CISA TEST QUESTIONS AND
ANSWERS
Which of the following would BEST ensure continuity of a wide area network (WAN)
across the organization? - Answer- Built-in alternative routing
An IS auditor is reviewing the physical security controls of a data center and notices
several areas for concern. Which of the following areas is the MOST important? -
Answer- The emergency exit door is blocked
Which of the following choices BEST helps information owners to properly classify
data? - Answer- Training on organizational policies and standards
A PRIMARY benefit derived for an organization employing control self-assessment
techniques is that it: - Answer- Can identify high-risk areas that might need a detailed
review later.
An IS auditor who has discovered unauthorized transactions during a review of
electronic data interchange (EDI) transactions is likely to recommend improving the: -
Answer- Authentication techniques for sending and receiving messages
A company has recently upgraded its system to incorporate electronic data interchange
(EDI) transmissions. Which of the following controls should be implemented in the EDI
interface to provide efficient data mapping? - Answer- Functional acknowledgments
When evaluating the collective effect of preventative and corrective controls within a
process, an IS auditor should be aware of which of the following? - Answer- The point at
which controls are exercised as data flow through the system
An external IS auditor issues an audit report pointing out the lack of firewall protection
features at the perimeter network gateway and recommends a specific vendor product
to address this vulnerability. The IS auditor has failed to exercise: - Answer-
Professional independence
While planning an IS audit, and assessment of risk should be made to provide: -
Answer- Reasonable assurance that the audit will cover material items
The success of control self-assessment depends highly on: - Answer- line managers
assuming a portion of the responsibility for control monitoring.
ANSWERS
Which of the following would BEST ensure continuity of a wide area network (WAN)
across the organization? - Answer- Built-in alternative routing
An IS auditor is reviewing the physical security controls of a data center and notices
several areas for concern. Which of the following areas is the MOST important? -
Answer- The emergency exit door is blocked
Which of the following choices BEST helps information owners to properly classify
data? - Answer- Training on organizational policies and standards
A PRIMARY benefit derived for an organization employing control self-assessment
techniques is that it: - Answer- Can identify high-risk areas that might need a detailed
review later.
An IS auditor who has discovered unauthorized transactions during a review of
electronic data interchange (EDI) transactions is likely to recommend improving the: -
Answer- Authentication techniques for sending and receiving messages
A company has recently upgraded its system to incorporate electronic data interchange
(EDI) transmissions. Which of the following controls should be implemented in the EDI
interface to provide efficient data mapping? - Answer- Functional acknowledgments
When evaluating the collective effect of preventative and corrective controls within a
process, an IS auditor should be aware of which of the following? - Answer- The point at
which controls are exercised as data flow through the system
An external IS auditor issues an audit report pointing out the lack of firewall protection
features at the perimeter network gateway and recommends a specific vendor product
to address this vulnerability. The IS auditor has failed to exercise: - Answer-
Professional independence
While planning an IS audit, and assessment of risk should be made to provide: -
Answer- Reasonable assurance that the audit will cover material items
The success of control self-assessment depends highly on: - Answer- line managers
assuming a portion of the responsibility for control monitoring.
