• Home
  • Articles
  • Latest Oct 20, 2023 CISA Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q181-Q204]

Latest Oct 20, 2023 CISA Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q181-Q204]

Share

Latest Oct 20, 2023 CISA Brain Dump: A Study Guide with Tips & Tricks for passing Exam

CISA Question Bank: Free PDF Download Recently Updated Questions

NEW QUESTION # 181
Which of the following would BEST help to ensure that an incident receives attention from appropriate personnel in a timely manner?

  • A. Completing the incident management log
  • B. Requiring a dedicated incident response team
  • C. Implement incident escalation procedures
  • D. Broadcasting an emergency message

Answer: C


NEW QUESTION # 182
Whenever business processes have been re-engineered, the IS auditor attempts to identify and quantify
the impact of any controls that might have been removed, or controls that might not work as effectively
after business process changes. True or false?

  • A. True
  • B. False

Answer: A

Explanation:
Section: Protection of Information Assets
Explanation:
Whenever business processes have been re-engineered, the IS auditor should attempt to identify and
quantify the impact of any controls that might have been removed, or controls that might not work as
effectively after business process changes.


NEW QUESTION # 183
To mitigate the risk of exposing data through application programming interface (API) queries, which of the following design considerations is MOST important?

  • A. Data integrity
  • B. Data quality
  • C. Data minimalization
  • D. Data retention

Answer: A


NEW QUESTION # 184
Which of the following PBX feature provides the possibility to break into a busy line to inform another user of an important message?

  • A. Tenanting
  • B. Account Codes
  • C. Override
  • D. Access Codes

Answer: C

Explanation:
Explanation/Reference:
Override feature of PBS provides for the possibility to break into a busy line to inform another user an important message.
For CISA exam you should know below mentioned PBS features and Risks
System Features
Description
Risk
Automatic Call distribution
Allows a PBX to be configured so that incoming calls are distributed to the next available agent or placed on-hold until one become available Tapping and control of traffic Call forwarding Allow specifying an alternate number to which calls will be forwarded based on certain condition User tracking Account codes Used to:
Track calls made by certain people or for certain projects for appropriate billing Dial-In system access (user dials from outside and gain access to normal feature of the PBX) Changing the user class of service so a user can access a different set of features (i.e. the override feature) Fraud, user tracking, non authorized features Access Codes Key for access to specific feature from the part of users with simple instruments, i.e. traditional analog phones.
Non-authorized features
Silent Monitoring
Silently monitors other calls
Eavesdropping
Conferencing
Allows for conversation among several users
Eavesdropping, by adding unwanted/unknown parties to a conference
override(intrude)
Provides for the possibility to break into a busy line to inform another user an important message Eavesdropping Auto-answer Allows an instrument to automatically go when called usually gives an auditor or visible warning which can easily turned off Gaining information not normally available, for various purpose Tenanting Limits system user access to only those users who belong to the same tenant group - useful when one company leases out part of its building to other companies and tenants share an attendant, trunk lines,etc Illegal usage, fraud, eavesdropping Voice mail Stores messages centrally and - by using a password - allows for retrieval from inside or outside lines.
Disclosure or destruction of all messages of a user when that user's password in known or discovered by an intruder, disabling of the voice mail system and even the entire switch by lengthy messages or embedded codes, illegal access to external lines.
Privacy release
Supports shared extensions among several devices, ensuring that only one device at a time can use an extension. Privacy release disables the security by allowing devices to connect to an extension already in use.
Eavesdropping
No busy extension
Allows calls to an in-use extension to be added to a conference when that extension is on conference and already off-hook Eavesdropping a conference in progress Diagnostics Allows for bypassing normal call restriction procedures. This kind of diagnostic is sometimes available from any connected device. It is a separate feature, in addition to the normal maintenance terminal or attendant diagnostics Fraud and illegal usage Camp-on or call waiting When activated, sends a visual audible warning to an off-hook instrument that is receiving another call.
Another option of this feature is to conference with the camped-on or call waiting Making the called individual a party to a conference without knowing it.
Dedicated connections
Connections made through the PBX without using the normal dialing sequences. It can be used to create hot-lines between devices i.e. one rings when the other goes off-hook. It is also used for data connections between devices and the central processing facility Eavesdropping on a line The following were incorrect answers:
Account Codes - that are use to:
Track calls made by certain people or for certain projects for appropriate billing Dial-In system access (user dials from outside and gain access to normal feature of the PBX) Changing the user class of service so a user can access a different set of features (i.e. the override feature) Access Codes - Key for access to specific feature from the part of users with simple instruments, i.e.
traditional analog phones.
Tenanting - Limits system user access to only those users who belong to the same tenant group useful when one company leases out part of its building to other companies and tenants share an attendant, trunk lines,etc The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number358


NEW QUESTION # 185
Which of the following is the key benefit of control self-assessment (CSA)?

