[Q429-Q454] Excellent CISA PDF Dumps With 100% TestkingPass Exam Passing Guaranted [Jan-2022]

Share

Excellent CISA PDF Dumps With 100% TestkingPass Exam Passing Guaranted [Jan-2022]

100% Pass Your CISA Certified Information Systems Auditor at First Attempt with TestkingPass


As a renowned validation among tech specialists, the Isaca CISA exam can strategically help in plotting your career goals. This certification test is designed to fortify your command in information systems and management. It’s one of the most practical validations for mid-career individuals eyeing to take the next step in their careers.


Career Prospects for Successful Exam-Passers

Any successful candidate who manages to pass the ISACA CISA certification exam can take the role of information systems auditor in international companies. According to Payscale.com, a mid-level auditor with a minimum of 5-9 years of experience can get an annual salary of $75k.

 

NEW QUESTION 429
Assuming this diagram represents an internal facility and the organization is implementing a firewall protection program, where should firewalls be installed?

  • A. SMTP Gateway and op-3
  • B. Op-3 location only
  • C. MIS (Global) and NAT2
  • D. No firewalls are needed

Answer: A

Explanation:
The objective of a firewall is to protect a trusted network from an untrusted network; therefore, locations needing firewall implementations would be at the existence of the external connections. All other answers are incomplete or represent internal connections.

 

NEW QUESTION 430
In a cloud technology environment, which of the following would pose the GREATEST challenge to the
investigation of security incidents?

  • A. Compressed customer data
  • B. Access to the hardware
  • C. Non-standard event logs
  • D. Data encryption

Answer: B

Explanation:
Section: Information System Acquisition, Development and Implementation

 

NEW QUESTION 431
When participating as a member of a system development team, the IS auditor should be aware that:

  • A. the auditor should sign a statement of independence prior to participating in the project team.
  • B. the auditor's ability to perform an independent evaluation of the application after implementation will be impaired.
  • C. for ongoing evaluation capability, the auditor should ensure that computer audit software is implemented in all applications.
  • D. as a control specialist, the auditor can provide significant value to the project team by making the final decision on specific controls.

Answer: B

 

NEW QUESTION 432
Which of the following should be the PRIMARY role of an internal audit function in the management of identified business risks?

  • A. Establishing a risk management framework
  • B. Operating the risk management framework
  • C. Validating enterprise risk management (ERM)
  • D. Establishing a risk appetite

Answer: A

 

NEW QUESTION 433
Which of the following is the BEST indicator that an application system's agreed-upon level of service has been met?

  • A. Bandwidth usage logs
  • B. Transaction response time
  • C. Security incident reports
  • D. CPU utilization reports

Answer: B

Explanation:
Section: Information System Operations, Maintenance and Support

 

NEW QUESTION 434
The operations team of an organization has reported an IS security attack. Which of the following should be the NEXT step for the security incident response team?

  • A. Report results to management.
  • B. Perform a damage assessment.
  • C. Document lessons learned.
  • D. Prioritize resources for corrective action.

Answer: D

Explanation:
Section: Information System Operations, Maintenance and Support

 

NEW QUESTION 435
Software is considered malware based on:

  • A. its particular features.
  • B. its location.
  • C. None of the choices.
  • D. its compatibility.
  • E. the intent of the creator.

Answer: E

Explanation:
Section: Protection of Information Assets
Explanation:
Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. Software is considered malware based on the intent of the creator rather than any particular features. It includes computer viruses, worms, trojan horses, spyware, adware, and other malicious and unwanted software.

 

NEW QUESTION 436
When reviewing a digital certificate verification process, which of the following findings represents the MOST significant risk?

  • A. There is no registration authority (RA) for reporting key compromises.
  • B. Subscribers report key compromises to the certificate authority (CA).
  • C. Digital certificates contain a public key that is used to encrypt messages and verify digital signatures.
  • D. The certificate revocation list (CRL) is not current.

Answer: D

Explanation:
Explanation/Reference:
Explanation:
If the certificate revocation list (CRL) is not current, there could be a digital certificate that is not revoked that could be used for unauthorized or fraudulent activities. The certificate authority (CA) can assume the responsibility if there is no registration authority (RA). Digital certificates containing a public key that is used to encrypt messages and verifying digital signatures is not a risk. Subscribers reporting key compromises to the CA is not a risk since reporting this to the CA enables the CA to take appropriate action.

 

NEW QUESTION 437
Which of the following types of testing would determine whether a new or modifies system can operate in its target environment without adversely impacting other existing systems?

