Topic 1: Exam Pool A
An IS auditor is using data analytics in an audit and has obtained the data to be used for testing. Which of the following is the MOST important task before testing begins?
A.
Verify data analytics test scripts
B.
Select the analytical sampling model
C.
Document the source and method used to obtain the data
D.
Verify the completeness and accuracy of the data
Document the source and method used to obtain the data
An IT governance body wants to determine whether IT service delivery is based on consistently efficient and effective processes. Which of the following would be the BEST approach?
A.
Evaluate key performance indicators (KPis).
B.
Conduct a gap analysis.
C.
Analyze current and future capacity.
D.
Implement a balanced scorecard
Evaluate key performance indicators (KPis).
Which of the following is the GREATEST concern associated with migrating computing resources to a cloud virtualized environment?
A.
An increase in inherent vulnerability
B.
An increase in residual risk
C.
An increase in the potential for data leakage
D.
An increase in the number of e-discovery requests
An increase in the potential for data leakage
Which of the following is the MOST important requirement for an IS auditor to evaluate when reviewing a transmission of personally identifiable information between two organizations?
A.
Timeliness
B.
Completeness
C.
Accuracy
D.
Necessity
Necessity
Which of the following is MOST helpful in preventing a systems failure from occurring when an application is replaced using the abrupt changeover technique?
A.
Comprehensive testing
B.
Comprehensive documentation
C.
Threat and risk assessment
D.
Change management
Change management
A security company and service provider have merged and the CEO has requested one comprehensive set of security policies be developed for the newly formed company. The IS auditor s BEST recommendation would be to:
A.
implement the service provider's policies
B.
implement the security company s policies,
C.
adopt an industry standard security policy
D.
conduct a policy gap assessment
conduct a policy gap assessment
During a review of information security procedures for disabling user accounts, an IS auditor discovers that IT is only disabling network access for terminated employees IT management maintains if terminated users cannot access the network, they will not be able to access any applications Which of the following is the GREATEST risk associated with
application access?
A.
Loss of non-repudiation
B.
Lack of segregation of duties
C.
Inability to access data
D.
Unauthorized access to data
Unauthorized access to data
Which of the following provides the BEST evidence of the effectiveness of an organization s audit quality management procedures?
A.
Quality of independent review scores
B.
Number of resources dedicated to quality control procedures
C.
Quality of auditor performance reviews
D.
Number of audits completed within the annual audit plan
Quality of independent review scores
Which of the following controls will MOST effectively detect inconsistent records resulting from the lack of referential integrity in a database management system?
A.
Concurrent access controls
B.
Incremental data backups
C.
Performance monitoring tools
D.
Periodic table link checks
Periodic table link checks
An intruder accesses an application server and makes changes to the system log. Which of the following would enable the identification of the changes?
A.
Mirroring the system log on another server
B.
Simultaneously duplicating the system log on a write-once disk
C.
Write-protecting the directory containing the system log
D.
Storing the backup of the system log offsite
Write-protecting the directory containing the system log
An IS auditor finds that a company is using a payroll provider hosted in a foreign country Of the following the MOST important audit consideration is whether the provider s operations;
A.
meet industry best practice and standards
B.
comply with applicable laws and regulations
C.
are shared with other companies using the provider
D.
are aligned with the company’s culture
comply with applicable laws and regulations
Which of the following would BEST enable an IS auditor to perform an audit that requires testing the full population of data?
A.
Expertise in statistical sampling of data
B.
Proficiency in the use of data analytics tools
C.
Experience in database administration
D.
Proficiency in programming and coding
Proficiency in the use of data analytics tools
| Page 8 out of 85 Pages |
| 1234567891011121314151617181920212223242526 |
| CISA Practice Test Home |
Real-World Scenario Mastery: Our CISA practice exam don't just test definitions. They present you with the same complex, scenario-based problems you'll encounter on the actual exam.
Strategic Weakness Identification: Each practice session reveals exactly where you stand. Discover which domains need more attention, before exam day arrives.
Confidence Through Familiarity: There's no substitute for knowing what to expect. When you've worked through our comprehensive CISA practice exam questions pool covering all topics, the real exam feels like just another practice session.
Copyright © All Rights Reserved