• Home
  • Articles
  • [Apr-2024] Feel ISACA CISA Dumps PDF Will likely be The best Option [Q554-Q576]

[Apr-2024] Feel ISACA CISA Dumps PDF Will likely be The best Option [Q554-Q576]

Share

[Apr-2024] Feel ISACA CISA Dumps PDF Will likely be The best Option

CISA exam torrent ISACA study guide


The CISA certification exam is designed to test your knowledge and skills in the areas of information systems auditing, control, and security. CISA exam covers four domains: Information Systems Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, and Information Systems Operations, Maintenance and Service Management. CISA exam consists of 150 multiple-choice questions that are to be completed within a four-hour time frame.


For more info visit:

ISACA CISA Certification Exam Reference

 

NEW QUESTION # 554
.Any changes in systems assets, such as replacement of hardware, should be immediately recorded within the assets inventory of which of the following? Choose the BEST answer.

  • A. Business impact analysis
  • B. Incident response plan
  • C. IT strategic plan
  • D. Business continuity plan

Answer: D

Explanation:
Any changes in systems assets, such as replacement of hardware, should be immediately recorded within the assets inventory of a business continuity plan.


NEW QUESTION # 555
Which of the following is the MOST important requirement for an IS auditor to evaluate when reviewing a
transmission of personally identifiable information between two organizations?

  • A. Timeliness
  • B. Accuracy
  • C. Completeness
  • D. Necessity

Answer: D

Explanation:
Section: The process of Auditing Information System


NEW QUESTION # 556
Which of the following is the BEST reason to implement a data retention policy?

  • A. To establish a recovery point detective (RPO) for (toaster recovery procedures
  • B. To document business objectives for processing data within the organization
  • C. To limit the liability associated with storing and protecting information
  • D. To assign responsibility and ownership for data protection outside IT

Answer: C


NEW QUESTION # 557
An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:

  • A. approved by the chief executive officer (CEO).
  • B. regularly reviewed and updated.
  • C. communicated to every department head in the organization.
  • D. tested every six months.

Answer: B

Explanation:
The plan should be reviewed at appropriate intervals, depending upon the nature of the business and the rate of change of systems and personnel. Otherwise, it may become out of date and may no longer be effective. The plan must be subjected to regular testing, but the period between tests will again depend on the nature of the organization and the relative importance of IS. Three months or even annually may be appropriate in different circumstances. Although the disaster recovery plan should receive the approval of senior management, it need not be the CEO if another executive officer is equally or more appropriate. For a purely IS-related plan, the executive responsible for technology may have approved the plan. Similarly, although a business continuity plan is likely to be circulated throughout an organization, the IS disaster recovery plan will usually be a technical document and only relevant to IS and communications staff.


NEW QUESTION # 558
Which type of major BCP test only requires representatives from each operational area to meet to review the plan?

  • A. Paper
  • B. Parallel
  • C. Walk-thorough
  • D. Preparedness

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Of the three major types of BCP tests (paper, walk-through, and preparedness), a walk-through test requires only that representatives from each operational area meet to review the plan.


NEW QUESTION # 559
An IS auditor finds that a DBA has read and write access to production datA. The IS auditor should:

  • A. assess the controls relevant to the DBA function.
  • B. review user access authorizations approved by the DBA.
  • C. recommend the immediate revocation of the DBA access to production data.
  • D. accept the DBA access as a common practice.

Answer: A

Explanation:
It is good practice when finding a potential exposure to look for the best controls. Though granting the database administrator (DBA) access to production data might be a common practice, the IS auditor should evaluate the relevant controls. The DBAshould have access based on a need-toknow and need-to-do basis; therefore, revocation may remove the access required. The DBA, typically, may need to have access to some production datA . Granting user authorizations is the responsibility of the dataowner and not the DBA.


NEW QUESTION # 560
.Which of the following is BEST characterized by unauthorized modification of data before or during systems data entry?

  • A. Salami attack
  • B. Data corruption
  • C. Data diddling
  • D. Skimming

Answer: C

Explanation:
Data diddling involves modifying data before or during systems data entry.


NEW QUESTION # 561
In an EDI process, the device which transmits and receives electronic documents is the:

  • A. application interface.
  • B. EDI interface.
  • C. communications handler.
  • D. EDI translator.

