| Other CISA Certification Interview Questions |
| |
| Question | Asked @ | Answers |
| |
| An organization is considering installing a LAN in a site
under construction. If system availability is the main
concern, which of the following topologies is MOST appropriate?
A. Ring
B. Line
C. Star
D. Bus | | 1 |
| The development of an IS security policy is ultimately the
responsibility of the:
A. IS department.
B. security committee.
C. security administrator.
D. board of directors. | | 1 |
| Which of the following would be considered an essential
feature of a network management system?
A. A graphical interface to map the network topology
B. Capacity to interact with the Internet to solve the problems
C. Connectivity to a help desk for advice on difficult issues
D. An export facility for piping data to spreadsheets | | 1 |
| The PRIMARY objective of a firewall is to protect:
A. internal systems from exploitation by external threats.
B. external systems from exploitation by internal threats.
C. internal systems from exploitation by internal threats.
D. itself and attached systems against being used to attack
other systems. | | 1 |
| Which of the following network configuration options
contains a direct link between any two host machines?
A. Bus
B. Ring
C. Star
D. Completely connected (mesh) | | 1 |
| Structured programming is BEST described as a technique that:
A. provides knowledge of program functions to other
programmers via peer reviews.
B. reduces the maintenance time of programs by the use of
small-scale program modules.
C. makes the readable coding reflect as closely as possible
the dynamic execution of the program.
D. controls the coding and testing of the high-level
functions of the program in the development process. | | 1 |
| In planning an audit, the MOST critical step is the
identification of the: | | 4 |
| Which of the following concerns associated with the World
Wide Web would be addressed by a firewall?
A. Unauthorized access from outside the organization
B. Unauthorized access from within the organization
C. A delay in Internet connectivity
D. A delay in downloading using file transfer protocol (FTP) | | 1 |
| Which of the following is a benefit of a risk-based approach
to audit planning? Audit:
A. scheduling may be performed months in advance.
B. budgets are more likely to be met by the IS audit staff.
C. staff will be exposed to a variety of technologies.
D. resources are allocated to the areas of highest concern. | | 1 |
| While planning an audit, an assessment of risk should be
made to provide:
A. reasonable assurance that the audit will cover material
items.
B. definite assurance that material items will be covered
during the audit work.
C. reasonable assurance that all items will be covered by
the audit.
D. sufficient assurance that all items will be covered
during the audit work. | | 1 |
| The PRIMARY reason for replacing checks (cheques) with EFT
systems in the accounts payable area is to:
A. make the payment process more efficient.
B. comply with international EFT banking standards.
C. decrease the number of paper-based payment forms.
D. reduce the risk of unauthorized changes to payment
transactions. | | 1 |
| Which of the following is MOST likely to occur when a system
development project is in the middle of the
programming/coding phase?
A. Unit tests
B. Stress tests
C. Regression tests
D. Acceptance tests | | 1 |
| The IS department of an organization wants to ensure that
the computer files, used in the information processing
facility, are backed up adequately to allow for proper
recovery. This is a/an:
A. control procedure.
B. control objective.
C. corrective control.
D. operational control. | | 2 |
| Transmitting redundant information with each character or
frame to facilitate detection and correction of errors is
called:
A. feedback error control.
B. block sum check.
C. forward error control.
D. cyclic redundancy check. | | 1 |
| Which of the following network topologies yields the
GREATEST redundancy in the event of the failure of one node?
A. Mesh
B. Star
C. Ring
D. Bus | | 1 |
| Sign-on procedures include the creation of a unique user ID
and password. However, an IS auditor discovers that in many
cases the user name and password are the same. The BEST
control to mitigate this risk is to:
A. change the company's security policy.
B. educate users about the risk of weak passwords.
C. build in validations to prevent this during user creation
and password change.
D. require a periodic review of matching user ID and
passwords for detection and correction. | | 1 |
| An organization is proposing to install a single sign-on
facility giving access to all systems. The organization
should be aware that:
A. Maximum unauthorized access would be possible if a
password is disclosed.
B. User access rights would be restricted by the additional
security parameters.
C. The security administrator?s workload would increase.
D. User access rights would be increased. | | 1 |
| Which of the following controls would be the MOST
comprehensive in a remote access network with multiple and
diverse subsystems?
A. Proxy server
B. Firewall installation
C. Network administrator
D. Password implementation and administration | | 1 |
| Which of the following procedures would MOST effectively
detect the loading of illegal software packages onto a network?
A. The use of diskless workstations
B. Periodic checking of hard drives
C. The use of current antivirus software
D. Policies that result in instant dismissal if violated | | 1 |
| A data warehouse is:
A. object orientated.
B. subject orientated.
C. departmental specific.
D. a volatile databases. | | 1 |
| |
| For more CISA Certification Interview Questions Click Here |
Ask Questions on ANYTHING, that arise in your Daily Life at 
Site Map
