ISACA CISA Practice Exam Questions and
Answers 100% Verified.
Abend - answer✔✔An abnormal end to a computer job; termination of a task prior to its
completion because of an error condition that cannot be resolved by recovery facilities while the
task is executing
Acceptable Use Policy - answer✔✔A policy that establishes an agreement between users and the
enterprise and defines for all parties' the ranges of use that are approved before gaining access to
a network or the Internet.
Access Control - answer✔✔The processes, rules and deployment mechanisms that control access
to information systems, resources and physical access to premises
Access Control List (ACL) - answer✔✔An internal computerized table of access rules regarding
the levels of computer access permitted to logon IDs and computer terminals. Also referred to as
access control tables.
Access control table - answer✔✔An internal computerized table of access rules regarding the
levels of computer access permitted to logon IDs and computer terminals
Access Method - answer✔✔The technique used for selecting records in a file, one at a time, for
processing, retrieval or storage. The access method is related to, but distinct from, the file
organization, which determines how the records are stored.
Access Path - answer✔✔The logical route an end user takes to access computerized information.
Typically, it includes a route through the operating system, telecommunications software,
selected application software and the access control system.
Access rights - answer✔✔The permission or privileges granted to users, programs or
workstations to create, change, delete or view data and files within a system, as defined by rules
established by data owners and the information security policy
Access Servers - answer✔✔Provides centralized access control for managing remote access dial-
up services
Address - answer✔✔Within computer storage, the code used to designate the location of a
specific piece of data
Address Space - answer✔✔The number of distinct locations that may be referred to with the
machine address. For most binary machines, it is equal to 2n, where n is the number of bits in the
machine address.
Addressing - answer✔✔The method used to identify the location of a participant in a network.
Ideally, addressing specifies where the participant is located rather than who they are (name) or
how to get there (routing).
Administrative controls - answer✔✔The rules, procedures and practices dealing with operational
effectiveness, efficiency and adherence to regulations and management policies.
Adware - answer✔✔A software package that automatically plays, displays or downloads
advertising material to a computer after the software is installed on it or while the application is
being used. In most cases, this is done without any notification to the user or without the user's
consent. The term adware may also refer to software that displays advertisements, whether or not
it does so with the user's consent; such programs display advertisements as an alternative to
shareware registration fees. These are classified as adware in the sense of advertising supported
software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the
user and provides the user with a specific service.
Alpha - answer✔✔The use of alphabetic characters or an alphabetic character string
Alternative routing - answer✔✔A service that allows the option of having an alternate route to
complete a call when the marked destination is not available. In signaling, alternate routing is the
process of allocating substitute routes for a given signaling traffic stream in case of failure(s)
affecting the normal signaling links or routes of that traffic stream.
Which of the following is the BEST performance indicator for the effectiveness of an incident
management program?
A. Incident alert meantime
B. Number of incidents reported
C. Average time between incidents
D. Incident resolution meantime - answer✔✔D. Incident resolution meantime
Backups will MOST effectively minimize a disruptive incident's impact on a business if they are:
A. taken according to recovery point objectives (RPOs).
B. scheduled according to the service delivery objectives.
C. performed by automated backup software on a fixed schedule.
D. stored on write-once read-many media. - answer✔✔B. scheduled according to the service
delivery objectives
An IS audit reveals that an organization is not proactively addressing known vulnerabilities.
Which of the following should the IS auditor recommend the organization do FIRST?
A. Ensure the intrusion prevention system (IPS) is effective.
B. Verify the disaster recovery plan (DRP) has been tested.
C. Assess the security risks to the business.
D. Confirm the incident response team understands the issue. - answer✔✔C. Assess the security
risks to the business
An IS auditor has completed the fieldwork phase of a network security review and is preparing
the initial draft of the audit report. Which of the following findings should be ranked as the
HIGHEST risk?
A. Network penetration tests are not performed.
B. The network firewall policy has not been approved by the information security officer.
C. Network firewall rules have not been documented.
D. The network device inventory is incomplete. - answer✔✔D. The network device inventory is
incomplete.
Which of the following is the PRIMARY advantage of parallel processing for a new system
implementation?
A. Assurance that the new system meets functional requirements
B. Significant cost savings over other system implementation approaches
C. More time for users to complete training for the new system
D. Assurance that the new system meets performance requirements - answer✔✔A. Assurance
that the new system meets functional requirements
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
