Top 10 questions CISA for customers (11 to 20)

CISA Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

Get it now →

Product Description:
Exam Number/Code: CISA
Exam name: Isaca CISA
n questions with full explanations
Certification: Isaca Certification
Last updated on Global synchronizing

Free Certification Real IT CISA Exam pdf Collection

The Exambible Isaca examine instructions have been enjoying a more plus more natural part within candidates studying lifestyle, this save a lot of time for people avoid to go to the course. The Isaca CISA places include numerous simulator exercises concerns. The simulator exercises concerns are usually blended in to the Isaca CISA solutions in our Isaca CISA instructions. We all promise you that you receive the actual success deffinately providing you work tirelessly with our CISA certification examine supplies. The harder you practice the actual Exambible CISA places, the greater indicate it is possible to achieve. You can consider Isaca CISA guides or even the e-books everywhere and also whenever you would like in the cause of all of them are easily transportable. Exambible will assure the actual maximize great things about clients because of our high-quality products.

2016 Jun CISA practice

Q11. - (Topic 1) 

Who is ultimately accountable for the development of an IS security policy? 

A. The board of directors 

B. Middle management 

C. Security administrators 

D. Network administrators 

Answer: A 

Explanation: The board of directors is ultimately accountable for the development of an IS security policy. 


Q12. - (Topic 3) 

An IS auditor should be concerned when a telecommunication analyst: 

A. monitors systems performance and tracks problems resulting from program changes. 

B. reviews network load requirements in terms of current and future transaction volumes. 

C. assesses the impact of the network load on terminal response times and network data transfer rates. 

D. recommends network balancing procedures and improvements. 

Answer: A 

Explanation: 

The responsibilities of a telecommunications analyst include reviewing network load requirements in terms of current and future transaction volumes {choice B), assessing the impact of network load or terminal response times and network data transferrates (choice C), and recommending network balancing procedures and improvements (choice D). Monitoring systems performance and tracking problems as a result of program changes {choice A) would put the analyst in a self-monitoring role. 


Q13. - (Topic 1) 

What uses questionnaires to lead the user through a series of choices to reach a conclusion? Choose the BEST answer. 

A. Logic trees 

B. Decision trees 

C. Decision algorithms 

D. Logic algorithms 

Answer: B 

Explanation: Decision trees use questionnaires to lead the user through a series of choices to reach a conclusion. 


Q14. - (Topic 2) 

An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of the following findings should give the IS auditor the GREATEST concern? 

A. There are a number of external modems connected to the network. 

B. Users can install software on their desktops. 

C. Network monitoring is very limited. 

D. Many user IDs have identical passwords. 

Answer: D 

Explanation: 

Exploitation of a known user ID and password requires minimal technical knowledge and exposes the network resources to exploitation. The technical barrier is low and the impact can be very high; therefore, the fact that many user IDs have identical passwords represents the greatest threat. External modems represent a security risk, but exploitation still depends on the use of a valid user account. While the impact of users installing software on their desktops can be high {for example, due to the installation of Trojans or key-logging programs), the likelihood is not high due to the level of technical knowledge required to successfully penetrate the network. Although network monitoring can be a useful detective control, it will only detectabuse of user accounts in special circumstances and is, therefore, not a first line of defense. 


Q15. - (Topic 2) 

The final decision to include a material finding in an audit report should be made by the: 

A. audit committee. 

B. auditee's manager. 

C. IS auditor. 

D. CEO of the organization 

Answer: C 

Explanation: 

The IS auditor should make the final decision about what to include or exclude from the audit report. The other choices would limit the independence of the auditor. 


CISA

Up to date CISA dumps:

Q16. - (Topic 1) 

Parity bits are a control used to validate: 

A. Data authentication 

B. Data completeness 

C. Data source 

D. Data accuracy 

Answer: B 

Explanation: Parity bits are a control used to validate data completeness. 


Q17. - (Topic 4) 

An organization is implementing an enterprise resource planning (ERP) application to meet its business objectives. Of the following, who is PRIMARILY responsible for overseeing the project in order to ensure that it is progressing in accordance with the project plan and that it will deliver the expected results? 

A. Project sponsor 

B. System development project team (SPDT) 

C. Project steering committee 

D. User project team (UPT) 

Answer: C 

Explanation: 

A project steering committee that provides an overall direction for the enterprise resource planning (ERP) implementation project is responsible for reviewing the project's progress to ensure that it will deliver the expected results. A project sponsor is typically the senior manager in charge of the primary business unit that the application will support. The sponsor provides funding for the project and works closely with the project manager to define the critical success factors or metrics forthe project. The project sponsor is not responsible for reviewing the progress of the project. A system development project team (SDPT) completes the assigned tasks, works according to the instructions of the project manager and communicates with the user project team. The SDPT is not responsible for reviewing the progress of the project. A user project team (UPT) completes the assigned tasks, communicates effectively with the system development team and works according to the advice of the project manager. A UPT is not responsible for reviewing the progress of the project. 


Q18. - (Topic 1) 

An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to: 

A. Meet business objectives 

B. Enforce data security 

C. Be culturally feasible 

D. Be financially feasible 

Answer: A 

Explanation: An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to meet business objectives. 


Q19. - (Topic 1) 

Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them? 

A. A neural network 

B. Database management software 

C. Management information systems 

D. Computer assisted audit techniques 

Answer: A 

Explanation: 

A neural network will monitor and learn patterns, reporting exceptions for investigation. 


Q20. - (Topic 1) 

Which of the following is a benefit of using callback devices? 

A. Provide an audit trail 

B. Can be used in a switchboard environment 

C. Permit unlimited user mobility 

D. Allow call forwarding 

Answer: A 

Explanation: 

A callback feature hooks into the access control software and logs all authorized and unauthorized access attempts, permitting the follow-up and further review of potential breaches. Call forwarding (choice D) is a means of potentially bypassing callback control. By dialing through an authorized phone number from an unauthorized phone number, a perpetrator can gain computer access. This vulnerability can be controlled through callback systems that are available. 



see more http://www.pdfcollection.net/CISA-pdf.html
http://www.exambible.com/CISA-exam/