| Other CISA Certification Interview Questions |
|| Asked @
|Which of the following is a continuity plan test that uses
actual resources to simulate a system crash to
cost-effectively obtain evidence about the plan's effectiveness?
A. Paper test
B. Post test
C. Preparedness test
|An IS auditor evaluates the test results of a modification
to a system that deals with payment computation. The auditor
finds that 50 percent of the calculations do not match
predetermined totals. Which of the following would MOST
likely be the next step in the audit?
A. Design further tests of the calculations that are in error.
B. Identify variables that may have caused the test results
to be inaccurate.
C. Examine some of the test cases to confirm the results.
D. Document the results and prepare a report of findings,
conclusions and recommendations.
|Transmitting redundant information with each character or
frame to facilitate detection and correction of errors is
A. feedback error control.
B. block sum check.
C. forward error control.
D. cyclic redundancy check.
|Which of the following procedures would BEST determine
whether adequate recovery/restart procedures exist?
A. Reviewing program code
B. Reviewing operations documentation
C. Turning off the UPS, then the power
D. Reviewing program documentation
|To determine which users can gain access to the privileged
supervisory state, which of the following should an IS
A. System access log files
B. Enabled access control software parameters
C. Logs of access control violations
D. System configuration files for control options used
|The PRIMARY objective of a logical access controls review is to:
A. review access controls provided through software.
B. ensure access is granted per the organization's authorities.
C. walkthrough and assess access provided in the IT environment.
D. provide assurance that computer hardware is protected
adequately against abuse.
|An existing system is being extensively enhanced by
extracting and reusing design and program components. This
is an example of:
A. reverse engineering.
C. software reuse.
|The method of routing traffic through split cable facilities
or duplicate cable facilities is called:
A. alternative routing.
B. diverse routing.
D. circular routing.
|Which of the following functions should be performed by the
application owners to ensure an adequate segregation of
duties between IS and end users?
A. System analysis
B. Authorization of access to data
C. Application programming
D. Data administration
|Which of the following is a feature of an intrusion
detection system (IDS)?
A. Gathering evidence on attack attempts
B. Identifying weakness in the policy definition
C. Blocking access to particular sites on the Internet
D. Preventing certain users from accessing specific servers
|The MOST likely explanation for the use of applets in an
Internet application is that:
A. it is sent over the network from the server.
B. the server does not run the program and the output is not
sent over the network.
C. they improve the performance of both the web server and
D. it is a JAVA program downloaded through the web browser
and executed by the web server of the client machine.
|The most common problem in the operation of an intrusion
detection system (IDS) is:
A. the detection of false positives.
B. receiving trap messages.
C. reject error rates.
D. denial-of-service attacks.
|For more CISA Certification Interview Questions Click Here |