Cisa Practice Exam Questions And Answers
Latest Update
The objective of concurrency control in a database system is to:
Select an answer:
A. restrict updating of the database to authorized users.
B. prevent integrity problems when two processes attempt to update the same
data at the same time.
C. prevent inadvertent or unauthorized disclosure of data in the database.
D. ensure the accuracy, completeness and consistency of data. - correct answers B.
prevent integrity problems when two processes attempt to update the same data
at the same time.
Which of the following security measures BEST ensures the integrity of
information stored in a data warehouse? - correct answers a read-only restriction
An organization has just completed its annual risk assessment. Regarding the
business continuity plan, what should an IS auditor recommend as the next step
for the organization? - correct answers Review and evaluate the business
continuity plan for adequacy
An IS auditor discovers that devices connected to the network are not included in
a network diagram that had been used to develop the scope of the audit. The
chief information officer explains that the diagram is being updated and awaiting
final approval. The IS auditor should FIRST: - correct answers evaluate the impact
of the undocumented devices on the audit scope.
,When auditing the archiving process of emails, the IS auditor should pay the
MOST attention to: - correct answers the existence of a data retention policy.
During an audit of an enterprise that is dedicated to e-commerce, the IS manager
states that digital signatures are used when receiving communications from
customers. To substantiate this, an IS auditor must prove that which of the
following is used? - correct answers A hash of the data that is transmitted and
encrypted with the customer's private key
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of
receiving financial data and has communicated the site's address, user ID and
password to the financial services company in separate email messages. The
company is to transmit its data to the FTP site after manually encrypting the data.
The IS auditor's GREATEST concern with this process is that: - correct answers the
users may not remember to manually encrypt the data before transmission.
Which of the following choices would be the BEST source of information when
developing a risk-based audit plan? - correct answers Senior management identify
key business processes.
An IS auditor performing a review of application controls would evaluate the: -
correct answers impact of any exposures discovered.
An IS auditor is reviewing Secure Sockets Layer enabled web sites for the
company. Which of the following choices would be the HIGHEST risk? - correct
answers Self-signed digital certificates
A large chain of shops with electronic funds transfer at point-of-sale devices has a
central communications processor for connecting to the banking network. Which
, of the following is the BEST disaster recovery plan for the communications
processor? - correct answers Alternative standby processor at another network
node
Which of the following should an IS auditor review to understand project progress
in terms of time, budget and deliverables for early detection of possible overruns
and for projecting estimates at completion? - correct answers earned value
analysis
(This is an industry standard method for measuring a project's progress at any
given point in time, forecasting its completion date and final cost, and analyzing
variances in the schedule and budget as the project proceeds. It compares the
planned amount of work with what has actually been completed to determine if
the cost, schedule and work accomplished are progressing in accordance with the
plan. EVA works most effectively if a well-formed work breakdown structure
exists.)
The MAIN purpose for periodically testing offsite disaster recovery facilities is to: -
correct answers ensure the continued compatibility of the contingency facilities.
The success of control self-assessment depends highly on: - correct answers line
managers assuming a portion of the responsibility for control monitoring
(The primary objective of a control self-assessment (CSA) program is to leverage
the internal audit function by shifting some of the control monitoring
responsibilities to the functional area line managers. The success of a CSA
program depends on the degree to which line managers assume responsibility for
controls. This enables line managers to detect and respond to control errors
promptly.)
What is a risk associated with attempting to control physical access to sensitive
areas such as computer rooms using card keys or locks? - correct answers
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Schoolflix. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €14,72. Je zit daarna nergens aan vast.