| Other CISA Certification Interview Questions |
|| Asked @
|Which of the following line media would provide the BEST
security for a telecommunication network?
A. Broad band network digital transmission
B. Baseband network
D. Dedicated lines
|A retail company recently installed data warehousing client
software at geographically diverse sites. Due to time zone
differences between the sites, updates to the warehouse are
not synchronized. Which of the following will be affected
A. Data availability
B. Data completeness
C. Data redundancy
D. Data inaccuracy
|When developing a risk management program, the FIRST
activity to be performed is a/an:
A. threats assessment.
B. classification of data.
C. inventory of assets.
D. criticality analysis.
|An IS auditor, in evaluating proposed biometric control
devices reviews the false rejection rates (FRRs), false
acceptance rates (FARs) and equal error rates (ERRs) of
three different devices. The IS auditor should recommend
acquiring the device having the:
A. least ERR.
B. most ERR.
C. least FRR but most FAR.
D. least FAR but most FRR.
|When reviewing an organization's logical access security,
which of the following would be of the MOST concern to an IS
A. Passwords are not shared.
B. Password files are encrypted.
C. Redundant logon IDs are deleted.
D. The allocation of logon IDs is controlled.
|The knowledge base of an expert system that uses
questionnaires to lead the user through a series of choices
before a conclusion is reached is known as:
B. decision trees.
C. semantic nets.
D. data flow diagrams.
|Which of the following normally would be the MOST reliable
evidence for an auditor?
A. A confirmation letter received from a third party
verifying an account balance
B. Assurance from line management that an application is
working as designed
C. Trend data obtained from World Wide Web (Internet) sources
D. Ratio analysis developed by the IS auditor from reports
supplied by line management
|Which of the following programs would a sound information
security policy MOST likely include to handle suspected
|When reviewing the implementation of a LAN the IS auditor
should FIRST review the:
A. node list.
B. acceptance test report.
C. network diagram.
D. user's list.
|What is a risk associated with attempting to control
physical access to sensitive areas, such as computer rooms,
through card keys, locks, etc.?
A. Unauthorized individuals wait for controlled doors to
open and walk in behind those authorized.
B. The contingency plan for the organization cannot
effectively test controlled access practices.
C. Access cards, keys, and pads can be easily duplicated
allowing easy compromise of the control.
D. Removing access for people no longer authorized is complex.
|The PRIMARY reason for replacing checks (cheques) with EFT
systems in the accounts payable area is to:
A. make the payment process more efficient.
B. comply with international EFT banking standards.
C. decrease the number of paper-based payment forms.
D. reduce the risk of unauthorized changes to payment
|If a database is restored using before-image dumps, where
should the process be restarted following an interruption?
A. Before the last transaction
B. After the last transaction
C. The first transaction after the latest checkpoint
D. The last transaction before the latest checkpoint
|For more CISA Certification Interview Questions Click Here |