100% Valid and Newest Version CISA Questions & Answers shared by Certleader

https://www.certleader.com/CISA-dumps.html ( Q&As)

CISA Dumps

Isaca CISA

https://www.certleader.com/CISA-dumps.html

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

NEW QUESTION 1
- (Topic 1)
How is risk affected if users have direct access to a database at the system level?

A. Risk of unauthorized access increases, but risk of untraceable changes to the database decrease
B. Risk of unauthorized and untraceable changes to the database increase
C. Risk of unauthorized access decreases, but risk of untraceable changes to the database increase
D. Risk of unauthorized and untraceable changes to the database decrease

Answer: B

Explanation:
If users have direct access to a database at the system level, risk of unauthorized and untraceable changes to the database increases.

NEW QUESTION 2
- (Topic 1)
Which of the following is a good control for protecting confidential data residing on a PC?

A. Personal firewall
B. File encapsulation
C. File encryption
D. Host-based intrusion detection

Answer: C

Explanation:
File encryption is a good control for protecting confidential data residing on a PC.

NEW QUESTION 3
- (Topic 1)
Which type of major BCP test only requires representatives from each operational area to meet to review the plan?

A. Parallel
B. Preparedness
C. Walk-thorough
D. Paper

Answer: C

Explanation:
Of the three major types of BCP tests (paper, walk-through, and preparedness), a walk-through test requires only that representatives from each operational area
meet to review the plan.

NEW QUESTION 4
- (Topic 1)
Which of the following is best suited for searching for address field duplications?

A. Text search forensic utility software

B. Generalized audit software
C. Productivity audit software
D. Manual review

Answer: B

Explanation:
Generalized audit software can be used to search for address field duplications.

NEW QUESTION 5
- (Topic 1)
When should application controls be considered within the system-development process?

A. After application unit testing

B. After application module testing
C. After applications systems testing
D. As early as possible, even in the development of the project's functional specifications

Answer: D

Explanation:
Application controls should be considered as early as possible in the system-development process, even in the development of the project's functional
specifications.

NEW QUESTION 6
- (Topic 1)
What is the primary security concern for EDI environments? Choose the BEST answer.

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

A. Transaction authentication
B. Transaction completeness
C. Transaction accuracy
D. Transaction authorization

Answer: D

Explanation:
Transaction authorization is the primary security concern for EDI environments.

NEW QUESTION 7
- (Topic 2)
Which of the following would normally be the MOST reliable evidence for an auditor?

A. A confirmation letter received from a third party verifying an account balance

B. Assurance from line management that an application is working as designed
C. Trend data obtained from World Wide Web (Internet) sources
D. Ratio analysts developed by the IS auditor from reports supplied by line management

Answer: A

Explanation:

Evidence obtained from independent third parties almost always is considered to be the most reliable. Choices B, C and D would not be considered as reliable.

NEW QUESTION 8
- (Topic 2)
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions
should the IS auditor take?

A. Personally delete all copies of the unauthorized softwar

B. Inform the auditee of the unauthorized software, and follow up to confirm deletio
C. Report the use of the unauthorized software and the need to prevent recurrence to auditee managemen
D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such us

Answer: C

Explanation:

The use of unauthorized or illegal software should be prohibited by an organization. Software piracy results in inherent exposure and can result in severe fines. An
IS auditor must convince the user and user management of the risk and the need to eliminate the risk. An IS auditor should not assume the role of the enforcing
officer and take on any personal involvement in removing or deleting the unauthorized software.

NEW QUESTION 9
- (Topic 3)
When reviewing an organization's strategic IT plan an IS auditor should expect to find:

A. an assessment of the fit of the organization's application portfolio with business objective
B. actions to reduce hardware procurement cos
C. a listing of approved suppliers of IT contract resource
D. a description of the technical architecture for the organization's network perimeter securit

Answer: A

Explanation:

An assessment of how well an organization's application portfolio supports the organization's business objectives is a key component of the overall IT strategic
planning process. This drives the demand side of IT planning and should convert into a set of strategic IT intentions. Further assessment can then be made of how
well the overall IT organization, encompassing applications, infrastructure, services, management processes, etc., can support the business objectives.
Operational efficiency initiatives belong to tactical planning, not strategic planning. The purpose of an IT strategic plan is toset out how IT will be used to achieve or
support an organization's business objectives. A listing of approved suppliers of IT contract resources is a tactical rather than a strategic concern. An IT strategic
plan would not normally include detail ofa specific technical architecture.