Answer: C

Explanation:
Section: Protection of Information Assets
Explanation:
A communications handler transmits and receives electronic documents between trading partners and/or
wide area networks (WANs).


NEW QUESTION # 562
E-mail traffic from the Internet is routed via firewall-1 to the mail gateway. Mail is routed from the mail gateway, via firewall-2, to the mail recipients in the internal network. Other traffic is not allowed. For example, the firewalls do not allow direct traffic from the Internet to the internal network.

The intrusion detection system (IDS) detects traffic for the internal network that did not originate from the mail gateway. The FIRST action triggered by the IDS should be to:

  • A. create an entry in the log.
  • B. close firewall-1.
  • C. alert the appropriate staff.
  • D. close firewall-2.

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Traffic for the internal network that did not originate from the mail gateway is a sign that firewall-1 is not functioning properly. This may have been caused by an attack from a hacker. Closing firewall-2 is the first thing that should be done, thus preventing damage to the internal network.
After closing firewall-2, the malfunctioning of firewall-1 can be investigated. The IDS should trigger the closing of firewall-2 either automatically or by manual intervention. Between the detection by the IDS and a response from the system administrator valuable time can be lost, in which a hacker could also compromise firewall-2. An entry in the log is valuable for later analysis, but before that, the IDS should close firewall-2. If firewall-1 has already been compromised by a hacker, it might not be possible for the IDS to close it.


NEW QUESTION # 563
Which of the following is the BEST reason for delaying the application of a critical security patch?

  • A. Conflicts with software development life cycle
  • B. Resource limitations
  • C. Technology interdependencies
  • D. Lack of vulnerability management

Answer: C

Explanation:
Section: Information System Operations, Maintenance and Support
Explanation/Reference:


NEW QUESTION # 564
Which type of risk would MOST influence the selection of a sampling methodology?

  • A. Residual
  • B. Detection
  • C. Inherent
  • D. Control

Answer: B

Explanation:
Explanation
The type of risk that would most influence the selection of a sampling methodology is detection risk (option D). This is because:
Detection risk is the risk that the auditor will not detect a material misstatement that exists in an assertion1. Detection risk depends on the effectiveness of the audit procedures and how well they are applied by the auditor1.
The selection of a sampling methodology is part of the design of audit procedures, which aims to reduce detection risk to an acceptable level1. The auditor should consider the following factors when selecting a sampling methodology23:
The objectives of the audit procedure and the related assertions.
The characteristics of the population from which the sample will be drawn, such as its size, homogeneity, and structure.
The sampling technique to be used, such as random, systematic, haphazard, or judgmental.
The sample size and the method of selecting sample items.
The evaluation of the sample results and the projection of errors to the population.
The auditor should also consider the advantages and disadvantages of different sampling methodologies, such as statistical and non-statistical sampling23. Statistical sampling is a sampling technique that uses random selection and probability theory to evaluate sample results. Non-statistical sampling is a sampling technique that does not use random selection or probability theory to evaluate sample results. Some of the advantages and disadvantages are as follows23:
Statistical sampling allows the auditor to measure and control sampling risk, which is the risk that the sample is not representative of the population. Statistical sampling also allows the auditor to quantify the precision and reliability of the sample results. However, statistical sampling requires more technical knowledge and skills, as well as more time and cost, than non-statistical sampling.
Non-statistical sampling relies on the auditor's professional judgment and experience to select and evaluate sample items. Non-statistical sampling is more flexible and less complex than statistical sampling. However, non-statistical sampling does not provide an objective basis for measuring and controlling sampling risk, nor does it allow the auditor to quantify the precision and reliability of the sample results.
Therefore, the type of risk that would most influence the selection of a sampling methodology is detection risk (option D), as it determines how effective and efficient the audit procedures should be in order to provide sufficient appropriate audit evidence.
References: 1: Audit Sampling - Overview, Purpose, Importance, and Types 2: Audit Sampling | Auditing and Attestation | CPA Exam FAR 3: Audit Sampling | ACCA Qualification | Students | ACCA Global


NEW QUESTION # 565
Which of the following is an effective method for controlling downloading of files via FTP?

