CISA Certification Free Questions – Certified Information Systems Auditor – PassQuestion Free Questions To Test Online

1. Which of the following can best detect unauthorized data modifications by the database administrator?

Compare the data with the input record

Review changes to editorial checks

Audit database change request

Audit database activity log

2. Which of the following is the most important consideration item for information systems auditor when assessing whether a company’s information security policy is appropriate?

Business objectives

Consistent with IT tactical planning

IT Steering Committee

If it is in line with industry best practices

3. A company outsources various IT operations to different suppliers.

Which of the following is most important in determining the scope of the audit when planning an audit of the contractual outsourcing business?

Company’s supplier selection process and supplier qualification

Subcontractor management of outsourcing business

Business management department assesses the importance of the outsourcing process

Contract management process for each different supplier record

4. Which of the following solutions can best solve the problem of aging of IT systems?

Application portfolio management

Configuration Management

New version release management

IT project management

5. Which of the following is the most effective way to prevent theft of company information from your laptop?

Install biometric access control

Encrypt all data on the hard disk

Protect important files with passwords

Encrypted File Allocation Table (FAT)

6. A company is considering replacing a backup tape stored in a different location with a real-time online backup located in the primary data center storage area network (SAN).

Which of the following is the biggest risk?

A single disaster can result in a large loss of data.

Backup require too much storage space.

The archived data can be insufficient for data retention requirements.

Implementation may result in significant cost increases。

7. When reviewing system access rights, the information system auditor noticed that an employee’s role within the organization has recently changed, but still has prior access. What should be the next step for the auditor?

Management department revoke the current access rights.

Determine why the access has not been revoked.

Suggest an automatic access control access donation.

Determine if the access rights violate the software license.

8. Information systems auditors are assessing the risk of zero-day attacks and mitigation controls for companies.

The best advice for auditors is to implement:

Heuristic Intrusion Prevention System (IPS)

Name-based antivirus program.

Quarantine Area (DMZ)

Intrusion System (IDS).

9. The company makes strategic decisions, and in order to improve profitability, the company will be divided into several separate operational entities. And each entity maintains a shared IT infrastructure.

Which of the following is most helpful in ensuring that the work of the information systems auditor still includes key risk areas within the IT environment as part of its annual plan?

Perform an audit of recently introduced IT policies and procedures

Improved risk-based information system audit frequency for individual business entities

Developed a plan based on the business processes of each entity

Revision of the information system audit, plan, focusing on IT changes that occur after the split

10. Which of the following situations will affect the separation of duties?

The database administrator (DBA) modified the structure of the user table

The operator modified the batch schedule

The programmer ported the program to the production environment

The programmer accessed the test data

CISA Certification Free Questions – Certified Information Systems Auditor

CISA Certification Free Questions – Certified Information Systems Auditor

Leave a Reply Cancel reply