CISA 2025 EXAM QUESTIONS AND
100% CORRECT ANSWERS!!
Which of the following BEST limits the impacts of server failures in a distributed
environment?
Clustering
Clustering allows two or more servers to work as a unit so that when one of them fails, the other
takes over.
During an audit of a small enterprise, the IS auditor noted that the IS director has
superuser-privilege access that allows the director to process requests for changes to
the application access roles (access types). Which of the following should the IS auditor
recommend?
Implement a properly documented process for application role change requests
The IS auditor should recommend implementation of processes that could prevent or detect
improper changes from being made to the major application roles. The application role change
request process should start and be approved by the business owner; then, the IS director can
make the changes to the application.
An IS auditor reviewing a cloud computing environment managed by a third party
should be MOST concerned when:
The service level agreement does not address the responsibility of the vendor in the case of
a security breach
Administration of cloud computing occurs over the Internet and involves more than one
participating entity. It is the responsibility of each of the partners in the cloud computing
environment to take care of security issues in their own environments. when there is a security
breach, the party responsible for the breach should be identified and made accountable. this is
,not possible if the SLA does not address the responsibilities of the partners during a security
breach
An IS auditor discovers that some hard drives disposed of by an enterprise were not
sanitized in a manner that would reasonably ensure the data could not be recovered. In
addition, enterprise doesn't have a written policy on data disposal. The IS auditor
should FIRST:
Determine the sensitivity of the information on the hard drives.
Even though a policy is not available, the IS auditor should make a determination as to the
nature of the information on the hard drives to quantify, as much as possible, the risk. *An IS
Auditor should not develop policies
What is the BEST backup strategy for a large database with data supporting online sales
Mirrored Hard disks
Mirrored hard disks will ensure that all data are backed up to more than one disk so that a
failure of one disk will not result in loss of data.
And organization is reviewing its contract with a cloud computing provider. For which of
the following reasons would the organization want to remove a lock-in clause from the
contract?
Portability
When drawing up a contract with a cloud service provider, the ideal practice is to remove the
customer lock-in clause. It may be important for the client to secure portability of their
system assets, i.e., the right to transfer from one vendor to another.
In a small organization, an employee performs computer operations and, when the
situation demands, program modifications. Which of the following should the IS
auditor recommend?
Procedures that verify that only approved program changes are implemented
,An IS auditor must consider recommending a better process. An IS auditor should recommend
a formal change control process that manages and could detect changes to production source
and object code, such as code comparisons, so the changes can be reviewed on a regular basis
by a third party. This would be a compensating control process.
Which of the following backup techniques is the MOST appropriate when an
organization requires extremely granular data restore points, as defined in the recovery
point objective (RPO)?
Continuous data backup
Recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption.
In this scenario the organization needs a short RPO and continuous data backup is the best
option.
An IS auditor find that DBAs have access to the log location on the database server and the
ability to purge logs from the system. What is the BEST audit recommendation to ensure
that DBA activity is effectively monitored?
Forward database logs to a centralized log server
To protect the availability and integrity of the database logs, it is feasible to forward the database
logs to a centralized log server to which the DBAs do not have access.
The purpose of code signing is to provide assurance that:
The software has not been subsequently modified
*Not The private key of the signer has not been compromised
Code signing ensures that the executable code came from a reputable source and has not
been modified after being signed
Doing which of the following during peak production hours could result in
unexpected downtime?
, Promoting applications from development to the staging environment
*Not Promoting applications from development to the staging environment.
Preventive maintenance activities should be scheduled for non peak times of the day,
and preferably during a maintenance window time period. A mishap or incident caused
by a maintenance worker could result in unplanned downtime.
Which of the following controls will MOST effectively detect the presence of bursts of
errors in network transmissions?
Cyclic Redundancy Check (CRC)
The cyclic reduncancy check (CRC) can check for a block of transmitted data. The
workstations generate the CRC and transmit it with the data. The receiving workstation
computes a CRC and compares it to the transmitted CRC. If both of them are equal, then the
block is assumed error free. In this case (such as in parity error echo check), multiple errors can
be detected. In general, CRC can detect all single-bit and double-bit errors
Parity check
Parity check (known as vertical redundancy check) alsi involves a bit (known as the parity bit to
each character during transmission. In this case, where there is a presence of bursts of errors (i.e.,
Impulsing noise during high transmission rates), it has reliability of appproximately 50 percent.
In higher transmission rates, this limitation is significant.
Echo check
Echo checks detect line errors by retransmitting data to the sending device for comparison
with the orginal tranmission
Block sum check
A block sum check is a form of parity checking and has a low level of reliability
100% CORRECT ANSWERS!!
