• Home
  • Articles
  • ISACA CISA Certification All-in-One Exam Guide Nov-2024 [Q669-Q685]

ISACA CISA Certification All-in-One Exam Guide Nov-2024 [Q669-Q685]

Share

ISACA CISA Certification All-in-One Exam Guide Nov-2024

Get Real CISA Exam Dumps [Nov-2024] Practice Tests


ISACA CISA (Certified Information Systems Auditor) exam is an internationally recognized certification that is designed for IT professionals who want to specialize in information systems auditing, control, and security. Certified Information Systems Auditor certification is awarded by the Information Systems Audit and Control Association (ISACA), which is a globally recognized professional association for IT governance, security, and auditing.

 

NEW QUESTION # 669
Which of the following would be an IS auditor's BEST recommendation to senior management when several IT initiatives are found to be misaligned with the organization's strategy?

  • A. Reassess IT initiatives that do not map to business strategies.
  • B. Reassess the return on investment (ROI) for the IT initiatives.
  • C. Define key performance indicators (KPIs) for IT.
  • D. Modify IT initiatives that do not map to business strategies.

Answer: A


NEW QUESTION # 670
Which type of device sits on the perimeter of a corporate of home network, where it obtains a public IP address and then generates private IP addresses internally?

  • A. Intrusion prevention system (IPS)
  • B. Gateway
  • C. Switch
  • D. Router

Answer: D

Explanation:
A router is a type of device that sits on the perimeter of a corporate or home network, where it obtains a public IP address and then generates private IP addresses internally. A router connects two or more networks and forwards packets between them based on routing rules. A router can also provide network address translation (NAT) functionality, which allows multiple devices to share a single public IP address and access the internet.
A switch is a type of device that connects multiple devices within a network and forwards packets based on MAC addresses. An intrusion prevention system (IPS) is a type of device that monitors network traffic and blocks or modifies malicious packets based on predefined rules. A gateway is a type of device that acts as an interface between different networks or protocols, such as a modem or a firewall. References: CISA Review Manual (Digital Version), [ISACA Glossary of Terms]


NEW QUESTION # 671
The MOST appropriate control to ensure that all orders transmitted from remote locations to the production department are received accurately would be to:

  • A. send and reconcile transaction counts and totals.
  • B. have data transmitted back to the local site for comparison.
  • C. verify that parity checking is still active.
  • D. track and account for the numerical sequence of sales orders.

Answer: A


NEW QUESTION # 672
An information security manager has discovered a potential security breach in a server that supports a critical business process. Which of the following should be the information security manager's FIRST course of action?

  • A. Shut down the server in an organized manner
  • B. Validate that there has been an incident
  • C. Inform senior management of the incident
  • D. Notify the business process owner

Answer: B

Explanation:
Section: Information System Operations, Maintenance and Support


NEW QUESTION # 673
Properly planned risk-based audit programs are often capable of offering which of the following benefits?

  • A. audit transparency only.
  • B. audit efficiency only.
  • C. None of the choices.
  • D. audit efficiency and effectiveness.
  • E. audit transparency and effectiveness.
  • F. audit effectiveness only.

Answer: D

Explanation:
Properly planned risk-based audit programs shall increase audit efficiency and effectiveness. The sophistication and formality of this kind of audit do vary a lot depending on the target's size and complexity.


NEW QUESTION # 674
Which of the following protocol is used for electronic mail service?