  • A. An application-layer gateway, or proxy firewall
  • B. A first-generation packet-filtering firewall
  • C. A circuit-level gateway
  • D. An application-layer gateway, or proxy firewall, but not stateful inspection firewalls

Answer: A

Explanation:
Section: Protection of Information Assets
Explanation:
Application-layer gateways, or proxy firewalls, are an effective method for controlling downloading of files
via FTP. Because FTP is an OSI application-layer protocol, the most effective firewall needs to be capable
of inspecting through the application layer.


NEW QUESTION # 566
Which of the following would be of MOST concern to an IS auditor reviewing a virtual private network (VPN) implementation? Computers on the network that are located:

  • A. at the enterprise's remote offices.
  • B. at the backup site.
  • C. on the enterprise's internal network.
  • D. in employees' homes.

Answer: D

Explanation:
Explanation/Reference:
Explanation:
One risk of a virtual private network (VPN) implementation is the chance of allowing high-risk computers onto the enterprise's network. All machines that are allowed onto the virtual network should be subject to the same security policy. Home computers are least subject to the corporate security policies, and therefore are high-risk computers. Once a computer is hacked and 'owned/ any network that trusts that computer is at risk. Implementation and adherence to corporate security policy is easier when all computers on the network are on the enterprise's campus. On an enterprise's internal network, there should be security policies in place to detect and halt an outside attack that uses an internal machine as a staging platform. Computers at the backup site are subject to the corporate security policy, and therefore are not high-risk computers. Computers on the network that are at the enterprise's remote offices, perhaps with different IS and security employees who have different ideas about security, are more risky than choices A and B, but obviously less risky than home computers.


NEW QUESTION # 567
When reviewing procedures for emergency changes to programs, the IS auditor should verify that the procedures:

  • A. allow programmers permanent access to production programs.
  • B. allow undocumented changes directly to the production library.
  • C. allow changes, which will be completed using after-the-fact follow-up.
  • D. do not allow any emergency changes.

Answer: C

Explanation:
There may be situations where emergency fixes are required to resolve system problems. This involves the use of special logon IDs that grant programmers temporary access to production programs during emergency situations. Emergency changes should becompleted using after-thefact follow-up procedures, which ensure that normal procedures are retroactively applied; otherwise, production may be impacted. Changes made in this fashion should be held in an emergency library from where they can be moved to the production library, following the normal change management process. Programmers should not directly alter the production library nor should they be allowed permanent access to production programs.


NEW QUESTION # 568
Disaster recovery planning (DRP) addresses the:

  • A. functional aspect of business continuity planning.
  • B. operational piece of business continuity planning.
  • C. technological aspect of business continuity planning.
  • D. overall coordination of business continuity planning.

Answer: C

Explanation:
Section: Protection of Information Assets
Explanation:
Disaster recovery planning (DRP) is the technological aspect of business continuity planning. Business
resumption planning addresses the operational part of business continuity planning.


NEW QUESTION # 569
.With the objective of mitigating the risk and impact of a major business interruption, a disasterrecovery plan should endeavor to reduce the length of recovery time necessary, as well as costs associated with recovery. Although DRP results in an increase of pre-and post-incident operational costs, the extra costs are more than offset by reduced recovery and business impact costs. True or false?

  • A. True
  • B. False

Answer: A

Explanation:
With the objective of mitigating the risk and impact of a major business interruption, a disaster-recovery plan should endeavor to reduce the length of recovery time necessary and the costs associated with recovery. Although DRP results in an increase of pre-and post-incident operational costs, the extra costs are more than offset by reduced recovery and business impact costs.


NEW QUESTION # 570
An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

  • A. security parameters are set in accordance with the organization's policies.
  • B. the procurement project invited lenders from at least three different suppliers.
  • C. a detailed business case was formally approved prior to the purchase.
  • D. security parameters are set in accordance with the manufacturer s standards.

Answer: A


NEW QUESTION # 571
Which of the following level in CMMI model focuses on process definition and process deployment?

