cisa practice exam questions and answers latest up
Written for
ISACA
All documents for this subject (39)
Seller
Follow
Schoolflix
Reviews received
Content preview
Cisa Practice Exam Questions And Answers
Latest Update
Identify the most critical element from the following for the successful
implementation and ongoing regular maintenance of an information security
policy. [BAC]
A.Management support and approval for the information security policy
B. Understanding of the information security policy by all appropriate parties
C. Punitive actions for any violation of information security rules
D. Stringent access control monitoring of information security rules - correct
answers B. An information security policy comprises of processes, procedures, and
rules in an organization. The most important aspect of a successful
implementation of an information security policy is the assimilation by all
appropriate parties such as employees, service providers, and business partners.
Punitive actions for any violations are related to the education and awareness of
the policy.
Fair Lending has implemented a disaster recovery plan. Andrew, CFO of Fair
Lending, wants to ensure that the implemented plan is adequate. Identify the
immediate next step from the following.
Initiate the Full Operational Test
Initiate the Desk-based Evaluation
Initiate the Preparedness Test
Socialize with the Senior Management and Obtain Sponsorship - correct answers
B. The immediate next step to evaluate the adequacy of a disaster recovery plan
,once it has been implemented is to conduct a desk-based evaluation which is also
known as a paper test. The paper test involves walking through the plan and
discussion on what might happen in a particular type of service disruption with
the major stakeholders. As per the best practice, the paper test precedes the
preparedness test.
There are various methods of suppressing a data center fire. Identify the MOST
effective and environmentally friendly method from the following.
Water-based systems (sprinkler systems)
Argonite systems
Carbon dioxide systems
Dry-pipe sprinkling systems - correct answers D, Dry-pipe sprinkling systems are
the most effective and environmentally friendly from the available options. In this
system, the water does not flow until the fire alarm activates a pump. Water-
based systems (sprinkler systems) are environmentally friendly but may not
present the most effective option. In this system, the water is always present in
the piping, which can potentially leak, causing damage to equipment.
IT risk management process comprises of following 5 steps listed in no particular
sequence. (b) Asset Identification (e) Evaluation of Threats and Vulnerabilities to
Assets (a) Evaluation of the Impact (c) Calculation of Risk (d) Evaluation of and
Response to Risk Identify the correct sequence from the following
b, a, e, c, d
b, e, a, c, d
b, e, a, d, c
a, b, c, d, e - correct answers B. IT risk management process comprises of
following 5 steps: Step 1: Asset Identification Step 2: Evaluation of Threats and
,Vulnerabilities to Assets Step 3: Evaluation of the Impact Step 4: Calculation of
Risk Step 5: Evaluation of and Response to Risk
Palm Trading Company has implemented digital signatures to protect email
communication with their customers. Identify the benefit of using a digital
signature from the following.
Protects email content from unauthorized reading
Protects email content from data theft
Ensure timely delivery of email content
Ensures integrity of the email content - correct answers D. The digital signature is
used for verifying the identity of the sender and the integrity of the content.
Merlin, head of information systems audit at Cocoa Payroll Services, was invited to
a development project meeting. During the meeting, Merlin noted that no project
risks were documented and raised this issue with the head of IT. The IT project
manager opined that it was too early to identify risks and that they intend to hire
a risk manager if risks do start impacting the project. Identify the likely response
from Merlin from the following.
Express the willingness to work with the risk manager when one is appointed
Emphasize the importance of identifying and documenting risks, and to develop
contingency plans
Since the project manager is accountable for the outcome of the project, it is
reasonable to accept his position
Inform the project manager of intent to conduct a review of the risks at the
completion of the requirements definition phase of the project - correct answers
B An experienced project manager must be able to identify the majority of key
, project risks at the beginning of the project, and plan to deal with them when
they do materialize
Quick Micropayments has recently commissioned a critical online customer
platform. The CIO requested the information systems audit department to
conduct an independent review of the system. Identify the priority for the auditor
to plan and initiate an audit.
Review the audit charter and plan the audit
Review the impact of the implementation of the new system on the IT operations
Review prior audit reports on the system and plan the audit
Review the HR reports on employee turnover to identify any impact on the system
- correct answers A. The auditor should review the audit charter and plan the
audit accordingly. Since this is a newly implemented system, prior audit reports
are not available. A review of employee turnover and the impact on the IT
operational environment is of limited value at this stage.
Andrew, CFO of Fair Lending, is working on a business expansion plan to have a
street presence across North America. Andrew wants to ensure the disaster
recovery plan is comprehensive and provides adequate coverage in a potential
business interrupting scenario. The other consideration for Andrew is to have an
adequate and cost-effective evaluation method. Identify suitable evaluation
methods from the following
Preparedness Test
Full Operational Test
Desk-based Evaluation
Annual Tape Backup Recovery - correct answers A. A preparedness test is a
localized version of a full operational test, wherein actual resources are expended
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Schoolflix. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.