  • A. SMTP
  • B. FTP
  • C. DNS
  • D. SSH

Answer: A

Explanation:
Section: Information System Operations, Maintenance and Support
Explanation:
SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server. In other words, users typically use a program that uses SMTP for sending e- mail and either POP3 or IMAP for receiving e-mail. On Unix-based systems, send mail is the most widely- used SMTP server for e-mail. A commercial package, Send mail, includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be set up to include POP3 support.
For your exam you should know below information general Internet terminology:
Network access point -Internet service providers access internet using net access point. A Network Access Point (NAP) was a public network exchange facility where Internet service providers (ISPs) connected with one another in peering arrangements. The NAPs were a key component in the transition from the 1990s NSFNET era (when many networks were government sponsored and commercial traffic was prohibited) to the commercial Internet providers of today. They were often points of considerable Internet congestion.
Internet Service Provider (ISP) - An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. Internet service providers may be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privately owned. Internet services typically provided by ISPs include Internet access, Internet transit, domain name registration, web hosting, co-location.
Telnet or Remote Terminal Control Protocol -A terminal emulation program for TCP/IP networks such as the Internet. The Telnet program runs on your computer and connects your PC to a server on the network.
You can then enter commands through the Telnet program and they will be executed as if you were entering them directly on the server console. This enables you to control the server and communicate with other servers on the network. To start a Telnet session, you must log in to a server by entering a valid username and password. Telnet is a common way to remotely control Web servers.
Internet Link- Internet link is a connection between Internet users and the Internet service provider.
Secure Shell or Secure Socket Shell (SSH) - Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and protocol for securely getting access to a remote computer.
It is widely used by network administrators to control Web and other kinds of servers remotely. SSH is actually a suite of three utilities - slog in, sash, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rash, and rap. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted.
Domain Name System (DNS) - The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates information from domain names with each of the assigned entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for locating computer services and devices worldwide. The Domain Name System is an essential component of the functionality of the Internet. This article presents a functional description of the Domain Name System.
File Transfer Protocol (FTP) - The File Transfer Protocol or FTP is a client/server application that is used to move files from one system to another. The client connects to the FTP server, authenticates and is given access that the server is configured to permit. FTP servers can also be configured to allow anonymous access by logging in with an email address but no password. Once connected, the client may move around between directories with commands available Simple Mail Transport Protocol (SMTP) - SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server. In other words, users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving e-mail. On Unix-based systems, send mail is the most widely-used SMTP server for e-mail. A commercial package, Send mail, includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be set up to include POP3 support.
The following answers are incorrect:
DNS - The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates information from domain names with each of the assigned entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for locating computer services and devices worldwide. The Domain Name System is an essential component of the functionality of the Internet. This article presents a functional description of the Domain Name System.
FTP - The File Transfer Protocol or FTP is a client/server application that is used to move files from one system to another. The client connects to the FTP server, authenticates and is given access that the server is configured to permit. FTP servers can also be configured to allow anonymous access by logging in with an email address but no password. Once connected, the client may move around between directories with commands available SSH - Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and protocol for securely getting access to a remote computer. It is widely used by network administrators to control Web and other kinds of servers remotely. SSH is actually a suite of three utilities - slog in, sash, and scp - that are secure versions of the earlier UNIX utilities, rlogin, rash, and rap. SSH commands are encrypted and secure in several ways. Both ends of the client/server connection are authenticated using a digital certificate, and passwords are protected by being encrypted.
Reference:
CISA review manual 2014 page number 273 and 274


NEW QUESTION # 675
Which of the following should an IS auditor expect to find in an organization s information security policies?

  • A. Authentication requirements
  • B. Secure coding procedures
  • C. Security configuration settings
  • D. Asset provisioning lifecycle

Answer: A


NEW QUESTION # 676
Which of the following issues should be the GREATEST concern to the IS auditor when reviewing an IT disaster recovery test?

  • A. During the test it was noticed that some of the backup systems were defective or not working, causing the test of these systems to fail.
  • B. The procedures to shut down and secure the original production site before starting the backup site required far more time than planned.
  • C. Every year, the same employees perform the test. The recovery plan documents are not used since every step is well known by all participants.
  • D. Due to the limited test time window, only the most essential systems were tested. The other systems were tested separately during the rest of the year.

Answer: C

Explanation:
Section: Protection of Information Assets
Explanation:
A disaster recovery test should test the plan, processes, people and IT systems. Therefore, if the plan is not used, its accuracy and adequacy cannot be verified. Disaster recovery should not rely on key staff since a disaster can occur when they are not available. It is common that not all systems can be tested in a limited test time frame. It is important, however, that those systems which are essential to the business are tested, and that the other systems are eventually tested throughout the year. One aim of the test is to identify and replace defective devices so that all systems can be replaced in the case of a disaster. Choice B would only be a concern if the number of discovered problems is systematically very high, in a real disaster, there is no need for a clean shutdown of the original production environment since the first priority is to bring the backup site up.


NEW QUESTION # 677
With the help of a security officer, granting access to data is the responsibility of:

  • A. programmers.
  • B. librarians.
  • C. system analysts.
  • D. data owners.

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Data owners are responsible for the use of datA. Written authorization for users to gain access to computerized information should be provided by the data owners. Security administration with the owners' approval sets up access rules stipulating which users or group of users are authorized to access data or files and the level of authorized access (e.g., read or update).


NEW QUESTION # 678
When implementing a new IT maturity model, which of the following should occur FIRST?

  • A. Determine the model elements to be evaluated.
  • B. Define the target IT maturity level.
  • C. Develop performance metrics.
  • D. Benchmark with industry peers.

Answer: A


NEW QUESTION # 679
The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:

  • A. ensure complete audit coverage.
  • B. provide a basis for drawing reasonable conclusions.
  • C. perform the audit according to the defined scope.
  • D. comply with regulatory requirements.

Answer: B

Explanation:
Section: Protection of Information Assets
Explanation:
The scope of an IS audit is defined by its objectives. This involves identifying control weaknesses relevant to the scope of the audit. Obtaining sufficient and appropriate evidence assists the auditor in not only identifying control weaknesses but also documenting and validating them.
Complying with regulatory requirements, ensuring coverage and the execution of audit are all relevant to an audit but are not the reason why sufficient and relevant evidence is required.