NEW QUESTION 10
- (Topic 4)
The most common reason for the failure of information systems to meet the needs of users is that:

A. user needs are constantly changin

B. the growth of user requirements was forecast inaccuratel
C. the hardware system limits the number of concurrent user
D. user participation in defining the system's requirements was inadequat

Answer: D

Explanation:

Lack of adequate user involvement, especially in the system's requirements phase, will usually result in a system that does not fully or adequately address the
needs of the user. Only users can define what their needs are, and therefore what the system should accomplish.

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

NEW QUESTION 11
- (Topic 4)
Which of the following is a dynamic analysis tool for the purpose of testing software modules?

A. Black box test

B. Desk checking
C. Structured walkthrough
D. Design and code

Answer: A

Explanation:

A black box test is a dynamic analysis tool for testing software modules. During the testing of software modules a black box test works first in a cohesive manner
as a single unit/entity consisting of numerous modules, and second with the user data that flows across software modules, in some cases, this even drives the
software behavior. In choices B, C and D, the software (design or code) remains static and someone closely examines it by applying their mind, without actually
activating the software. Therefore, these cannot be referred to as dynamic analysis tools.

NEW QUESTION 12
- (Topic 4)
When transmitting a payment instruction, which of the following will help verify that the instruction was not duplicated?

A. Use of a cryptographic hashing algorithm

B. Enciphering the message digest
C. Deciphering the message digest
D. A sequence number and time stamp

Answer: D

Explanation:

When transmitting data, a sequence number and/or time stamp built into the message to make it unique can be checked by the recipient to ensure that the
message was not intercepted and replayed. This is known as replay protection, and could be used toverify that a payment instruction was not duplicated. Use of a
cryptographic hashing algorithm against the entire message helps achieve data integrity. Enciphering the message digest using the sender's private key, which
signs the sender's digital signature to the document, helps in authenticating the transaction. When the message is deciphered by the receiver using the sender's
public key, it ensures that the message could only have come from the sender. This process of sender authentication achieves nonrepudiation.

NEW QUESTION 13
- (Topic 5)
Which of the following is the BEST type of program for an organization to implement to aggregate, correlate and store different log and event files, and then
produce weekly and monthly reports for IS auditors?

A. A security information event management (SIEM) product

B. An open-source correlation engine
C. A log management tool
D. An extract, transform, load (ETL) system

Answer: C

Explanation:

A log management tool is a product designed to aggregate events from many log files (with distinct formats and from different sources), store them and typically
correlate them offline to produce many reports (e.g., exception reports showing differentstatistics including anomalies and suspicious activities), and to answer time-
based queries (e.g., how many users have entered the system between 2 a.m. and 4 a.m. over the past three weeks?). A SIEM product has some similar features.
It correlatesevents from log files, but does it online and normally is not oriented to storing many weeks of historical information and producing audit reports. A
correlation engine is part of a SIEM product. It is oriented to making an online correlation of events. An extract, transform, load (ETL) is part of a business
intelligence system, dedicated to extracting operational or production data, transforming that data and loading them to a central repository (data warehouse or data
mart); an ETL does not correlate data or produce reports, and normally it does not have extractors to read log file formats.

NEW QUESTION 14
- (Topic 5)
A company is implementing a dynamic host configuration protocol (DHCP). Given that the following conditions exist, which represents the GREATEST concern?

A. Most employees use laptop

B. A packet filtering firewall is use
C. The IP address space is smaller than the number of PC
D. Access to a network port is not restricte

Answer: D

Explanation:

Given physical access to a port, anyone can connect to the internal network. The other choices do not present the exposure that access to a port does. DHCP
provides convenience (an advantage) to the laptop users. Sharing IP addresses and the existence of a firewall can be security measures.

NEW QUESTION 15
- (Topic 6)
An IS auditor conducting an access control review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

IS auditor is MOST likely to conclude that:

A. exposure is greater, since information is available to unauthorized user

B. operating efficiency is enhanced, since anyone can print any report at any tim
C. operating procedures are more effective, since information is easily availabl
D. user friendliness and flexibility is facilitated, since there is a smooth flow of information among user

Answer: A

Explanation:

Information in all its forms needs to be protected from unauthorized access. Unrestricted access to the report option results in an exposure. Efficiency and
effectiveness are not relevant factors in this situation. Greater control over reports will not be accomplished since reports need not be in a printed form only.
Information could be transmitted outside as electronic files, because print options allow for printing in an electronic form as well.

