Share Isaca CISA exam questions and answers from Lead4Pass latest updated CISA dumps free of charge.
Get the latest uploaded CISA dumps pdf from google driver online. To get the full Isaca CISA dumps PDF or dumps
VCE visit: (Q&As: 3257). all Isaca CISA exam questions have been updated, the answer has been corrected! Make sure your exam questions are real and effective to help you pass your first exam!

[Isaca CISA Dumps pdf] Latest Isaca CISA Dumps PDF collected by Lead4pass Google Drive:

Latest update Isaca CISA exam questions and answers online practice test

In planning an audit, the MOST critical step is the identification of the:
A. areas of high risk.
B. skill sets of the audit staff.
C. test steps in the audit.
D. time allotted for the audit.
Correct Answer: A
When designing an audit plan, it is important to identify the areas of highest risk to determine the areas to be audited.
The skill sets of the audit staff should have been considered before deciding and selecting the audit. Test steps for the
audit is not as critical as identifying the areas of risk, and the time allotted for an audit is determined by the areas to be
audited, which are primarily selected based on the identification of risks.


Attribute sampling is BEST suited to estimate:
A. compliance with approved procedures.
B. the true monetary value of a population.
C. the total error amount in the population.
D. whether a recorded balance is within limits of materiality.
Correct Answer: D


Following best practices, formal plans for implementation of new information systems are developed during the:
A. development phase.
B. design phase.
C. testing phase.
D. deployment phase.
Correct Answer: B
Planning for implementation should begin well in advance of the actual implementation date. Formal implementation of the plan should be constructed in the design phase and revised as the development progresses.

Which of the following cryptography options would increase overhead/cost?
A. The encryption is symmetric rather than asymmetric.
B. A long asymmetric encryption key is used.
C. The hash is encrypted rather than the message.
D. A secret key is used.
Correct Answer: B
Computer processing time is increased for longer asymmetric encryption keys, and the increase may be
disproportionate. For example, one benchmark showed that doubling the length of an RSA key from 512 bits to 1,024
bits caused the decrypt time to increase nearly six-fold. An asymmetric algorithm requires more processing time than
symmetric algorithms. A hash is shorter than the original message; therefore, a smaller overhead is required if the hash
is encrypted rather than the message. The use of a secret key, as the asymmetric encryption key, is generally small and used
for the purpose of encrypting user data.


An IS auditor performing a review of the backup processing facilities should be MOST concerned that:
A. adequate fire insurance exists.
B. regular hardware maintenance is performed.
C. offsite storage of transaction and master files exists.
D. backup processing facilities are fully tested.
Correct Answer: C
Adequate fire insurance and fully tested backup processing facilities are important elements for recovery, but without the
offsite storage of transaction and master files, it is generally impossible to recover. Regular hardware maintenance does
not relate to recovery.


While reviewing an organization\\’s business continuity plan (BCP), an IS auditor observes that a recently developed
application is not included. The IS auditor should:
A. ensure that the criticality of the application is determined.
B. ignore the observation as the application is not mission-critical.
C. include in the audit findings that the BCP is incomplete.
D. recommend that the application be incorporated in the BCP.
Correct Answer: A

To determine if unauthorized changes have been made to the production code the BEST audit procedure is to:
A. examine the change control system records and trace them forward to object code files.
B. review access control permissions operating within the production program libraries.
C. examine object code to find instances of changes and trace them back to change control records.
D. reviews change-approved designations established within the change control system.
Correct Answer: C
The procedure of examining object code files to establish instances of code changes and tracing these back to change
control system records is a substantive test that directly addresses the risk of unauthorized code changes. The other
choices are valid procedures to apply in a change control audit but they do not directly address the risk of unauthorized
code changes.


Which of the following type of an IDS resides on important systems like database, critical servers and monitors various
internal resources of an operating system?
A. Signature-based IDS
B. Host-based IDS
C. Network-based IDS
D. Statistical based IDS
Correct Answer: B
Host-Based IDS resides on important systems like database, critical servers, and monitors various internal resources of
an operating system.
Also, you should know the below-mentioned categories and types of IDS for the CISA exam
An IDS works in conjunction with routers and firewalls by monitoring network usage anomalies. Broad categories of IDS
Network-Based IDS
Host-Based IDS
Network-Based IDS
They identify attacks within the monitored network and issue a warning to the operator.
If a network-based IDS is placed between the Internet and the firewall, it will detect all the attack attempts
whether or not they enter the firewall Network-Based IDS are blinded when dealing with encrypted traffic
Host-Based IDS
They are configured for a specific environment and will monitor various internal resources of the operating
system to warn of a possible attack. They can detect the modification of executable programs, detect the
detection of files and issue a warning when an attempt is made to use a privileged account.
They can monitor traffic after it is decrypted and they supplement the Network-Based IDS.
Types of IDS include:
Statistical Based IDS ? This system needs a comprehensive definition of the known and expected behavior
of system
Neural Network? An IDS with this feature monitors the general patterns of activity and traffic on the
network and creates a database. This is similar to the statistical model but with added self-learning
Signature Based IDS ? These IDS systems protect against detected intrusion patterns. The intrusive pattern
they can identify are stored in the form of a signature.
The following were incorrect answers:
The other types of IDS mentioned in the options do not reside on important systems like database and
critical servers
CISA review manual 2014 Page number 346 and 347


The logical exposure associated with the use of a checkpoint restart procedure is:
A. denial of service.
B. an asynchronous attack
C. wiretapping.
D. computer shutdown.
Correct Answer: B
Asynchronous attacks are operating system-based attacks. A checkpoint restart is a feature that stops a program at
specified intermediate points for later restart in an orderly manner without losing data at the checkpoint. The operating
system saves a copy of the computer programs and data in their current state as well as several system parameters
describing the model and security level of the program at the time of the stoppage. An asynchronous attack occurs when an
individual with access to this information is able to gain access to the checkpoint restart copy of the system parameters
and change those parameters such that upon restart the program would function at a higher-priority security level.


An IS auditor has identified the lack of an authorization process for users of an application. The IS auditor\\’s main
concern should be that:
A. more than one individual can claim to be a specific user.
B. there is no way to limit the functions assigned to users.
C. user accounts can be shared.
D. users have a need-to-know privilege.
Correct Answer: B
Without an appropriate authorization process, it will be impossible to establish functional limits and accountability. The
risk that more than one individual can claim to be a specific user is associated with the authentication processes, rather
than with authorization. The risk that user accounts can be shared is associated with identification processes, rather
than with authorization. The need-to-know basis is the best approach to assigning privileges during the authorization


A development team has designed a new application and incorporated best practices for secure coding. Prior to launch,
which of the following is the IS auditor\\’s BEST recommendation to mitigate the associated security risk?
A. User acceptance testing
B. Unit testing
C. Integration testing
D. Penetration testing
Correct Answer: A


Which of the following is the MAIN purpose of an information security management system?
A. To enhance the impact of reports used to monitor information security incidents
B. To reduce the frequency and impact of information security incidents
C. To identify and eliminate the root causes of information security incidents
D. To keep information security policies and procedures up-to-date
Correct Answer: B


Which of the following MOST effectively prevent internal users from modifying sensitive data?
A. Network segmentation
B. Multi-factor authentication
C. Acceptable use policies
D. Role-based access controls
Correct Answer: D

For the full Isaca CISA exam dumps from Lead4pass CISA Dumps pdf or Dumps VCE visit: (Q&As: 3257 dumps)

Get free Isaca CISA dumps PDF online: