Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 109

  1. Determining the risk for a particular threat/vulnerability pair before controls are applied can be expressed as:

    • the likelihood of a given threat attempting to exploit a vulnerability
    • a function of the cost and effectiveness of controls over a vulnerability
    • the magnitude of the impact should a threat exploit a vulnerability
    • a function of the likelihood and impact, should a threat exploit a vulnerability
  2. Which of the following methods of providing telecommunications continuity involves the use of an alternative media?

    • Alternative routing
    • Diverse routing
    • Long haul network diversity
    • Last mile circuit protection


    Alternative routing is a method of routing information via an alternate medium such as copper cable or fiber optics. This involves use of different networks, circuits or end points should the normal network be unavailable. Diverse routing routes traffic through split cable facilities or duplicate cable facilities. This can be accomplished with different and/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit and therefore subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities by having alternate routes, although the entrance to and from the customer premises may be in the same conduit. The subscriber can obtain diverse routing and alternate routing from the local carrier, including dual entrance facilities. This type of access is time-consuming and costly. Long haul network diversity is a diverse long-distance network utilizing T1 circuits among the major long-distance carriers. It ensures long-distance access should any one carrier experience a network failure. Last mile circuit protection is a redundant combination of local carrier T1s microwave and/or coaxial cable access to the local communications loop. This enables the facility to have access during a local carrier communication disaster. Alternate local carrier routing is also utilized.
    Reference: Information Systems Audit and Control Association, Certified Information Systems Auditor 2002 review manual, chapter 5: Disaster Recovery and Business Continuity (page 259).

  3. Which of the following should be the FIRST step to help ensure the necessary regulatory requirements are addressed in an organization’s cross-border data protection policy?

    • Conduct a risk assessment
    • Perform a gap analysis
    • Conduct stakeholder interviews
    • Perform a business impact analysis (BIA)
  4. To protect information assets, which of the following should be done FIRST?

    • Restrict access to data
    • Encrypt data
    • Classify data
    • Back up data
  5. Which of the following should an IS auditor recommend be done FIRST upon learning that new data protection legislation may affect the organization?

    • Implement data protection best practices
    • Implement a new security baseline for achieving compliance
    • Restrict system access for noncompliant business processes
    • Perform a gap analysis of data protection practices
  6. Data confidentiality is a requirement for an organization’s new web service. Which of the following would provide the BEST protection?

    • Telnet
    • Secure Sockets Layer (SSL)
    • Transport Layer Security (TLS)
    • Secure File Transfer Protocol (SFTP)
  7. Which of the following methods would BEST help detect unauthorized disclosure of confidential documents sent over corporate email?

    • Installing firewalls on the corporate network
    • Requiring all users to encrypt documents before sending
    • Monitoring all emails based on pre-defined criteria
    • Reporting all outgoing emails that are marked as confidential
  8. An employee has accidentally posted confidential data to the company’s social media page. Which of the following is the BEST control to prevent this from recurring?

    • Require all updates to be made by the marketing director
    • Implement a moderator approval process
    • Perform periodic audits of social media updates
    • Establish two-factor access control for social media accounts
  9. Which of the following is the BEST method to prevent wire transfer fraud by bank employees?

    • Re-keying of wire dollar amounts
    • Independent reconciliation
    • Two-factor authentication control
    • System-enforced dual control
  10. The BEST way to assure an organization’s board of directors that IT strategies support business objectives is to:

    • provide regular assessments of emerging technologies
    • identify and report on the achievement of critical success factors (CSFs)
    • confirm that IT strategies have been fully documented and disseminated
    • ensure that senior business managers review IT budgets
  11. Which of the following is the BEST preventative control to protect the confidentiality of data on a corporate smartphone in the event it is lost?

    • Encryption of the data stored on the device
    • Biometric authentication for the device
    • Password for device authentication
    • Remote data wipe program
  12. The FIRST step in establishing a firewall security policy is to determine the:

    • necessary logical access rights.
    • expected data throughput.
    • business requirements.
    • existing firewall configuration.
  13. Which of the following is the MOST effective way to reduce risk to an organization from widespread use of web-based communication technologies?

    • Publish an enterprise-wide policy outlining acceptance use of web-based communication technologies.
    • Incorporate risk awareness training for web-based communications into the IT security program.
    • Monitor staff usage of web-based communication and notify the IT security department of violations.
    • Block access from user devices to unauthorized pages that allow web-based communication.
  14. Which of the following will enable a customer to authenticate an online Internet vendor?

    • Vendor signs a reply using a hash function and the customer’s public key.
    • Customer encrypts an order using the vendor’s public key.
    • Customer verifies the vendor’s certificate with a certificate authority (CA).
    • Vendor decrypts incoming orders using its own private key.
  15. Which of the following is MOST likely to enable a hacker to successfully penetrate a system?

    • Lack of virus protection
    • Unpatched software
    • Decentralized dialup access
    • Lack of DoS protection
  16. An IS auditor is reviewing security controls related to collaboration tools for a business unit responsible for intellectual property and patents. Which of the following observations should be of MOST concern to the auditor?

    • Training was not provided to the department that handles intellectual property and patents.
    • Logging and monitoring for content filtering is not enabled.
    • The collaboration tool is hosted and can only be accessed via an Internet browser.
    • Employees can share files with users outside the company through collaboration tools.
  17. A stockbroker accepts orders over the Internet. Which of the following is the MOST appropriate control to ensure confidentiality of the orders?

    • Virtual private network (VPN)
    • Public key encryption
    • Data Encryption Standard (DES)
    • Digital signature
  18. Which of the following is MOST likely to be prevented by a firewall connected to the Internet?

    • Dial-in penetration attacks
    • Disclosure of public key infrastructure (PKI) keys
    • Alteration of email message content
    • External spoofing of internal addresses
  19. To confirm integrity for a hashed message, the receiver should use:

    • a different hashing algorithm from the sender’s to create a numerical representation of the file.
    • a different hashing algorithm from the sender’s to create a binary image of the file.
    • the same hashing algorithm as the sender’s to create a binary image of the file.
    • the same hashing algorithm as the sender’s to create a numerical representation of the file.
  20. The use of the Transport Layer Security (TLS) protocol enables the client in a network to be:

    • provided with a digital certificate.
    • identified by a password.
    • registered by the server.
    • assured of the server’s identity.