  • A. Improved fraud detection since internal business staff are engaged in testing controls
  • B. Audit expenses are reduced when the assessment results are an input to external audit work.
  • C. Management ownership of the internal controls supporting business objectives is reinforced.
  • D. Internal auditors can shift to a consultative approach by using the results of the assessment.

Answer: C

Explanation:
The objective of control self-assessment is to have business management become more aware of the importance of internal control and their responsibility in terms of corporate governance. Reducing audit expenses is not a key benefit of control self-assessment (CSA). improved fraud detection is important, but not as important as ownership, and is not a principal objective of CSA. CSA may give more insights to internal auditors, allowing them to take a more consultative role; however, this is an additional benefit, not the key benefit.


NEW QUESTION # 186
In a security server audit, focus should be placed on (Choose two.):

  • A. None of the choices.
  • B. continuous and accurate audit trail
  • C. performance and controls of the system
  • D. proper segregation of duties
  • E. adequate user training
  • F. system stability
  • G. proper application licensing

Answer: B,D

Explanation:
Section: Protection of Information Assets


NEW QUESTION # 187
Which of the following is the BEST justification for deferring remediation testing until the next audit?

  • A. Auditee management has accepted all observations reported by the auditor.
  • B. Management's planned actions are sufficient given the relative importance of the observations.
  • C. The auditor who conducted the audit and agreed with the timeline has left the organization.
  • D. The audit environment has changed significantly.

Answer: B


NEW QUESTION # 188
In which of the following WAN message transmission technique does two network nodes establish a
dedicated communications channel through the network before the nodes may communicate?

  • A. Circuit switching
  • B. Message Switching
  • C. Packet switching
  • D. Virtual Circuits

Answer: A

Explanation:
Section: Information System Operations, Maintenance and Support
Explanation/Reference:
For your exam you should know below information about WAN message transmission technique:
Message Switching
Message switching is a network switching technique in which data is routed in its entirety from the source
node to the destination node, one hope at a time. During message routing, every intermediate switch in the
network stores the whole message. If the entire network's resources are engaged or the network becomes
blocked, the message-switched network stores and delays the message until ample resources become
available for effective transmission of the message.
Message Switching

Packet Switching
Refers to protocols in which messages are divided into packets before they are sent. Each packet is then
transmitted individually and can even follow different routes to its destination. Once all the packets forming
a message arrive at the destination, they are recompiled into the original message.
Packet Switching

Circuit Switching
Circuit switching is a methodology of implementing a telecommunications network in which two network
nodes establish a dedicated communications channel (circuit) through the network before the nodes may
communicate.
The circuit guarantees the full bandwidth of the channel and remains connected for the duration of the
session. The circuit functions as if the nodes were physically connected similar to an electrical circuit.
The defining example of a circuit-switched network is the early analog telephone network. When a call is
made from one telephone to another, switches within the telephone exchanges create a continuous wire
circuit between the two telephones, for as long as the call lasts.
In circuit switching, the bit delay is constant during a connection, as opposed to packet switching, where
packet queues may cause varying and potentially indefinitely long packet transfer delays. No circuit can be
degraded by competing users because it is protected from use by other callers until the circuit is released
and a new connection is set up. Even if no actual communication is taking place, the channel remains
reserved and protected from competing users.
Circuit Switching

See a table below comparing Circuit Switched versus Packet Switched networks:
Difference between Circuit and packet switching

Virtual circuit
In telecommunications and computer networks, a virtual circuit (VC), synonymous with virtual connection
and virtual channel, is a connection oriented communication service that is delivered by means of packet
mode communication.
After a connection or virtual circuit is established between two nodes or application processes, a bit stream
or byte stream may be delivered between the nodes; a virtual circuit protocol allows higher level protocols
to avoid dealing with the division of data into segments, packets, or frames.
Virtual circuit communication resembles circuit switching, since both are connection oriented, meaning that
in both cases data is delivered in correct order, and signaling overhead is required during a connection
establishment phase. However, circuit switching provides constant bit rate and latency, while these may
vary in a virtual circuit service due to factors such as:
varying packet queue lengths in the network nodes,
varying bit rate generated by the application,
varying load from other users sharing the same network resources by means of statistical multiplexing, etc.
The following were incorrect answers:
The other options presented are not valid choices.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 265


NEW QUESTION # 189
An IS auditor examining the configuration of an operating system to verify the controls should review the:

  • A. parameter settings.
  • B. transaction logs.
  • C. routing tables.
  • D. authorization tables.