  • A. Level 5
  • B. Level 2
  • C. Level 4
  • D. Level 3

Answer: D

Explanation:
Explanation/Reference:
Level 3 is the defined step and focus on process definition and process deployment.
For CISA Exam you should know below information about Capability Maturity Model Integration (CMMI) mode:
Maturity model
A maturity model can be viewed as a set of structured levels that describe how well the behaviors, practices and processes of an organization can reliably and sustainable produce required outcomes.
CMMI Levels

A maturity model can be used as a benchmark for comparison and as an aid to understanding - for example, for comparative assessment of different organizations where there is something in common that can be used as a basis for comparison. In the case of the CMM, for example, the basis for comparison would be the organizations' software development processes.
Structure
The model involves five aspects:
Maturity Levels: a 5-level process maturity continuum - where the uppermost (5th) level is a notional ideal state where processes would be systematically managed by a combination of process optimization and continuous process improvement.
Key Process Areas: a Key Process Area identifies a cluster of related activities that, when performed together, achieve a set of goals considered important.
Goals: the goals of a key process area summarize the states that must exist for that key process area to have been implemented in an effective and lasting way. The extent to which the goals have been accomplished is an indicator of how much capability the organization has established at that maturity level.
The goals signify the scope, boundaries, and intent of each key process area.
Common Features: common features include practices that implement and institutionalize a key process area. There are five types of common features: commitment to perform, ability to perform, activities performed, measurement and analysis, and verifying implementation.
Key Practices: The key practices describe the elements of infrastructure and practice that contribute most effectively to the implementation and institutionalization of the area.
Levels
There are five levels defined along the continuum of the model and, according to the SEI: "Predictability, effectiveness, and control of an organization's software processes are believed to improve as the organization moves up these five levels. While not rigorous, the empirical evidence to date supports this belief".[citation needed] Initial (chaotic, ad hoc, individual heroics) - the starting point for use of a new or undocumented repeat process.
Repeatable - the process is at least documented sufficiently such that repeating the same steps may be attempted.
Defined - the process is defined/confirmed as a standard business process, and decomposed to levels 0, 1 and 2 (the last being Work Instructions).
Managed - the process is quantitatively managed in accordance with agreed-upon metrics.
Optimizing - process management includes deliberate process optimization/improvement.
Within each of these maturity levels are Key Process Areas which characteristic that level, and for each such area there are five factors: goals, commitment, ability, measurement, and verification. These are not necessarily unique to CMM, representing - as they do - the stages that organizations must go through on the way to becoming mature.
The model provides a theoretical continuum along which process maturity can be developed incrementally from one level to the next. Skipping levels is not allowed/feasible.
Level 1 - Initial (Chaotic)
It is characteristic of processes at this level that they are (typically) undocumented and in a state of dynamic change, tending to be driven in an ad hoc, uncontrolled and reactive manner by users or events.
This provides a chaotic or unstable environment for the processes.
Level 2 - Repeatable
It is characteristic of processes at this level that some processes are repeatable, possibly with consistent results. Process discipline is unlikely to be rigorous, but where it exists it may help to ensure that existing processes are maintained during times of stress.
Level 3 - Defined
It is characteristic of processes at this level that there are sets of defined and documented standard processes established and subject to some degree of improvement over time. These standard processes are in place (i.e., they are the AS-IS processes) and used to establish consistency of process performance across the organization.
Level 4 - Managed
It is characteristic of processes at this level that, using process metrics, management can effectively control the AS-IS process (e.g., for software development ). In particular, management can identify ways to adjust and adapt the process to particular projects without measurable losses of quality or deviations from specifications. Process Capability is established from this level.
Level 5 - Optimizing
It is a characteristic of processes at this level that the focus is on continually improving process performance through both incremental and innovative technological changes/improvements.
At maturity level 5, processes are concerned with addressing statistical common causes of process variation and changing the process (for example, to shift the mean of the process performance) to improve process performance. This would be done at the same time as maintaining the likelihood of achieving the established quantitative process-improvement objectives.
The following were incorrect answers:
Level 4 - Focus on process management and process control
Level 5 - Process innovation and continuous optimization.
Level 2 - Performance management and work product management.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 188


NEW QUESTION # 572
Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

  • A. Infrastructure as a Service (laaSJ provider
  • B. Network segmentation
  • C. Software as a Service (SaaS) provider
  • D. Dynamic localization

Answer: D


NEW QUESTION # 573
Which of the following INCORRECTLY describes the layer functions of the LAN or WAN Layer of the TCP/ IP model?

