ISACA CISA Übungsprüfungen
Zuletzt aktualisiert am 07.09.2025- Prüfungscode: CISA
- