Last Updated on December 13, 2021 by Admin 3

CISA : Certified Information Systems Auditor : Part 116

  1. A database administrator is responsible for:

    • defining data ownership.
    • establishing operational standards for the data dictionary.
    • creating the logical and physical database.
    • establishing ground rules for ensuring data integrity and security.

    Explanation: 
    A database administrator is responsible for creating and controlling the logical and physical database. Defining data ownership resides with the head of the user department or top management if the data is common to the organization. IS management and the data administrator are responsible for establishing operational standards for the data dictionary. Establishing ground rules for ensuring data integrity and security in line with the corporate security policy is a function of the security administrator.

  2. An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include:

    • defining the conceptual schema.
    • defining security and integrity checks.
    • liaising with users in developing data model.
    • mapping data model with the internal schema.
    Explanation: 
    A DBA only in rare instances should be mapping data elements from the data model to the internal schema (physical data storage definitions). To do so would eliminate data independence for application systems. Mapping of the data model occurs with the conceptual schema since the conceptual schema represents the enterprise wide view of data within an organization and is the basis for deriving and end-user department data model.
  3. To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against:

    • the entire message and thereafter enciphering the message digest using the sender’s private key.
    • any arbitrary part of the message and thereafter enciphering the message digest using the sender’s private key.
    • the entire message and thereafter enciphering the message using the sender’s private key.
    • the entire message and thereafter enciphering the message along with the message digest using the sender’s private key.
    Explanation: 
    A digital signature is a cryptographic method that ensures data integrity, authentication of the message, and non-repudiation. To ensure these, the sender first creates a message digest by applying a cryptographic hashing algorithm against the entire message and thereafter enciphers the message digest using the sender’s private key. A message digest is created by applying a cryptographic hashing algorithm against the entire message not on any arbitrary part of the message. After creating the message digest, only the message digest is enciphered using the sender’s private key, not the message.
  4. A sequence of bits appended to a digital document that is used to secure an e-mail sent through the Internet is called a:

    • digest signature.
    • electronic signature.
    • digital signature.
    • hash signature.
    Explanation: 
    A digital signature through the private cryptographic key authenticates a transmission from a sender through the private cryptographic key. It is a string of bits that uniquely represent another string of bits, a digital document. An electronic signature refers to the string of bits that digitally represents a handwritten signature captured by a computer system when a human applies it on an electronic pen pad, connected to the system.
  5. A critical function of a firewall is to act as a:

    • special router that connects the Internet to a LAN.
    • device for preventing authorized users from accessing the LAN.
    • server used to connect authorized users to private trusted network resources.
    • proxy server to increase the speed of access to authorized users.
    Explanation: 
    A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users of other networks. An enterprise with an intranet that allows its workers access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data resources and for controlling the outside resources to which its own users have access. Basically, a firewall, working closely with a router program, filters all network packets to determine whether or not to forward them toward their destination. A firewall includes or works with a proxy server that makes network requests on behalf of workstation users. A firewall is often installed in a specially designated computer separate from the rest of the network so no incoming request can get directed to private network resources.
  6. Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks?

    • Spool
    • Cluster controller
    • Protocol converter
    • Front end processor
    Explanation: 
    A front-end processor is a hardware device that connects all communication lines to a central computer to relieve the central computer.
  7. The use of a GANTT chart can:

    • aid in scheduling project tasks.
    • determine project checkpoints.
    • ensure documentation standards.
    • direct the post-implementation review.
    Explanation: 
    A GANTT chart is used in project control. It may aid in the identification of needed checkpoints but its primary use is in scheduling. It will not ensure the completion of documentation nor will it provide direction for the post-implementation review.
  8. Which of the following translates e-mail formats from one network to another so that the message can travel through all the networks?

    • Gateway
    • Protocol converter
    • Front-end communication processor
    • Concentrator/multiplexor
    Explanation: 
    A gateway performs the job of translating e-mail formats from one network to another so messages can make their way through all the networks.
  9. Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation?

    • Specific developments only
    • Business requirements only
    • All phases of the installation must be documented
    • No need to develop a customer specific documentation
    Explanation: 
    A global enterprise product reengineering (EPR) software package can be applied to a business to replace, simplify and improve the quality of IS processing. Documentation is intended to help understand how, why and which solutions that have been selected and implemented, and therefore must be specific to the project. Documentation is also intended to support quality assurance and must be comprehensive.
  10. A hub is a device that connects:

    • two LANs using different protocols.
    • a LAN with a WAN.
    • a LAN with a metropolitan area network (MAN).
    • two segments of a single LAN.
    Explanation: 
    A hub is a device that connects two segments of a single LAN. A hub is a repeater. It provides transparent connectivity to users on all segments of the same LAN. It is a level 1 device.
  11. A LAN administrator normally would be restricted from:

    • having end-user responsibilities.
    • reporting to the end-user manager.
    • having programming responsibilities.
    • being responsible for LAN security administration.
    Explanation: 
    A LAN administrator should not have programming responsibilities but may have end- user responsibilities. The LAN administrator may report to the director of the IPF or, in a decentralized operation, to the end-user manager. In small organizations, the LAN administrator also may be responsible for security administration over the LAN.
  12. Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them?

