Enjoy 15% Discount With Coupon 15off

ISACA CISA Certified Information Systems Auditor Online Training

ISACA CISA Certified Information Systems Auditor Online Training

ISACA CISA Online Training

The questions for CISA were last updated at Apr 24,2024.
  • Exam Code: CISA
  • Exam Name: Certified Information Systems Auditor
  • Certification Provider: ISACA
  • Latest update: Apr 24,2024
Question #1

An IS auditor is examining a front-end subledger and a main ledger.

Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?

  • A . Double-posting of a single journal entry
  • B . Inability to support new business transactions
  • C . Unauthorized alteration of account attributes
  • D . Inaccuracy of financial reporting

Reveal Solution Hide Solution

Question #2

What is MOST important to verify during an external assessment of network vulnerability?

  • A . Update of security information event management (SIEM) rules
  • B . Regular review of the network security policy
  • C . Completeness of network asset inventory
  • D . Location of intrusion detection systems (IDS)

Reveal Solution Hide Solution

Question #3

Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?

  • A . Assurance that the new system meets functional requirements
  • B . More time for users to complete training for the new system
  • C . Significant cost savings over other system implemental or approaches
  • D . Assurance that the new system meets performance requirements

Reveal Solution Hide Solution

Question #4

A system development project is experiencing delays due to ongoing staff shortages.

Which of the following strategies would provide the GREATEST assurance of system quality at implementation?

  • A . Implement overtime pay and bonuses for all development staff.
  • B . Utilize new system development tools to improve productivity.
  • C . Recruit IS staff to expedite system development.
  • D . Deliver only the core functionality on the initial target date.

Reveal Solution Hide Solution

Question #5

Which of the following is MOST important to ensure when developing an effective security awareness program?

  • A . Training personnel are information security professionals.
  • B . Phishing exercises are conducted post-training.
  • C . Security threat scenarios are included in the program content.
  • D . Outcome metrics for the program are established.

Reveal Solution Hide Solution

Question #6

An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization’s website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur.

Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?

  • A . Assign responsibility for improving data quality.
  • B . Invest in additional employee training for data entry.
  • C . Outsource data cleansing activities to reliable third parties.
  • D . Implement business rules to validate employee data entry.

Reveal Solution Hide Solution

Question #7

Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?

  • A . Periodic vendor reviews
  • B . Dual control
  • C . Independent reconciliation
  • D . Re-keying of monetary amounts
  • E . Engage an external security incident response expert for incident handling.

Reveal Solution Hide Solution

Question #8

Which of the following demonstrates the use of data analytics for a loan origination process?

  • A . Evaluating whether loan records are included in the batch file and are validated by the servicing system
  • B . Comparing a population of loans input in the origination system to loans booked on the servicing system
  • C . Validating whether reconciliations between the two systems are performed and discrepancies are investigated
  • D . Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure

Reveal Solution Hide Solution

Question #9

During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective.

Which of the following is the auditor’s BEST action?

  • A . Explain to IT management that the new control will be evaluated during follow-up
  • B . Re-perform the audit before changing the conclusion.
  • C . Change the conclusion based on evidence provided by IT management.
  • D . Add comments about the action taken by IT management in the report.

Reveal Solution Hide Solution

Question #10

Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?

  • A . Background checks
  • B . User awareness training
  • C . Transaction log review
  • D . Mandatory holidays

Reveal Solution Hide Solution

Next Questions
Latest CISA Dumps Valid Version with 2694 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISA PDF
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Related Posts

12Oct

ISACA COBIT 5 COBIT® 5 Foundation Online Training

Question #1 Which principle is key for the governance and management of enterprise IT? A . Managing IT OperationsB . Insure Resource... read more

04Oct

ISACA CISM Certified Information Security Manager Online Training

Question #1 Which of the following MOST effectively prevents internal users from modifying sensitive data? A . Network segmentationB . Role-based access... read more

28Oct

ISACA CRISC Certified in Risk and Information Systems Control Online Training

Question #1 The PRIMARY objective for selecting risk response options is to: A . reduce risk 10 an acceptable level.B . identify... read more

16Oct

ISACA CGEIT ISACA CGEIT Certification Practice Test Online Training

Question #1 Which of the following should be done FIRST when defining responsibilities for ownership of information and systems? A . Require... read more

23Oct

ISACA CDPSE Certified Data Privacy Solutions Engineer Online Training

Question #1 Which of the following should be the FIRST consideration when selecting a data sanitization method? A . Risk toleranceB .... read more

22Apr

ISACA Cybersecurity Audit Certificate ISACA Cybersecurity Audit Certificate Exam Online Training

Question #1 The second line of defense in cybersecurity includes: A . conducting organization-wide control self-assessments.B . risk management monitoring, and measurement... read more

24Oct

ISACA CCAK Certificate of Cloud Auditing Knowledge Online Training

Question #1 Which of the following controls framework should the cloud customer use to assess the overall security risk of a... read more

05Oct

ISACA COBIT 2019 COBIT 2019 Foundation Online Training

Question #1 Who is responsible for the oversight of structures and mechanisms that drive enterprise governance of information and technology (EGIT)? A... read more