  • A. Pilot testing
  • B. Interface/integration testing
  • C. Sociability testing
  • D. Parallel testing

Answer: C

Explanation:
Explanation/Reference:
Explanation:
The purpose of sociability testing is to confirm that a new or modified system can operate in its target environment without adversely impacting existing systems. This should cover the platform that will perform primary application processing and interfaces with other systems, as well as changes to the desktop in a client-server or web development. Parallel testing is the process of feeding data into two systems-the modified system and an alternate system- and comparing the results. In this approach, the old and new systems operate concurrently for a period of time and perform the same processing functions. Pilot testing takes place first at one location and is then extended to other locations. The purpose is to see if the new system operates satisfactorily in one place before implementing it at other locations. Interface/integration testing is a hardware or software test that evaluates the connection of two or more components that pass information from one area to another. The objective is to take unit-tested modules and build an integrated structure.

 

NEW QUESTION 438
Which of the following issues identified during a postmortem analysis of the IT security incident response process should be of GREATEST concern?

  • A. Incident response team members' contact details were not up to date.
  • B. The incident was caused by an attacker that exploited a zero-day vulnerability.
  • C. The incident response team did not initiate actions to limit the impact of the incident
  • D. The root cause of the incident was not properly identified and documented

Answer: C

 

NEW QUESTION 439
Which of the following would an IS auditor consider to be the MOST important to review when conducting a business continuity audit?

  • A. A hot site is contracted for and available as needed.
  • B. insurance coverage is adequate and premiums are current.
  • C. A business continuity manual is available and current.
  • D. Media backups are performed on a timely basis and stored offsite.

Answer: D

Explanation:
Without data to process, all other components of the recovery effort are in vain. Even in the absence of a plan, recovery efforts of any type would not be practical without data to process.

 

NEW QUESTION 440
As compared to understanding an organization's IT process from evidence directly collected, how valuable are prior audit reports as evidence?

  • A. Greater value.
  • B. Lesser value.
  • C. The same value.
  • D. Prior audit reports are not relevant.

Answer: B

Explanation:
Explanation/Reference:
Prior audit reports are considered of lesser value to an IS auditor attempting to gain an understanding of an organization's IT process than evidence directly collected.

 

NEW QUESTION 441
Which of the following is the GREATEST threat to Voice-over Internet Protocol (VoIP) related to privacy
release?

  • A. Eavesdropping
  • B. Denial of service
  • C. Call recording
  • D. Incorrect routing

Answer: A

Explanation:
Section: Information System Operations, Maintenance and Support

 

NEW QUESTION 442
Which of the following antivirus software implementation strategies would be the MOST effective in an interconnected corporate network?

  • A. Workstation antivirus software
  • B. Virus walls
  • C. Virus signature updating
  • D. Server antivirus software

Answer: B

Explanation:
An important means of controlling the spread of viruses is to detect the virus at the point of entry, before it has an opportunity to cause damage. In an interconnected corporate network, virus scanning software, used as an integral part of firewall technologies, is referred to as a virus wall. Virus walls scan incoming traffic with the intent of detecting and removing viruses before they enter the protected network. The presence of virus walls does not preclude the necessity for installing virus detection software on servers and workstations within the network, but network-level protection is most effective the earlier the virus is detected. Virus signature updating is a must in all circumstances, networked or not.

 

NEW QUESTION 443
Data edits are implemented before processing and are considered which of the following?

  • A. Corrective integrity controls
  • B. Detective integrity controls
  • C. Deterrent integrity controls
  • D. Preventative integrity controls

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Data edits are implemented before processing and are considered preventive integrity controls.

 

NEW QUESTION 444
A hard disk containing confidential data was damaged beyond repair. What should be done to the hard disk
to prevent access to the data residing on it?

  • A. Rewrite the hard disk with random Os and Is.
  • B. Physically destroy the hard disk.
  • C. Low-level format the hard disk.
  • D. Demagnetize the hard disk.

Answer: B

Explanation:
Section: Protection of Information Assets
Explanation:
Physically destroying the hard disk is the most economical and practical way to ensure that the data cannot
be recovered. Rewriting data and low-level formatting are impractical, because the hard disk is damaged.
Demagnetizing is an inefficient procedure, because it requires specialized and expensive equipment to be
fully effective.

 

NEW QUESTION 445
Which of the following audit procedures would be MOST conclusive in evaluating the effectiveness of an e-commerce application system's edit routine?

  • A. Interviews with knowledgeable users
  • B. Review of source code
  • C. Use of test transactions
  • D. Review of program documentation

Answer: B

 

NEW QUESTION 446
Following an unauthorized disclosure of data, an organization needs to implement data loss prevention (DLP) measures The IS auditor's BEST recommendation should be to:

  • A. install DLP software on corporate servers to prevent recurrence
  • B. monitor and block outgoing emails based on common DLP criteria,
  • C. restrict removable media access on all computer systems
  • D. establish a risk and control framework.

