ISACA CISA practice exam questions
and correct answers
An abnormal end to a computer job; termination of a task prior to its completion because of an
error condition that cannot be resolved by recovery facilities while the task is executing - correct
answer ✔✔ Abend
A policy that establishes an agreement between users and the enterprise and defines for all
parties' the ranges of use that are approved before gaining access to a network or the Internet. -
correct answer ✔✔ Acceptable Use Policy
The processes, rules and deployment mechanisms that control access to information systems,
resources and physical access to premises - correct answer ✔✔ Access Control
An internal computerized table of access rules regarding the levels of computer access
permitted to logon IDs and computer terminals. Also referred to as access control tables. -
correct answer ✔✔ Access Control List (ACL)
An internal computerized table of access rules regarding the levels of computer access
permitted to logon IDs and computer terminals - correct answer ✔✔ Access control table
The technique used for selecting records in a file, one at a time, for processing, retrieval or
storage. The access method is related to, but distinct from, the file organization, which
determines how the records are stored. - correct answer ✔✔ Access Method
The logical route an end user takes to access computerized information. Typically, it includes a
route through the operating system, telecommunications software, selected application
software and the access control system. - correct answer ✔✔ Access Path
,The permission or privileges granted to users, programs or workstations to create, change,
delete or view data and files within a system, as defined by rules established by data owners
and the information security policy - correct answer ✔✔ Access rights
Provides centralized access control for managing remote access dial-up services - correct
answer ✔✔ Access Servers
Within computer storage, the code used to designate the location of a specific piece of data -
correct answer ✔✔ Address
The number of distinct locations that may be referred to with the machine address. For most
binary machines, it is equal to 2n, where n is the number of bits in the machine address. -
correct answer ✔✔ Address Space
The method used to identify the location of a participant in a network. Ideally, addressing
specifies where the participant is located rather than who they are (name) or how to get there
(routing). - correct answer ✔✔ Addressing
The rules, procedures and practices dealing with operational effectiveness, efficiency and
adherence to regulations and management policies. - correct answer ✔✔ Administrative
controls
A software package that automatically plays, displays or downloads advertising material to a
computer after the software is installed on it or while the application is being used. In most
cases, this is done without any notification to the user or without the user's consent. The term
adware may also refer to software that displays advertisements, whether or not it does so with
the user's consent; such programs display advertisements as an alternative to shareware
registration fees. These are classified as adware in the sense of advertising supported software,
but not as spyware. Adware in this form does not operate surreptitiously or mislead the user
and provides the user with a specific service. - correct answer ✔✔ Adware
The use of alphabetic characters or an alphabetic character string - correct answer ✔✔ Alpha
,A service that allows the option of having an alternate route to complete a call when the
marked destination is not available. In signaling, alternate routing is the process of allocating
substitute routes for a given signaling traffic stream in case of failure(s) affecting the normal
signaling links or routes of that traffic stream. - correct answer ✔✔ Alternative routing
D. Incident resolution meantime - correct answer ✔✔ Which of the following is the BEST
performance indicator for the effectiveness of an incident management program?
A. Incident alert meantime
B. Number of incidents reported
C. Average time between incidents
D. Incident resolution meantime
B. scheduled according to the service delivery objectives - correct answer ✔✔ Backups will
MOST effectively minimize a disruptive incident's impact on a business if they are:
A. taken according to recovery point objectives (RPOs).
B. scheduled according to the service delivery objectives.
C. performed by automated backup software on a fixed schedule.
D. stored on write-once read-many media.
C. Assess the security risks to the business - correct answer ✔✔ An IS audit reveals that an
organization is not proactively addressing known vulnerabilities. Which of the following should
the IS auditor recommend the organization do FIRST?
A. Ensure the intrusion prevention system (IPS) is effective.
B. Verify the disaster recovery plan (DRP) has been tested.
, C. Assess the security risks to the business.
D. Confirm the incident response team understands the issue.
D. The network device inventory is incomplete. - correct answer ✔✔ An IS auditor has
completed the fieldwork phase of a network security review and is preparing the initial draft of
the audit report. Which of the following findings should be ranked as the HIGHEST risk?
A. Network penetration tests are not performed.
B. The network firewall policy has not been approved by the information security officer.
C. Network firewall rules have not been documented.
D. The network device inventory is incomplete.
A. Assurance that the new system meets functional requirements - correct answer ✔✔ Which
of the following is the PRIMARY advantage of parallel processing for a new system
implementation?
A. Assurance that the new system meets functional requirements
B. Significant cost savings over other system implementation approaches
C. More time for users to complete training for the new system
D. Assurance that the new system meets performance requirements
C. Review relevant system changes. - correct answer ✔✔ During an internal audit of automated
controls, an IS auditor identifies that the integrity of data transfer between systems has not
been tested since successful implementation two years ago. Which of the following should the
auditor do NEXT?