Answer: A

Explanation:
Section: Protection of Information Assets
Explanation:
Parameters allow a standard piece of software to be customized for diverse environments and are
important in determining how a system runs. The parameter settings should be appropriate to an
organization's workload and control environment, improper implementation and/or monitoring of operating
systems can result in undetected errors and corruption of the data being processed, as well as lead to
unauthorized access and inaccurate logging of system usage. Transaction logs are used to analyze
transactions in master and/or transaction files. Authorization tables are used to verify implementation of
logical access controls and will not be of much help when reviewing control features of an operating
system. Routing tables do not contain information about the operating system and, therefore, provide no
information to aid in the evaluation of controls.


NEW QUESTION # 190
Post-implementation testing is an example of which of the following control types?

  • A. Directive
  • B. Deterrent
  • C. Preventive
  • D. Detective

Answer: D


NEW QUESTION # 191
An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing
organization has discovered the following:
-The existing disaster recovery plan was compiled two years earlier by a systems analyst in the
organization's IT department using transaction flow projections from the operations department.
-The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his/her
attention.
-The plan has never been updated, tested or circulated to key management and staff, though interviews
show that each would know what action to take for its area in the event of a disruptive incident.
The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site
where a similar, but not identical, hardware configuration is already established. An IS auditor should:

  • A. take no action as the lack of a current plan is the only significant finding.
  • B. report that the financial expenditure on the alternative site is wasted without an effective plan.
  • C. perform a review to verify that the second configuration can support live processing.
  • D. recommend that the hardware configuration at each site is identical.

Answer: C

Explanation:
Section: Protection of Information Assets
Explanation:
An IS auditor does not have a finding unless it can be shown that the alternative hardware cannot support
the live processing system. Even though the primary finding is the lack of a proven and communicated
disaster recovery plan, it is essential that this aspect of recovery is included in the audit. If it is found to be
inadequate, the finding will materially support the overall audit opinion. It is certainly not appropriate to take
no action at all, leaving this important factor untested. Unless it is shown that the alternative site is
inadequate, there can be no comment on the expenditure, even if this is considered a proper comment for
the IS auditor to make. Similarly, there is no need for the configurations to be identical. The alternative site
could actually exceed the recovery requirements if it is also used for other work, such as other processing
or systems development and testing. The only proper course of action at this point would be to find out if
the recovery site can actually cope with a recovery.


NEW QUESTION # 192
An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process would MOST likely:

  • A. verify the format of the number entered then locate it on the database.
  • B. ensure that the transaction entered is within the cardholder's credit limit.
  • C. confirm that the card is not shown as lost or stolen on the master file.
  • D. check to ensure that the type of transaction is valid for the card type.

Answer: A

Explanation:
The initial validation should confirm whether the card is valid. This validity is established through the card number and PIN entered by the user. Based on this initial validation, all other validations will proceed. A validation control in data capture will ensure that the data entered is valid (i.e., it can be processed by the system). If the data captured in the initial validation is not valid (if the card number or PIN do not match with the database), then the card will be rejected or captured per the controls in place. Once initial validation is completed, then other validations specific to the card and cardholder would be performed.


NEW QUESTION # 193
Ideally, stress testing should be carried out in a:

  • A. production environment using test data.
  • B. test environment using live workloads.
  • C. production environment using live workloads.
  • D. test environment using test data.

Answer: B

Explanation:
Stress testing is carried out to ensure a system can cope with production workloads. A test environment should always be used to avoid damaging the production environment. Hence, testing should never take place in a production environment (choices Band D), and if only test data is used, there is no certainty that the system was stress tested adequately.


NEW QUESTION # 194
Which of the following provides nonrepudiation in an electronic communication session without confidentiality?

  • A. Message encryption
  • B. Certification authority
  • C. Log-on ID and password
  • D. Digital signature

Answer: D

Explanation:
Section: Information System Operations, Maintenance and Support


NEW QUESTION # 195
Which of the following is the PRIMARY purpose of obtaining a baseline image during an operating system audit?

  • A. To identify local administrator account access
  • B. To identify atypical running processes
  • C. To verify the integrity of operating system backups
  • D. To verify antivirus definitions

Answer: C

Explanation:
The primary purpose of obtaining a baseline image during an operating system audit is to verify the integrity of operating system backups. A baseline image provides a consistent and reliable reference for auditing and allows the auditor to determine if any changes have been made to the operating system since the baseline image was taken. This helps the auditor to detect any unauthorized changes that may have been made and to assess the impact of any changes on the system's security posture.