  • A. Provide address to media using MAC address
  • B. Combines packets into bytes and bytes into frame
  • C. Performs only error detection
  • D. Providers logical addressing which routers use for path determination

Answer: D

Explanation:
Section: Information System Operations, Maintenance and Support
Explanation:
The word INCORRECTLY is the keyword used in the question. You need to find out the functionality that is not performed by LAN or WAN layer in TCP/IP model.
The Network layer of a TCP/IP model provides logical addressing which routers use for path determination.
For your exam you should know below information about TCP/IP model:
Network Models

Layer 4. Application Layer
Application layer is the top most layer of four layer TCP/IP model. Application layer is present on the top of the Transport layer. Application layer defines TCP/IP application protocols and how host programs interface with Transport layer services to use the network.
Application layer includes all the higher-level protocols like DNS (Domain Naming System), HTTP (Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transfer Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows, RDP (Remote Desktop Protocol) etc.
Layer 3. Transport Layer
Transport Layer is the third layer of the four layer TCP/IP model. The position of the Transport layer is between Application layer and Internet layer. The purpose of Transport layer is to permit devices on the source and destination hosts to carry on a conversation. Transport layer defines the level of service and status of the connection used when transporting data.
The main protocols included at Transport layer are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
Layer 2. Internet Layer
Internet Layer is the second layer of the four layer TCP/IP model. The position of Internet layer is between Network Access Layer and Transport layer. Internet layer pack data into data packets known as IP datagram's, which contain source and destination address (logical address or IP address) information that is used to forward the datagram's between hosts and across networks. The Internet layer is also responsible for routing of IP datagram's.
Packet switching network depends upon a connectionless internetwork layer. This layer is known as Internet layer. Its job is to allow hosts to insert packets into any network and have them to deliver independently to the destination. At the destination side data packets may appear in a different order than they were sent. It is the job of the higher layers to rearrange them in order to deliver them to proper network applications operating at the Application layer.
The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol) and IGMP (Internet Group Management Protocol).
Layer 1. Network Access Layer
Network Access Layer is the first layer of the four layer TCP/IP model. Network Access Layer defines details of how data is physically sent through the network, including how bits are electrically or optically signaled by hardware devices that interface directly with a network medium, such as coaxial cable, optical fiber, or twisted pair copper wire.
The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25, Frame Relay etc.
The most popular LAN architecture among those listed above is Ethernet. Ethernet uses an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to access the media, when Ethernet operates in a shared media. An Access Method determines how a host will place data on the medium.
IN CSMA/CD Access Method, every host has equal access to the medium and can place data on the wire when the wire is free from network traffic. When a host wants to place data on the wire, it will check the wire to find whether another host is already using the medium. If there is traffic already in the medium, the host will wait and if there is no traffic, it will place the data in the medium. But, if two systems place data on the medium at the same instance, they will collide with each other, destroying the data. If the data is destroyed during transmission, the data will need to be retransmitted. After collision, each host will wait for a small interval of time and again the data will be retransmitted.
Protocol Data Unit (PDU):

The following answers are incorrect:
The other options correctly describe functionalities of application layer in TCP/IP model.
Reference:
CISA review manual 2014 page number 272


NEW QUESTION # 574
The CIO of an organization is concerned that the information security policies may not be comprehensive.
Which of the following should an IS auditor recommend be performed FIRST?

  • A. Establish a governance board to track compliance with the policies
  • B. Compare the policies against an industry framework.
  • C. Determine if there is j process to handle exceptions to the policies
  • D. Obtain a copy of their competitor's policies

Answer: A


NEW QUESTION # 575
While reviewing similar issues in an organization's help desk system, an IS auditor finds that they were analyzed independently and resolved differently. This situation MOST likely indicates a deficiency in:

  • A. change management.
  • B. configuration management.
  • C. problem management.
  • D. IT service level management.

Answer: C

Explanation:
Section: The process of Auditing Information System


NEW QUESTION # 576
......

Use Valid New CISA Test Notes & CISA Valid Exam Guide: https://www.examdumpsvce.com/CISA-valid-exam-dumps.html

CISA Actual Questions Answers PDF 100% Cover Real Exam Questions: https://drive.google.com/open?id=1vYK4x8G3vDAbQcz8p-npXlxecgf-o6NH

Related Articles

more
ISACA CISA Certification Practice Exam

ExamDumpsVCE not only provides professional valid VCE files but also golden customer service. 99.54% passing rate will help most users pass exams easily if users pay highly attention on our stable dumps VCE and reliable exam dumps.

Latest Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamDumpsVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy