Cisa domain 3 - Study guides, Class notes & Summaries

CISA QAE Domain 5 Exam 89 Questions with Verified Answers When reviewing an organization's logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor? - CORRECT ANSWER Unencrypted passwords are used. When evaluating the technical aspects of logical security, unencrypted passwords represent the greatest risk because it would be assumed that remote access would be over an untrusted network where passwords could be discovered. Which...

PREP DOMAIN 1,2,3.4 AND 5|2025 CISA EXAM PREP

CISA Exam Practice Questions and Answers (100% Pass) 5 Tasks within the domain covering the process of auditing information systems - Answer️️ -1. Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included 2. Plan specific audits to determine whether information systems are protected, controlled and provided value to the organization 3. Conduct audits in accordance with IT audit standards to achieve planned audit ob...

CISA Domain 3 Missed 56 Questions with Verified Answers When auditing the proposed acquisition of a new computer system, an IS auditor should FIRST ensure that: a clear business case has been approved by management. corporate security standards will be met. users will be involved in the implementation plan. the new system will meet all required user functionality. - CORRECT ANSWER A is the correct answer. Justification The first concern of an IS auditor is to ensure that the proposal me...

CISA 3330 Final Exam 67 Questions with Verified Answers The Microsoft failover cluster feature that can scan, download, install updates on cluster nodes is knows as __________ - __________ updating. - CORRECT ANSWER cluster, aware To use Hyper-V Replica, both hosts need to be on the same domain. - CORRECT ANSWER False To remove a node from a failover cluster in Failover Cluster Manager you would select ___________ node. - CORRECT ANSWER Evict When evaluating the availability of a ser...

Domain 1 (CISA Review Questions, Answers & Explanations Manual, 12th Edition | Print | English), Questions and answers. Al-l The internal audit department wrote some scripts that are used for continuous auditing of some information systems. The IT department asked for copies of the scripts so that they can use them for setting up a continuous monitoring process on key systems. Does sharing these scripts with IT affect the ability of the IS auditors to independently and objectively a...

CISA Domain 2 Complete Exam with Correct Answers According to COBIT's perspective what is the difference between Governance and Management? - ANSWER-Governance - Ensures stakeholders needs, conditions and options are evaluated to determine enterprise objectives. Performance is monitored based on enterprise objectives. Management - Plans activities according to the governance body. (Basically a step down, more hands on approach). .Give some examples of EGIT frameworks. - ANSWER-1. COBIT ...

CISA Domain 3 Exam 113 Questions with Verified Answers Integrated Test Facility (ITF) - CORRECT ANSWER - Fictitious entity is created in LIVE environment - This technique allows auditor to open a dummy account - Auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness - Processed results and expected results are compared to verify that systems are operating correctly - Example: A dummy asset of $100,000/- is entered into syst...

CISA Domain 3 Info Sys Acquisition, Development & Implementation 53 Questions with Verified Answers Benchmarking a Process - CORRECT ANSWER term used to describe the activity of continuous process improvement. The purpose of benchmarking is to compare key measurements in a business process. Plan, Research (yourself), Observe(others), Adopt, Improve Characteristic of the Maturity Levels (CMMI) - CORRECT ANSWER IRDMO - I Remember Do Make Oatmeal 1. Initial -This level has no process, no...

CISA QUESTIONS AND ANSWERS 100% CORRECT 5 Tasks within the domain covering the process of auditing information systems 1. Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included 2. Plan specific audits to determine whether information systems are protected, controlled and provided value to the organization 3. Conduct audits in accordance with IT audit standards to achieve planned audit objectives 4. Report audit findin...