Answer: D

 

NEW QUESTION 447
.If an IS auditor finds evidence of risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function, what is the auditor's primary responsibility?

  • A. Segregation of duties is an administrative control not considered by an IS auditor.
  • B. To reassign job functions to eliminate potential fraud.
  • C. To advise senior management.
  • D. To implement compensator controls.

Answer: C

Explanation:
An IS auditor's primary responsibility is to advise senior management of the risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function.

 

NEW QUESTION 448
To ensure an organization is complying with privacy requirements, an IS auditor should FIRST review:

  • A. the IT infrastructure.
  • B. the adherence to organizational policies, standards and procedures.
  • C. legal and regulatory requirements.
  • D. organizational policies, standards and procedures.

Answer: C

Explanation:
To ensure that the organization is complying with privacy issues, an IS auditor should address legal and regulatory requirements first. To comply with legal and regulatory requirements, organizations need to adopt the appropriate infrastructure. After understanding the legal and regulatory requirements, an IS auditor should evaluate organizational policies, standards and procedures to determine whether they adequately address the privacy requirements, and then review the adherence to these specific policies, standards and procedures.

 

NEW QUESTION 449
During the review of an organization's software development process, which of the following would be the IS auditor's GREATEST concern related to software security coding testing?

  • A. The developers are not qualified to conduct security and performance testing
  • B. Developers did not document the initial vulnerabilities
  • C. Only newly developer applications are submitted tor code reviews
  • D. A security validation framework is not used In the development process

Answer: D

 

NEW QUESTION 450
An organization is using symmetric encryption. Which of the following would be a valid reason for moving to asymmetric encryption? Symmetric encryption:

  • A. is faster than asymmetric encryption.
  • B. can cause key management to be difficult.
  • C. provides authenticity.
  • D. requires a relatively simple algorithm.

Answer: B

Explanation:
In a symmetric algorithm, each pair of users needs a unique pair of keys, so the number of keys grows and key management can become overwhelming. Symmetric algorithms do not provide authenticity, and symmetric encryption is faster than asymmetric encryption. Symmetric algorithms require mathematical calculations, but they are not as complex as asymmetric algorithms.

 

NEW QUESTION 451
What type of BCP test uses actual resources to simulate a system crash and validate the plan's effectiveness?

  • A. Parallel
  • B. Paper
  • C. Preparedness
  • D. Walk-through

Answer: C

Explanation:
Of the three major types of BCP tests (paper, walk-through, and preparedness),
only the preparedness test uses actual resources to simulate a system crash and validate the
plan's effectiveness.

 

NEW QUESTION 452
An IS auditor discovers that developers have operator access to the command line of a production
environment operating system. Which of the following controls would BEST mitigate the risk of undetected
and unauthorized program changes to the production environment?

  • A. Access to the operating system command line is granted through an access restriction tool with
    preapproved rights
  • B. Software development tools and compilers have been removed from the production environment
  • C. Commands typed on the command line are logged
  • D. Hash keys are calculated periodically for programs and matched against hash keys calculated for the
    most recent authorized versions of the programs

Answer: D

Explanation:
Section: Protection of Information Assets
Explanation:
The matching of hash keys over time would allow detection of changes to files. Choice A is incorrect
because having a log is not a control, reviewing the log is a control. Choice C is incorrect because the
access was already granted-it does not matter how. Choice D is wrong because files can be copied to and
from the production environment.

 

NEW QUESTION 453
When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected on the network?

  • A. Use the IP address of an existing file server or domain controller.
  • B. Pause the scanning every few minutes to allow thresholds to reset.
  • C. Conduct the scans during evening hours when no one is logged-in.
  • D. Use multiple scanning tools since each tool has different characteristics.

Answer: B

Explanation:
Pausing the scanning every few minutes avoids overtaxing the network as well as exceeding thresholds that may trigger alert messages to the network administrator. Using the IP address of a server would result in an address contention that would attract attention. Conducting scans after hours would increase the chance of detection, since there would be less traffic to conceal ones activities. Using different tools could increase the likelihood that one of them would be detected by an intrusion detection system.

 

NEW QUESTION 454
......

Trend for CISA pdf dumps before actual exam: https://www.testkingpass.com/CISA-testking-dumps.html

Real Exam Questions & Answers - ISACA CISA Dump is Ready: https://drive.google.com/open?id=1D4moFWEP75qbamHftRYJhl0iJMHdB_C0