CISA Certified Information Systems Auditor Certification Practice Test

Batch control reconciliation is a _____________________ (fill in the blank) control for mitigating risk of inadequate segregation of duties.

Options are :

  • Preventative
  • Compensatory (Correct)
  • Detective
  • Corrective

Answer : Compensatory

What is essential for the IS auditor to obtain a clear understanding of network management?

Options are :

  • A graphical map of the network topology (Correct)
  • Security administrator access to systems
  • Systems logs of all hosts providing application services
  • Administrator access to systems

Answer : A graphical map of the network topology

Regarding digital signature implementation, which of the following answers is correct?

Options are :

  • A digital signature is created by the sender to prove message integrity by encrypting the message with the recipient's public key. Upon receiving the data, the recipient can decrypt the data using the recipient's public key
  • A digital signature is created by the sender to prove message integrity by encrypting the message with the sender's public key. Upon receiving the data, the recipient can decrypt the data using the recipient's private key.
  • A digital signature is created by the sender to prove message integrity by initially using a hashing algorithm to produce a hash value or message digest from the entire message contents. Upon receiving the data, the recipient can independently create it. (Correct)
  • A digital signature is created by the sender to prove message integrity by encrypting the message with the sender's private key. Upon receiving the data, the recipient can decrypt the data using the sender's public key

Answer : A digital signature is created by the sender to prove message integrity by initially using a hashing algorithm to produce a hash value or message digest from the entire message contents. Upon receiving the data, the recipient can independently create it.

Which of the following would provide the highest degree of server access control?

Options are :

  • A fingerprint scanner facilitating biometric access control (Correct)
  • Host-based intrusion detection combined with CCTV
  • Network-based intrusion detection
  • A mantrap-monitored entryway to the server room

Answer : A fingerprint scanner facilitating biometric access control

What does PKI use to provide some of the strongest overall control over data confidentiality, reliability, and integrity for Internet transactions?

Options are :

  • A combination of public-key cryptography and digital certificates (Correct)
  • A combination of public-key cryptography and two-factor authentication
  • A combination of public-key cryptography and digital certificates and two-factor authentication
  • A combination of digital certificates and two-factor authentication

Answer : A combination of public-key cryptography and digital certificates

What should an IS auditor do if he or she observes that project-approval procedures do not exist?

Options are :

  • Assign project leaders
  • Create project-approval procedures for future project implementations
  • Recommend to management that formal approval procedures be adopted and documented (Correct)
  • Advise senior management to invest in project-management training for the staff

Answer : Recommend to management that foclass>

Set 1 : Certified Information Systems Auditor
Set 2 : Certified Information Systems Auditor
Set 3 : Certified Information Systems Auditor
Set 4 : Certified Information Systems Auditor
Set 5 : Certified Information Systems Auditor
Set 6 : Certified Information Systems Auditor

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions