Cisa domain 2 complete - Study guides, Class notes & Summaries

©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM 1 CISA Domain 1 Exam Study Guide with Complete Solutions An IS auditor is conducting a compliance test to determine whether controls support management policies and procedures. The test will assist the IS auditor to determine: - Answer️️ -That the control is operating as designed Compliance tests can be used to test the existence and effectiveness of a defined process. Understanding the objective of a compliance t...

CISA Domain 4 Information Systems Operations, Maintenance and Service Management 100 Questions with Verified Answers Service Level Management - CORRECT ANSWER negotiate, document, and manage the services in the manner in which the customer requires those services (not necessarily ensures that services are delivered at highest level of availability) Availability reports - CORRECT ANSWER downtime is addressed here and provides time period which computer was available for utilization by use...

Certified Information Systems Auditor (CISA) Cert Guide 109 Questions with Verified Answers Which of the following best describes a baseline document? a. A PCI industry standard requiring a 15-minute session timeout b. Installation step recommendations from the vendor for an Active Directory server c. A network topography diagram of the Active Directory forest d. Security configuration settings for an Active Directory server - CORRECT ANSWER D. A baseline is correct because it is a platfo...

CISA Domain 5 Exam 109 Questions with Verified Answers Information security steering committee - CORRECT ANSWER Security policies, guidelines and procedures affect the entire organization and as such, should have the support and suggestions of end users, executive management, auditors, security admins, information systems personnel and legal counsel. Therefore, individuals representing various management levels should meet as a committee to discuss these issues and establish and approve secur...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

CISA Domain 2 Exam 100 Questions with Verified Answers What does EGIT stand for? What is it's meaning? - CORRECT ANSWER Enterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - CORRECT ANSWER 1. IT Resource Management - Focuses on maintainng an updated inventory of all IT res...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

Domain 4 CISA Exam 325 Questions with Verified Answers what identifies and locates assets within a limited radius? - CORRECT ANSWER RFID- Radio Frequency Identification What uses radio waves to identify tagged objects? - CORRECT ANSWER RFID- Radio Frequency Identification In (RFID) Radio Frequency Identification, uses radio waves to identify TAGGED objects. What is included in a tag? - CORRECT ANSWER A tag includes a microchip and antenna. Microchip stores info and Antenna transmits inf...

CISA Domain 3 Exam 113 Questions with Verified Answers Integrated Test Facility (ITF) - CORRECT ANSWER - Fictitious entity is created in LIVE environment - This technique allows auditor to open a dummy account - Auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness - Processed results and expected results are compared to verify that systems are operating correctly - Example: A dummy asset of $100,000/- is entered into syst...

CISA Domain 2 Exam 183 Questions with Verified Answers IT management - CORRECT ANSWER the process of managing activities related to information technology operations and resources, which helps ensure that IT continues to support the defined enterprise objectives IT resource management - CORRECT ANSWER the process of pre-planning, scheduling and allocating the limited IT resources to maximize efficiency in achieving the enterprise objectives - When an organization invests its resources in...