Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 102

  1. An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?

    • Access control requirements
    • Hardware configurations
    • Perimeter network security diagram
    • Help desk availability
  2. An organization is currently replacing its accounting system. Which of the following strategies will BEST minimize risk associated with the loss of data integrity from the upgrade?

    • Pilot implementation
    • Functional integration testing
    • Fallback contingency
    • Parallel implementation
  3. Which of the following would be the BEST performance indicator for the effectiveness of an incident management program?

    • Incident alert meantime
    • Average time between incidents
    • Number of incidents reported
    • Incident resolution meantime
  4. An IS auditor is reviewing the performance outcomes of controls in an agile development project. Which of the following would provide the MOST relevant evidence for the auditor to consider?

    • Progress report of outstanding work
    • Product backlog
    • Number of failed builds
    • Composition of the scrum team
  5. An IS auditor performing an audit of backup procedures observes that backup tapes are picked up weekly and stored offsite at a third-party hosting facility. Which of the following recommendations would be the BEST way to protect the data on the backup tapes?

    • Ensure that data is encrypted before leaving the facility.
    • Ensure that the transport company obtains signatures for all shipments.
    • Confirm that data is transported in locked tamper-evident containers.
    • Confirm that data transfers are logged and recorded.
  6. During an audit of a financial application, it was determined that many terminated users’ accounts were not disabled. Which of the following should be the IS auditor’s NEXT step?

    • Perform a review of terminated users’ account activity.
    • Conclude that IT general controls are ineffective.
    • Communicate risks to the application owner.
    • Perform substantive testing of terminated users’ access rights.
  7. An IS auditor finds the log management system is overwhelmed with false positive alerts. The auditor’s BEST recommendation would be to:

    • recruit more monitoring personnel.
    • fine tune the intrusion detection system (IDS).
    • reduce the firewall rules.
    • establish criteria for reviewing alerts.
  8. Which of the following is the BEST reason for an organization to develop a business continuity plan?

    • To develop a detailed description of information systems and processes
    • To identify the users of information systems and processes
    • To avoid the costs resulting from the failure of key systems and processes
    • To establish business unit prioritization of systems, projects, and strategies



  9. One advantage of managing an entire collection of projects as a portfolio is that it highlights the need to:

    • identify dependencies between projects.
    • inform users about all ongoing projects.
    • manage the risk of each individual project.
    • manage the quality of each project.
  10. Which of the following should be the MOST important consideration when determining which information system application to audit?

    • Cost-benefit analysis
    • Available resources
    • Business impact analysis
    • Newly implemented systems
  11. In an organization that has a staff-rotation policy, the MOST appropriate access control model is:

    • role-based.
    • discretionary.
    • mandatory.
    • lattice-based.
  12. Which of the following should be an IS auditor’s BEST recommendation to prevent installation of unlicensed software on employees’ company-provided devices?

    • Enforce audit logging of software installation activities.
    • Restrict software installation authority to administrative users only.
    • Implement software blacklisting.
    • Remove unlicensed software from end-user devices.
  13. Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization’s data loss prevention (DLP) controls?

    • Verify that confidential files cannot be transmitted to a personal USB device.
    • Conduct interviews to identify possible data protection vulnerabilities.
    • Review data classification levels based on industry best practice.
    • Verify that current DLP software is installed on all computer systems.
  14. When protecting the confidentiality of information assets, the MOST effective control practice is the:

    • awareness training of personnel on regulatory requirements.
    • enforcement of a need-to-know access control philosophy.
    • utilization of a dual-factor authentication mechanism.
    • configuration of read-only access to all users.
  15. Which of the following is the MOST effective method of destroying sensitive data stored on electronic media?

    • Physical destruction
    • Degaussing
    • Random character overwrite
    • Low-level formatting
  16. Email required for business purposes is being stored on employees’ personal devices. Which of the following is an IS auditor’s BEST recommendation?

    • Implement an email containerization solution on personal devices
    • Prohibit employees from storing company email on personal devices.
    • Ensure antivirus to utilize passwords on personal devices.
    • Require employees to utilize passwords on personal devices.
  17. When designing metrics for information security, the MOST important consideration is that the metrics:

    • provide actionable data.
    • apply to all business units.
    • are easy to understand.
    • track trends over time.
  18. Which of the following IS functions can be performed by the same group or individual while still providing the proper segregation of duties?

    • Computer operations and application programming
    • Database administration and computer operations
    • Security administration and application programming
    • Application programming and systems analysis
  19. In a high-volume, real-time system, the MOST effective technique by which to continuously monitor and analyze transaction processing is:

    • integrated test facility (ITF).
    • embedded audit modules.
    • parallel simulation.
    • transaction tagging.
  20. An organization wants to reuse company-provided smartphones collected from staff leaving the organization. Which of the following would be the BEST recommendation?

    • The memory cards of the smartphones should be replaced.
    • Smartphones should not be reused, but physically destroyed.
    • Data should be securely deleted from the smartphones.
    • The SIM card and telephone number should be changed.