NEW QUESTION # 680
Fault-tolerance is a feature particularly sought-after in which of the following kinds of computer systems:

  • A. business-critical systems
  • B. None of the choices.
  • C. handheld PDAs
  • D. laptop systems
  • E. desktop systems

Answer: A

Explanation:
Section: Protection of Information Assets
Explanation:
Fault-tolerance enables a system to continue operating properly in the event of the failure of some parts of it. It avoids total breakdown, and is particularly sought-after in high-availability environment full of business critical systems.


NEW QUESTION # 681
An organization uses multiple offsite data center facilities Which of the following is MOST important to consider when choosing related backup devices and media?

  • A. Backup media capacity
  • B. Associated costs
  • C. Restoration speed
  • D. Standardization

Answer: D


NEW QUESTION # 682
Which of the following can help detect transmission errors by appending specially calculated bits onto the end of each segment of data?

  • A. Parity check
  • B. Redundancy check
  • C. Accuracy check
  • D. Completeness check

Answer: B

Explanation:
Section: Protection of Information Assets
Explanation:
A redundancy check can help detect transmission errors by appending especially calculated bits onto the end of each segment of data.


NEW QUESTION # 683
Which of the following would be an IS auditor's GREATEST concern when reviewing the organization's business continuity plan (BCP)?

  • A. The recovery plan does not contain the process and application dependencies.
  • B. The duration of tabletop exercises is longer than the recovery time objective (RTO).
  • C. The duration of tabletop exercises is longer than the recovery point objective (RPO).
  • D. The recovery point objective (RPO) and recovery time objective (R TO) are not the same.

Answer: A

Explanation:
A business continuity plan (BCP) is a document that outlines how an organization will continue its critical functions in the event of a disruption or disaster. A BCP should include the following elements1:
* Business impact analysis: This is the process of identifying and prioritizing the key business processes and assets that are essential for the organization's survival and recovery.
* Risk assessment: This is the process of identifying and evaluating the potential threats and vulnerabilities that could affect the organization's business continuity.
* Recovery strategies: These are the actions and procedures that the organization will implement to restore its normal operations as quickly and effectively as possible after a disruption or disaster.
* Recovery objectives: These are the metrics that define the acceptable level of recovery for the organization's business processes and assets. The two main recovery objectives are:
* Recovery point objective (RPO): This is the maximum amount of data loss that the organization can tolerate in terms of time. For example, an RPO of one hour means that the organization can afford to lose up to one hour's worth of data after a disruption or disaster.
* Recovery time objective (RTO): This is the maximum amount of time that the organization can tolerate to restore its normal operations after a disruption or disaster. For example, an RTO of four hours means that the organization must resume its normal operations within four hours after a disruption or disaster.
* Testing and validation: This is the process of verifying and evaluating the effectiveness and efficiency of the BCP and its components. Testing and validation can include various methods, such as:
* Tabletop exercises: These are discussion-based sessions where team members meet in an informal setting to review and discuss their roles and responsibilities during a disruption or disaster scenario. A facilitator guides participants through a discussion of one or more scenarios2.
* Simulation exercises: These are more realistic and interactive sessions where team members perform their roles and responsibilities during a simulated disruption or disaster scenario. A facilitator controls and monitors the simulation and injects events and challenges3.
* Full-scale exercises: These are the most complex and realistic sessions where team members perform their roles and responsibilities during a real-life disruption or disaster scenario. A facilitator coordinates and evaluates the exercise with external stakeholders, such as emergency services, media, or customers4.
As an IS auditor, your greatest concern when reviewing the organization's BCP would be A. The recovery plan does not contain the process and application dependencies.


NEW QUESTION # 684
An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that:

  • A. a backup server be loaded with all the relevant software and data.
  • B. source code of the ETCS application be placed in escrow.
  • C. the systems staff of the organization be trained to handle any event.
  • D. a backup server be available to run ETCS operations with up-to-date data.

Answer: B

Explanation:
Whenever proprietary application software is purchased, the contract should provide for a source code agreement. This will ensure that the purchasing company will have the opportunity to modify the software should the vendor cease to be in business.Having a backup server with current data and staff training is critical but not as critical as ensuring the availability of the source code.


NEW QUESTION # 685
......


ISACA CISA (Certified Information Systems Auditor) exam is a certification exam for professionals in the information systems audit field. Certified Information Systems Auditor certification is globally recognized and is considered a valuable asset for individuals seeking to advance their careers in the IT audit industry. The CISA exam is designed to test the candidate's knowledge and understanding of various IT audit concepts, including IT governance, risk management, audit methodology, and information security.

 

Last CISA practice test reviews: Practice Test ISACA dumps: https://lead2pass.real4prep.com/CISA-exam.html

Related Articles

more
ISACA CISA Certification Practice Exam