Which of the following BEST limits the impacts of server failures in a distributed
environment?
Clustering
Clustering allows two or more servers to work as a unit so that when one of them fails, the other
takes over.
During an audit of a small enterprise, the IS auditor noted that the IS director has
superuser-privilege access that allows the director to process requests for changes to
the application access roles (access types). Which of the following should the IS auditor
recommend?
Implement a properly documented process for application role change requests
The IS auditor should recommend implementation of processes that could prevent or detect
improper changes from being made to the major application roles. The application role change
request process should start and be approved by the business owner; then, the IS director can
make the changes to the application.
An IS auditor reviewing a cloud computing environment managed by a third party
should be MOST concerned when:
The service level agreement does not address the responsibility of the vendor in the case of
a security breach
Administration of cloud computing occurs over the Internet and involves more than one
participating entity. It is the responsibility of each of the partners in the cloud computing
environment to take care of security issues in their own environments. when there is a security
breach, the party responsible for the breach should be identified and made accountable. this is
,not possible if the SLA does not address the responsibilities of the partners during a security
breach
An IS auditor discovers that some hard drives disposed of by an enterprise were not
sanitized in a manner that would reasonably ensure the data could not be recovered. In
addition, enterprise doesn't have a written policy on data disposal. The IS auditor
should FIRST:
Determine the sensitivity of the information on the hard drives.
Even though a policy is not available, the IS auditor should make a determination as to the
nature of the information on the hard drives to quantify, as much as possible, the risk. *An IS
Auditor should not develop policies
What is the BEST backup strategy for a large database with data supporting online sales
Mirrored Hard disks
Mirrored hard disks will ensure that all data are backed up to more than one disk so that a
failure of one disk will not result in loss of data.
And organization is reviewing its contract with a cloud computing provider. For which of
the following reasons would the organization want to remove a lock-in clause from the
contract?
Portability
When drawing up a contract with a cloud service provider, the ideal practice is to remove the
customer lock-in clause. It may be important for the client to secure portability of their
system assets, i.e., the right to transfer from one vendor to another.
In a small organization, an employee performs computer operations and, when the
situation demands, program modifications. Which of the following should the IS
auditor recommend?
Procedures that verify that only approved program changes are implemented
,An IS auditor must consider recommending a better process. An IS auditor should recommend
a formal change control process that manages and could detect changes to production source
and object code, such as code comparisons, so the changes can be reviewed on a regular basis
by a third party. This would be a compensating control process.
Which of the following backup techniques is the MOST appropriate when an
organization requires extremely granular data restore points, as defined in the recovery
point objective (RPO)?
Continuous data backup
Recovery point objective (RPO) is based on the acceptable data loss in the case of a disruption.
In this scenario the organization needs a short RPO and continuous data backup is the best
option.
An IS auditor find that DBAs have access to the log location on the database server and the
ability to purge logs from the system. What is the BEST audit recommendation to ensure
that DBA activity is effectively monitored?
Forward database logs to a centralized log server
To protect the availability and integrity of the database logs, it is feasible to forward the database
logs to a centralized log server to which the DBAs do not have access.
The purpose of code signing is to provide assurance that:
The software has not been subsequently modified
*Not The private key of the signer has not been compromised
Code signing ensures that the executable code came from a reputable source and has not
been modified after being signed
Doing which of the following during peak production hours could result in
unexpected downtime?
, Promoting applications from development to the staging environment
*Not Promoting applications from development to the staging environment.
Preventive maintenance activities should be scheduled for non peak times of the day,
and preferably during a maintenance window time period. A mishap or incident caused
by a maintenance worker could result in unplanned downtime.
Which of the following controls will MOST effectively detect the presence of bursts of
errors in network transmissions?
Cyclic Redundancy Check (CRC)
The cyclic reduncancy check (CRC) can check for a block of transmitted data. The
workstations generate the CRC and transmit it with the data. The receiving workstation
computes a CRC and compares it to the transmitted CRC. If both of them are equal, then the
block is assumed error free. In this case (such as in parity error echo check), multiple errors can
be detected. In general, CRC can detect all single-bit and double-bit errors
Parity check
Parity check (known as vertical redundancy check) alsi involves a bit (known as the parity bit to
each character during transmission. In this case, where there is a presence of bursts of errors (i.e.,
Impulsing noise during high transmission rates), it has reliability of appproximately 50 percent.
In higher transmission rates, this limitation is significant.
Echo check
Echo checks detect line errors by retransmitting data to the sending device for comparison
with the orginal tranmission
Block sum check
A block sum check is a form of parity checking and has a low level of reliability