    • A neural network
    • Database management software
    • Management information systems
    • Computer assisted audit techniques
    Explanation:
    A neural network will monitor and learn patterns, reporting exceptions for investigation.
  13. A hardware control that helps to detect errors when data are communicated from one computer to another is known as a:

    • duplicate check.
    • table lookup.
    • validity check.
    • parity check.
    Explanation: 
    A parity check will help to detect data errors when data are read from memory or communicated from one computer to another. A one-bit digit (either 0 or 1) is added to a data item to indicate whether the sum of that data item’s bit is odd or even. When the parity bit disagrees with the sum of the other bits, an error report is generated.
  14. For which of the following applications would rapid recovery be MOST crucial?

    • Point-of-sale system
    • Corporate planning
    • Regulatory reporting
    • Departmental chargeback
    Explanation: 
    A point-of-sale system is a critical online system that when inoperable will jeopardize the ability of Company.com to generate revenue and track inventory properly.
  15. The initial step in establishing an information security program is the:

    • development and implementation of an information security standards manual.
    • performance of a comprehensive security control review by the IS auditor.
    • adoption of a corporate information security policy statement.
    • purchase of security access control software.
    Explanation: 
    A policy statement reflects the intent and support provided by executive management for proper security and establishes a starting point for developing the security program.
  16. A malicious code that changes itself with each file it infects is called a:

    • logic bomb.
    • stealth virus.
    • trojan horse.
    • polymorphic virus.
    Explanation: 
    A polymorphic virus has the capability of changing its own code, enabling it to have many different variants. Since they have no consistent binary pattern, such viruses are hard to identify.
  17. Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan’s effectiveness?

    • Paper test
    • Post test
    • Preparedness test
    • Walk-through
    Explanation: 
    A preparedness test is a localized version of a full test, wherein resources are expended in the simulation of a system crash. This test is performed regularly on different aspects of the plan and can be a cost-effective way to gradually obtain evidence about the plan’s effectiveness. It also provides a means to improve the plan in increments. A paper test is a walkthrough of the plan, involving major players, who attempt to determine what might happen in a particular type of service disruption in the plan’s execution. A paper test usually precedes the preparedness test. A post-test is actually a test phase and is comprised of a group of activities, such as returning all resources to their proper place, disconnecting equipment, returning personnel and deleting all company data from third- party systems. A walkthrough is a test involving a simulated disaster situation that tests the preparedness and understanding of management and staff, rather than the actual resources.
  18. An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST cost-effective test of the DRP?

    • Full operational test
    • Preparedness test
    • Paper test
    • Regression test
    Explanation: 
    A preparedness test is performed by each local office/area to test the adequacy of the preparedness of local operations for the disaster recovery. A paper test is a structured walk- through of the disaster recovery plan and should be conducted before a preparedness test. A full operational test is conducted after the paper and preparedness test. A regression test is not a disaster recovery planning (DRP) test and is used in software maintenance.
  19. The IS auditor learns that when equipment was brought into the data center by a vendor, the emergency power shutoff switch was accidentally pressed and the UPS was engaged. Which of the following audit recommendations should the IS auditor suggest?

    • Relocate the shut off switch.
    • Install protective covers.
    • Escort visitors.
    • Log environmental failures.
    Explanation: 
    A protective cover over the switch would allow it to be accessible and visible, but would prevent accidental activation.
  20. Company.com has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern?

    • Acceptance testing is to be managed by users.
    • A quality plan is not part of the contracted deliverables.
    • Not all business functions will be available on initial implementation.
    • Prototyping is being used to confirm that the system meets business requirements.
    Explanation: 
    A quality plan is an essential element of all projects. It is critical that the contracted supplier be required to produce such a plan. The quality plan for the proposed development contract should be comprehensive and encompass all phases of the development and include which business functions will be included and when. Acceptance is normally managed by the user area, since they must be satisfied that the new system will meet their requirements. If the system is large, a phased-in approach to implementing the application is a reasonable approach. Prototyping is a valid method of ensuring that the system will meet business requirements.