NEW QUESTION 16
- (Topic 6)
During an audit of an enterprise that is dedicated to e-commerce, the IS manager states that digital signatures are used when receiving communications from
customers. To substantiate this, an IS auditor must prove that which of the following is used?

A. A biometric, digitalized and encrypted parameter with the customer's public key
B. A hash of the data that is transmitted and encrypted with the customer's private key
C. A hash of the data that is transmitted and encrypted with the customer's public key
D. The customer's scanned signature encrypted with the customer's public key

Answer: B

Explanation:

The calculation of a hash, or digest, of the data that are transmitted and its encryption require the public key of the client (receiver) and is called a signature of the
message, or digital signature. The receiver performs the same process and then compares the received hash, once it has been decrypted with their private key, to
the hash that is calculated with the received datA. If they are the same, the conclusion would be that there is integrity in the data that have arrived and the origin is
authenticated. The concept of encrypting the hash with the private key of the originator provides non repudiation, as it can only be decrypted with their public key
and, as the CD suggests, the private key would not be known to the recipient. Simply put, in a key-pair situation, anything that can be decrypted by a sender's
public key must have been encrypted with their private key, so they must have been the sender, i.e., non repudiation. Choice C is incorrect because, if this were
the case, the hash could not be decrypted by the recipient, so the benefit of non repudiation would be lost and there could be no verification that the message had
not been intercepted and amended. A digital signature is created by encrypting with a private key. A person creating the signature uses their own private key,
otherwise everyone would be able to create a signature with any public key. Therefore, the signature of the client is created with the client's private key, and this
can be verified-by

NEW QUESTION 17
- (Topic 6)
A web server is attacked and compromised. Which of the following should be performed FIRST to handle the incident?

A. Dump the volatile storage data to a dis

B. Run the server in a fail-safe mod
C. Disconnect the web server from the networ
D. Shut down the web serve

Answer: C

Explanation:

The first action is to disconnect the web server from the network to contain the damage and prevent more actions by the attacker. Dumping the volatile storage
data to a disk may be used at the investigation stage but does not contain an attack in progress. To run the server in a fail-safe mode, the server needs to be shut
down. Shutting down the server could potentially erase information that might be needed for a forensic investigation or to develop a strategy to prevent future
similar attacks.

NEW QUESTION 18
- (Topic 8)
Integer overflow occurs primarily with:

A. string formatting
B. debug operations
C. output formatting
D. input verifications
E. arithmetic operations
F. None of the choice

Answer: E

Explanation:

An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is larger than can be represented within the available storage
space. On some processors the result saturates - once the maximum value is reached attempts to make it larger simply return the maximum result.

NEW QUESTION 19
- (Topic 8)
Which of the following refers to the act of creating and using an invented scenario to persuade a target to perform an action?

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

A. Pretexting
B. Backgrounding
C. Check making
D. Bounce checking
E. None of the choice

Answer: A

Explanation:

Pretexting is the act of creating and using an invented scenario to persuade a target to release information or perform an action and is usually done over the
telephone. It is more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information.

NEW QUESTION 20
- (Topic 8)
Which of the following should be seen as one of the most significant factors considered when determining the frequency of IS audits within your organization?

A. The cost of risk analysis

B. The income generated by the business function
C. Resource allocation strategy
D. The nature and level of risk
E. None of the choice

Answer: D

Explanation:

You use a risk assessment process to describe and analyze the potential audit risks inherent in a given line of business. You should update such risk assessment
at least annually to reflect changes. The level and nature of risk should be the most significant factors to be considered when determining the frequency of audits.

NEW QUESTION 21
......

The Leader of IT Certification visit - https://www.certleader.com

 100% Valid and Newest Version CISA Questions & Answers shared by Certleader
https://www.certleader.com/CISA-dumps.html ( Q&As)

Thank You for Trying Our Product

* 100% Pass or Money Back

All our products come with a 90-day Money Back Guarantee.
* One year free update
You can enjoy free update one year. 24x7 online support.
* Trusted by Millions
We currently serve more than 30,000,000 customers.
* Shop Securely
All transactions are protected by VeriSign!

100% Pass Your CISA Exam with Our Prep Materials Via below:

https://www.certleader.com/CISA-dumps.html

The Leader of IT Certification visit - https://www.certleader.com

Powered by TCPDF (www.tcpdf.org)