the PRIMARY task the IS auditor should perform during an audit of business continuity (BCP) and disaster recovery planning (DRP)?
Review whether the service provider's BCP process is aligned with the organization's BCP and contractual obligations.
Which of the following is the BEST method for preventing the leakage of confidential information in a laptop computer?
Encrypt the hard disk with the owner's public key.
An IS auditor reviewing digital rights management (DRM) applications should expect to find an extensive use for which of the following technologies?
An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:
expand the scope to include substantive testing.
The computer security incident response team (CSIRT) of an organization disseminates detailed descriptions of recent threats. An IS auditor's GREATEST concern should be that the users might:
use this information to launch attacks.
During an audit of a telecommunications system, an IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is:
Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop:
last-mile circuit protection.
Authentication techniques for sending and receiving data between EDI systems is crucial to prevent which of the following? Choose the BEST answer.
Which of the following append themselves to files as a protection against viruses?
Which of the following is the initial step in creating a firewall policy?
Identification of network applications to be externally accessed
A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses, the team should:
apply a qualitative approach.
The purpose of a deadman door controlling access to a computer facility is primarily to:
When using public key encryption to secure data being transmitted across a network:
the key used to encrypt is public, but the key used to decrypt the data is private.
Which of the following would be the GREATEST cause for concern when data are sent over the Internet using HTTPS protocol?
Presence of spyware in one of the ends
A manager of a project was not able to implement all audit recommendations by the target date. The IS auditor should:
evaluate risks associated with the unresolved issues.
In the context of effective information security governance, the primary objective of value delivery is to:
optimize security investments in support of business objectives.
Applying a retention date on a file will ensure that:
data will not be deleted before that date.
Which of the following BEST reduces the ability of one device to capture the packets that are meant for another device?
Which of the following is MOST likely to result from a business process reengineering (BPR) project?
An increased number of people using technology
A financial services organization is developing and documenting business continuity measures. In which of the following cases would an IS auditor MOST likely raise an issue?
The business continuity capabilities are planned around a carefully selected set of scenarios which describe events that might happen with a reasonable probability.
An IS auditor is reviewing a project that is using an Agile software development approach. Which of the following should the IS auditor expect to find?
Postiteration reviews that identify lessons learned for future use in the project
A top-down approach to the development of operational policies will help ensure:
that they are consistent across the organization.
Which of the following intrusion detection systems (IDSs) monitors the general patterns of activity and traffic on a network and creates a database?
Which of the following is the PRIMARY advantage of using computer forensic software for investigations?
The preservation of the chain of custody for electronic evidence
Which of the following refers to the act of creating and using an invented scenario to persuade a 56 target to perform an action?
Which of the following is the BEST type of program for an organization to implement to aggregate, correlate and store different log and event files, and then produce weekly and monthly reports for IS auditors?
A log management tool
An IS auditor should expect the responsibility for authorizing access rights to production data and systems to be entrusted to the:
What is the first step in a business process re-engineering project?
Defining the scope of areas to be reviewed
Which of the following is a control over component communication failure/errors?
Providing network redundancy
Why does the IS auditor often review the system logs?
To determine the existence of unauthorized access to data by a user or program
Which of the following measures can effectively minimize the possibility of buffer overflows?
Sufficient bounds checking
An organization has just completed their annual risk assessment. Regarding the business continuity plan, what should an IS auditor recommend as the next step for the organization?
Review and evaluate the business continuity plan for adequacy
The use of residual biometric information to gain unauthorized access is an example of which of the following attacks?
Which of the following is the key benefit of control self-assessment (CSA)?
Management ownership of the internal controls supporting business objectives is reinforced.
An IS auditor finds that not all employees are aware of the enterprise's information security policy. The IS auditor should conclude that:
this lack of knowledge may lead to unintentional disclosure of sensitive information.
An organization is implementing a new system to replace a legacy system. Which of the following conversion practices creates the GREATEST risk?
When selecting audit procedures, an IS auditor should use professional judgment to ensure that:
sufficient evidence will be collected.
What is the BEST approach to mitigate the risk of a phishing attack?
Which of the following would be the MOST effective audit technique for identifying segregation of duties violations in a new enterprise resource planning (ERP) implementation?
Building a program to identify conflicts in authorization
Which of the following presents an inherent risk with no distinct identifiable preventive controls?
The PRIMARY objective of performing a postincident review is that it presents an opportunity to:
improve internal control procedures.
To ensure an organization is complying with privacy requirements, an IS auditor should FIRST review:
legal and regulatory requirements.
Which of the following is the MOST important consideration when defining recovery point objectives (RPOs)?
Acceptable data loss
Which of the following is an oft-cited cause of vulnerability of networks?