A. Review previous system interface testing records.
B. Document the finding in the audit report.
and correct answers
An abnormal end to a computer job; termination of a task prior to its completion because of an
error condition that cannot be resolved by recovery facilities while the task is executing - correct
answer ✔✔ Abend
A policy that establishes an agreement between users and the enterprise and defines for all
parties' the ranges of use that are approved before gaining access to a network or the Internet. -
correct answer ✔✔ Acceptable Use Policy
The processes, rules and deployment mechanisms that control access to information systems,
resources and physical access to premises - correct answer ✔✔ Access Control
An internal computerized table of access rules regarding the levels of computer access
permitted to logon IDs and computer terminals. Also referred to as access control tables. -
correct answer ✔✔ Access Control List (ACL)
An internal computerized table of access rules regarding the levels of computer access
permitted to logon IDs and computer terminals - correct answer ✔✔ Access control table
The technique used for selecting records in a file, one at a time, for processing, retrieval or
storage. The access method is related to, but distinct from, the file organization, which
determines how the records are stored. - correct answer ✔✔ Access Method
The logical route an end user takes to access computerized information. Typically, it includes a
route through the operating system, telecommunications software, selected application
software and the access control system. - correct answer ✔✔ Access Path
,The permission or privileges granted to users, programs or workstations to create, change,
delete or view data and files within a system, as defined by rules established by data owners
and the information security policy - correct answer ✔✔ Access rights
Provides centralized access control for managing remote access dial-up services - correct
answer ✔✔ Access Servers
Within computer storage, the code used to designate the location of a specific piece of data -
correct answer ✔✔ Address
The number of distinct locations that may be referred to with the machine address. For most
binary machines, it is equal to 2n, where n is the number of bits in the machine address. -
correct answer ✔✔ Address Space
The method used to identify the location of a participant in a network. Ideally, addressing
specifies where the participant is located rather than who they are (name) or how to get there
(routing). - correct answer ✔✔ Addressing
The rules, procedures and practices dealing with operational effectiveness, efficiency and
adherence to regulations and management policies. - correct answer ✔✔ Administrative
controls
A software package that automatically plays, displays or downloads advertising material to a
computer after the software is installed on it or while the application is being used. In most
cases, this is done without any notification to the user or without the user's consent. The term
adware may also refer to software that displays advertisements, whether or not it does so with
the user's consent; such programs display advertisements as an alternative to shareware
registration fees. These are classified as adware in the sense of advertising supported software,
but not as spyware. Adware in this form does not operate surreptitiously or mislead the user
and provides the user with a specific service. - correct answer ✔✔ Adware
The use of alphabetic characters or an alphabetic character string - correct answer ✔✔ Alpha
,A service that allows the option of having an alternate route to complete a call when the
marked destination is not available. In signaling, alternate routing is the process of allocating
substitute routes for a given signaling traffic stream in case of failure(s) affecting the normal
signaling links or routes of that traffic stream. - correct answer ✔✔ Alternative routing
D. Incident resolution meantime - correct answer ✔✔ Which of the following is the BEST
performance indicator for the effectiveness of an incident management program?
A. Incident alert meantime
B. Number of incidents reported
C. Average time between incidents
D. Incident resolution meantime
B. scheduled according to the service delivery objectives - correct answer ✔✔ Backups will
MOST effectively minimize a disruptive incident's impact on a business if they are:
A. taken according to recovery point objectives (RPOs).
B. scheduled according to the service delivery objectives.
C. performed by automated backup software on a fixed schedule.
D. stored on write-once read-many media.
C. Assess the security risks to the business - correct answer ✔✔ An IS audit reveals that an
organization is not proactively addressing known vulnerabilities. Which of the following should
the IS auditor recommend the organization do FIRST?
A. Ensure the intrusion prevention system (IPS) is effective.
B. Verify the disaster recovery plan (DRP) has been tested.
, C. Assess the security risks to the business.
D. Confirm the incident response team understands the issue.
D. The network device inventory is incomplete. - correct answer ✔✔ An IS auditor has
completed the fieldwork phase of a network security review and is preparing the initial draft of
the audit report. Which of the following findings should be ranked as the HIGHEST risk?
A. Network penetration tests are not performed.
B. The network firewall policy has not been approved by the information security officer.
C. Network firewall rules have not been documented.
D. The network device inventory is incomplete.
A. Assurance that the new system meets functional requirements - correct answer ✔✔ Which
of the following is the PRIMARY advantage of parallel processing for a new system
implementation?
A. Assurance that the new system meets functional requirements
B. Significant cost savings over other system implementation approaches
C. More time for users to complete training for the new system
D. Assurance that the new system meets performance requirements
C. Review relevant system changes. - correct answer ✔✔ During an internal audit of automated
controls, an IS auditor identifies that the integrity of data transfer between systems has not
been tested since successful implementation two years ago. Which of the following should the
auditor do NEXT?
A. Review previous system interface testing records.
B. Document the finding in the audit report.
