Page 1 of 172
Certified Information Systems Auditor CISA Exam
A&B ALL QUESTIONS AND CORRECT ANSWERS
LATEST UPDATE THIS YEAR
QUESTION: A vendor has released several critical security patches over the past few months
and this has put a strain on the ability of the administrators to keep the patches tested and
deployed in a timely manner. The administrators have asked if they could reduce the testing of
the patches. What approach should the organization take?
a. Continue the current process of testing and applying patches.
b. Reduce testing and ensure that an adequate backout plan is in place.
c. Delay patching until resources fo - ANSWER-a. Continue the current process of testing and
applying patches.
QUESTION: The PRIMARY benefit of an IT manager monitoring technical capacity is to:
a. identify the need for new hardware and storage procurement.
b. determine the future capacity need based on usage.
c. ensure that the service level requirements are met.
1
, Page 2 of 172
d. ensure that systems operate at optimal capacity. - ANSWER-c. ensure that the service level
requirements are met.
QUESTION: From a control perspective, the PRIMARY objective of classifying information assets
is to:
a. establish guidelines for the level of access controls that should be assigned.
b. ensure access controls are assigned to all information assets.
c. assist management and auditors in risk assessment.
d. identify which assets need to be insured against losses. - ANSWER-a. establish guidelines for
the level of access controls that should be assigned.
QUESTION: Which of the following user profiles should be of MOST concern to an IS auditor
when performing an audit of an electronic funds transfer (EFT) system?
a. Three users with the ability to capture and verify their own messages
b. Five users with the ability to capture and send their own messages
c. Five users with the ability to verify other users and to send their own messages
2
, Page 3 of 172
d. Three users with the ability to capture and verify the messages of other users and to send
their own messages - ANSWER-a. Three users with the ability to capture and verify their own
messages
QUESTION: An IS auditor is reviewing a manufacturing company and finds that mainframe users
at a remote site connect to the mainframe at headquarters over the Internet via Telnet. Which
of the following offers the STRONGEST security?
a. Use of a point-to-point leased line
b. Use of a firewall rule to allow only the Internet Protocol address of the remote site
c. Use of two-factor authentication
d. Use of a nonstandard port for Telnet - ANSWER-a. Use of a point-to-point leased line
QUESTION: A laptop computer belonging to a company database administrator (DBA) and
containing a file of production database passwords has been stolen. What should the
organization do FIRST?
a. Send a report to the IS audit department.
b. Change the name of the DBA account.
3
, Page 4 of 172
c. Suspend the DBA account.
d. Change the database password. - ANSWER-d. Change the database password.
Q;An IS auditor has been asked by management to review a potentially fraudulent transaction.
The PRIMARY focus of an IS auditor while evaluating the transaction should be to:
a. maintain impartiality while evaluating the transaction.
b. ensure that the independence of an IS auditor is maintained.
c. assure that the integrity of the evidence is maintained.
d. assess all relevant evidence for the transaction. - ANSWER-c. assure that the integrity of the
evidence is maintained.
(Domain 5: Protection of Information Assets
5B6Evidence Collection and Forensics)
QUESTION: Which of the following recovery strategies is MOST appropriate for a business
having multiple offices within a region and a limited recovery budget?
a. A hot site maintained by the business
4
Certified Information Systems Auditor CISA Exam
A&B ALL QUESTIONS AND CORRECT ANSWERS
LATEST UPDATE THIS YEAR
QUESTION: A vendor has released several critical security patches over the past few months
and this has put a strain on the ability of the administrators to keep the patches tested and
deployed in a timely manner. The administrators have asked if they could reduce the testing of
the patches. What approach should the organization take?
a. Continue the current process of testing and applying patches.
b. Reduce testing and ensure that an adequate backout plan is in place.
c. Delay patching until resources fo - ANSWER-a. Continue the current process of testing and
applying patches.
QUESTION: The PRIMARY benefit of an IT manager monitoring technical capacity is to:
a. identify the need for new hardware and storage procurement.
b. determine the future capacity need based on usage.
c. ensure that the service level requirements are met.
1
, Page 2 of 172
d. ensure that systems operate at optimal capacity. - ANSWER-c. ensure that the service level
requirements are met.
QUESTION: From a control perspective, the PRIMARY objective of classifying information assets
is to:
a. establish guidelines for the level of access controls that should be assigned.
b. ensure access controls are assigned to all information assets.
c. assist management and auditors in risk assessment.
d. identify which assets need to be insured against losses. - ANSWER-a. establish guidelines for
the level of access controls that should be assigned.
QUESTION: Which of the following user profiles should be of MOST concern to an IS auditor
when performing an audit of an electronic funds transfer (EFT) system?
a. Three users with the ability to capture and verify their own messages
b. Five users with the ability to capture and send their own messages
c. Five users with the ability to verify other users and to send their own messages
2
, Page 3 of 172
d. Three users with the ability to capture and verify the messages of other users and to send
their own messages - ANSWER-a. Three users with the ability to capture and verify their own
messages
QUESTION: An IS auditor is reviewing a manufacturing company and finds that mainframe users
at a remote site connect to the mainframe at headquarters over the Internet via Telnet. Which
of the following offers the STRONGEST security?
a. Use of a point-to-point leased line
b. Use of a firewall rule to allow only the Internet Protocol address of the remote site
c. Use of two-factor authentication
d. Use of a nonstandard port for Telnet - ANSWER-a. Use of a point-to-point leased line
QUESTION: A laptop computer belonging to a company database administrator (DBA) and
containing a file of production database passwords has been stolen. What should the
organization do FIRST?
a. Send a report to the IS audit department.
b. Change the name of the DBA account.
3
, Page 4 of 172
c. Suspend the DBA account.
d. Change the database password. - ANSWER-d. Change the database password.
Q;An IS auditor has been asked by management to review a potentially fraudulent transaction.
The PRIMARY focus of an IS auditor while evaluating the transaction should be to:
a. maintain impartiality while evaluating the transaction.
b. ensure that the independence of an IS auditor is maintained.
c. assure that the integrity of the evidence is maintained.
d. assess all relevant evidence for the transaction. - ANSWER-c. assure that the integrity of the
evidence is maintained.
(Domain 5: Protection of Information Assets
5B6Evidence Collection and Forensics)
QUESTION: Which of the following recovery strategies is MOST appropriate for a business
having multiple offices within a region and a limited recovery budget?
a. A hot site maintained by the business
4
