Follow Our FB Page << >> for Daily Laughter. We Post Funny, Viral, Comedy Videos, Memes, Vines...

CISA Certification Interview Questions
Questions Answers Views Company eMail

An IS auditor finds that not all employees are aware of the enterprise's information security policy. The IS auditor should conclude that: A. this lack of knowledge may lead to unintentional disclosure of sensitive information. B. information security is not critical to all functions. C. IS audit should provide security training to the employees. D. the audit finding will cause management to provide continuous training to staff.

1 6550

Which of the following processes is the FIRST step in developing a business continuity and disaster recovery plan for an organization? A. Alternate site selection B. Business impact analysis C. Test procedures and frequency D. Information classification

1 4216

Which of the following techniques or tools would assist an IS auditor when performing a statistical sampling of financial transactions maintained in a financial management information system? A. Spreadsheets B. Parallel simulation C. Generalized audit software D. Regression testing

1 2693

Which of the following is a disadvantage of image processing? A. Verifies signatures B. Improves service C. Relatively inexpensive to use D. Reduces deterioration due to handling


3 11254

The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is: A. data integrity. B. authentication. C. nonrepudiation. D. replay protection.

1 3821

Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.

1 2862

Which of the following would BEST ensure continuity of a wide area network (WAN) across the organization? A. Built-in alternative routing B. Full system backup taken daily C. A repair contract with a service provider D. A duplicate machine alongside each server

1 7505

To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application

1 3949

When a systems development life cycle (SDLC) methodology is inadequate, the MOST serious immediate risk is that the new system will: A. be completed late. B. exceed the cost estimates. C. not meet business and user needs. D. be incompatible with existing systems.

1 6349

Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.

2 4184

The MOST likely explanation for the use of applets in an Internet application is that: A. it is sent over the network from the server. B. the server does not run the program and the output is not sent over the network. C. they improve the performance of both the web server and network. D. it is a JAVA program downloaded through the web browser and executed by the web server of the client machine.

1 5289

Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization? A. A program that deposits a virus on a client machine B. Applets recording keystrokes and, therefore, passwords C. Downloaded code that reads files on a client's hard drive D. Applets opening connections from the client machine

1 7958

An IS auditor performing a review of an application's controls would evaluate the: A. efficiency of the application in meeting the business processes. B. impact of any exposures discovered. C. business processes served by the application. D. the application's optimization.

1 8406

Reconfiguring which of the following firewall types will prevent inward downloading of files through the file transfer protocol (FTP)? A. Circuit gateway B. Application gateway C. Packet filter D. Screening router

Vizag Steel,

1 6343

An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning

2 3942

Post New CISA Certification Questions

Un-Answered Questions { CISA Certification }

purchase orders issued to vendors have been authorized as per the authorization matrix


Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months


E-mail message authenticity and confidentiality is BEST achieved by signing the message using the: