| Other CISA Certification Interview Questions |
|| Asked @
|An independent software program that connects two otherwise
separate applications sharing computing resources across
heterogeneous technologies is known as:
C. application software.
D. embedded systems.
|A PRIMARY benefit derived from an organization employing
control self-assessment (CSA) techniques is that it:
A. can identify high-risk areas that might need a detailed
B. allows IS auditors to independently assess risk.
C. can be used as a replacement for traditional audits.
D. allows management to relinquish responsibility for control.
|During an audit, an IS auditor learns that lengthy and
complex passwords are required to reach the network via
modem. These passwords were established by an outside
provider. The communications software allows users to select
a ?remember password? option. What should the IS auditor's
PRIMARY recommendation be?
A. Disable the save password option and have users record
B. Request that the provider change the dial-in password to
a group password.
C. Establish and enforce a process to have users change
D. Allow users to change their passwords to something less
|Which of the following should be of MOST concern to an IS
A. Lack of reporting of a successful attack on the network
B. Failure to notify police of an attempted intrusion
C. Lack of periodic examination of access rights
D. Lack of notification to the public of an intrusion
|IS auditors reviewing access control should review data
classification to ensure that encryption parameters are
|An IS auditor discovers that an organization?s business
continuity plan provides for an alternate processing site
that will accommodate fifty percent of the primary
processing capability. Based on this, which of the following
actions should the IS auditor take?
A. Do nothing, because generally, less than twenty-five
percent of all processing is critical to an organization?s
survival and the backup capacity, therefore is adequate.
B. Identify applications that could be processed at the
alternate site and develop manual procedures to backup other
C. Ensure that critical applications have been identified
and that the alternate site could process all such applications.
D. Recommend that the information processing facility
arrange for an alternate processing site with the capacity
to handle at least seventy-five percent of normal processing.
|The MOST effective method of preventing unauthorized use of
data files is:
A. automated file entry.
B. tape librarian.
C. access control software.
D. locked library.
|Which of the following functions, if combined, would be the
GREATEST risk to an organization?
A. Systems analyst and database administrator
B. Quality assurance and computer operator
C. Tape librarian and data entry clerk
D. Application programmer and tape librarian
|The PRIMARY advantage of a continuous audit approach is that it:
A. does not require an IS auditor to collect evidence on
system reliability while processing is taking place.
B. requires the IS auditor to review and follow up
immediately on all information collected.
C. can improve system security when used in time-sharing
environments that process a large number of transactions.
D. does not depend on the complexity of an organization's
|Which of the following is a control over component
A. Restricting operator access and maintaining audit trails
B. Monitoring and reviewing system engineering activity
C. Providing network redundancy
D. Establishing physical barriers to the data transmitted
over the network
|Which of the following would be of MOST concern to an IS
auditor reviewing a VPN implementation? Computers on the
network that are located:
A. on the enterprise's facilities.
B. at the backup site.
C. in employees' homes.
D. at the enterprise's remote offices.
|The FIRST step in developing a business continuity plan
(BCP) is to:
A. classify the importance of systems.
B. establish a disaster recovery strategy.
C. determine the critical recovery time period.
D. perform a risk ranking.
|For more CISA Certification Interview Questions Click Here |