NEW QUESTION # 196
An organization was severely impacted alter an advanced persistent threat (APT) attack Afterwards it was found that the initial breach happened a month prior to the attack. Management's GREATEST concern should be

  • A. the installation of critical security patches
  • B. results of the past internal penetration test
  • C. the effectiveness of monitoring processes
  • D. external firewall policies.

Answer: C


NEW QUESTION # 197
An IS auditor has completed an audit of an organization's accounts payable system. Which of the following should be rated as the HIGHEST risk in the audit report and requires immediate remediation?

  • A. Lack of segregation of duty controls for reconciliation of payment transactions
  • B. Lack of segregation of duty controls for removal of vendor records
  • C. Lack of segregation of duty controls for updating the vendor master file
  • D. Lack of segregation of duty controls for reversing payment transactions

Answer: C


NEW QUESTION # 198
Which of the following is the BEST way to evaluate the effectiveness of access controls to an internal network?

  • A. Review router configuration tables
  • B. Review access rights
  • C. Perform a system penetration test
  • D. Test compliance with operating procedures

Answer: C

Explanation:
Section: The process of Auditing Information System


NEW QUESTION # 199
The MOST likely explanation for the use of applets in an Internet application is that:

  • A. it is a JAVA program downloaded through the web browser and executed by the web server of the client
    machine.
  • B. it is sent over the network from the server.
  • C. the server does not run the program and the output is not sent over the network.
  • D. they improve the performance of the web server and network.

Answer: D

Explanation:
Section: Protection of Information Assets
Explanation:
An applet is a JAVA program that is sent over the network from the web server, through a web browser and
to the client machine; the code is then run on the machine. Since the server does not run the program and
the output is not sent over the network, the performance on the web server and network-over which the
server and client are connected-drastically improves through the use of applets. Performance improvement
is more important than the reasons offered in choices A and
B. Since JAVA virtual machine (JVM) is
embedded in most web browsers, the applet download through the web browser runs on the client machine
from the web browser, not from the web server, making choice D incorrect.


NEW QUESTION # 200
Which of the following would BEST describe an audit risk?

  • A. The company is being sued for false accusations.
  • B. Employees have been misappropriating funds.
  • C. The financial report may contain undetected material errors.
  • D. Key employees have not taken vacation for 2 years.

Answer: C

Explanation:
Section: Protection of Information Assets


NEW QUESTION # 201
A structured walk-through test of a disaster recovery plan involves:

  • A. moving the systems to the alternate processing site and performing processing operations.
  • B. all employees who participate in the day-to-day operations coming together to practice executing the plan.
  • C. distributing copies of the plan to the various functional areas for review.
  • D. representatives from each of the functional areas coming together to go over the plan.

Answer: B

Explanation:
A structured walk-through test of a disaster recovery plan involves representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. Choice B is a simulation test to prepare and train the personnel who will be required to respond to disasters and disruptions. Choice C is a form of parallel testing to ensure that critical systems will perform satisfactorily in the alternate site. Choice D is a checklist test.


NEW QUESTION # 202
Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network?

  • A. Policies that result in instant dismissal if violated
  • B. The use of current antivirus software
  • C. Periodic checking of hard drives
  • D. The use of diskless workstations

Answer: C

Explanation:
Explanation/Reference:
Explanation:
The periodic checking of hard drives would be the most effective method of identifying illegal software packages loaded to the network. Antivirus software will not necessarily identify illegal software, unless the software contains a virus. Disk less workstations act as a preventive control and are not effective, since users could still download software from other than disk less workstations. Policies lay out the rules about loading the software, but will not detect the actual occurrence.


NEW QUESTION # 203
An IS auditor has been assigned to review IT structures and activities recently outsourced to various providers. Which of the following should the IS auditor determine FIRST?

  • A. That theSLA of each contract is substantiated by appropriate KPIs
  • B. That the contractual warranties of the providers support the business needs of the organization
  • C. That an audit clause is present in all contracts
  • D. That at contract termination, support is guaranteed by each outsourcer for new outsourcers

Answer: B

Explanation:
The complexity of IT structures matched by the complexity and interplay of responsibilities and warranties may affect or void the effectiveness of those warranties and the reasonable certainty that the business needs will be met. All other choices are important, but not as potentially dangerous as the interplay of the diverse and critical areas of the contractual responsibilities of the outsourcers.


NEW QUESTION # 204
......

New CISA Exam Dumps with High Passing Rate: https://www.testpassking.com/CISA-exam-testking-pass.html

CISA Certification Exam Dumps with 690 Practice Test Questions: https://drive.google.com/open?id=1crVioCzWUiasTREyMbK0ZgiYllfKGbpb

Related Articles

more
ISACA CISA Certification Practice Exam

Copyright © 2026 TestPassKing NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy