| Other CISA Certification Interview Questions |
| |
| Question | Asked @ | Answers |
| |
| Which of the following LAN physical layouts is subject to
total loss if one device fails?
A. Star
B. Bus
C. Ring
D. Completely connected | | 1 |
| Which of the following is MOST directly affected by network
performance monitoring tools?
A. Integrity
B. Availability
C. Completeness
D. Confidentiality | | 2 |
| When auditing the requirements phase of a system development
project, an IS auditor would:
A. assess the adequacy of audit trails.
B. identify and determine the criticality of the need.
C. verify cost justifications and anticipated benefits.
D. ensure that control specifications have been defined. | | 1 |
| Which of the following is the PRIMARY safeguard for securing
software and data within an information processing facility?
A. Security awareness
B. Reading the security policy
C. Security committee
D. Logical access controls | | 1 |
| A decision support system (DSS):
A. is aimed at solving highly structured problems.
B. combines the use of models with nontraditional data
access and retrieval functions.
C. emphasizes flexibility in the decision making approach of
users.
D. supports only structured decision-making tasks. | | 1 |
| Capacity monitoring software is used to ensure:
A. maximum use of available capacity.
B. that future acquisitions meet user needs.
C. concurrent use by a large number of users.
D. continuity of efficient operations. | | 2 |
| An offsite information processing facility:
A. should have the same amount of physical access
restrictions as the primary processing site.
B. should be easily identified from the outside so that in
the event of an emergency it can be easily found.
C. should be located in proximity to the originating site so
that it can quickly be made operational.
D. need not have the same level of environmental monitoring
as the originating site since this would be cost prohibitive. | | 1 |
| An organization having a number of offices across a wide
geographical area has developed a disaster recovery plan
(DRP). Using actual resources, which of the following is the
MOST cost-effective test of the DRP?
A. Full operational test
B. Preparedness test
C. Paper test
D. Regression test | | 1 |
| Which of the following business recovery strategies would
require the least expenditure of funds?
A. Warm site facility
B. Empty shell facility
C. Hot site subscription
D. Reciprocal agreement | | 1 |
| Which of the following is the MOST important objective of
data protection?
A. Identifying persons who need access to information
B. Ensuring the integrity of information
C. Denying or authorizing access to the IS system
D. Monitoring logical accesses | | 1 |
| An organization is moving its application maintenance
in-house from an outside source. Which of the following
should be the main concern of an IS auditor?
A. Regression testing
B. Job scheduling
C. User manuals
D. Change control procedures | | 2 |
| Which of the following types of transmission media provide
the BEST security against unauthorized access?
A. Copper wire
B. Twisted pair
C. Fiber-optic cables
D. Coaxial cables | | 1 |
| In a risk-based audit approach, an IS auditor should FIRST
complete : | | 3 |
| Data edits are an example of:
A. preventive controls.
B. detective controls.
C. corrective controls.
D. compensating controls. | | 1 |
| The risk of an IS auditor using an inadequate test procedure
and concluding that material errors do not exist when, in
fact, they exist is: | | 3 |
| An organization provides information to its supply-chain
partners and customers through an extranet infrastructure.
Which of the following should be the GREATEST concern to an
IS auditor reviewing the firewall security architecture?
A. A secure socket layer (SSL) has been implemented for user
authentication and remote administration of the firewall.
B. On the basis of changing requirements, firewall policies
are updated.
C. Inbound traffic is blocked unless the traffic type and
connections have been specifically permitted.
D. The firewall is placed on top of the commercial operating
system with all installation options. | | 1 |
| Which of the following is the MOST fundamental step in
effectively preventing a virus attack?
A. Executing updated antivirus software in the background on
a periodic basis
B. Buying standard antivirus software, which is installed on
all servers and workstations
C. Ensuring that all software is checked for a virus in a
separate PC before being loaded into the production environment
D. Adopting a comprehensive antivirus policy and
communicating it to all users | | 1 |
| Of the following, the MAIN purpose for periodically testing
offsite backup facilities is to:
A. ensure the integrity of the data in the database.
B. eliminate the need to develop detailed contingency plans.
C. ensure the continued compatibility of the contingency
facilities.
D. ensure that program and system documentation remains current. | | 1 |
| Which of the following procedures would BEST determine
whether adequate recovery/restart procedures exist?
A. Reviewing program code
B. Reviewing operations documentation
C. Turning off the UPS, then the power
D. Reviewing program documentation | | 1 |
| Connection-oriented protocols in the TCP/IP suite are
implemented in the:
A. transport layer.
B. application layer.
C. physical layer.
D. network layer. | | 1 |
| |
| For more CISA Certification Interview Questions Click Here |
To Refer this Site to Your Friends 
Site Map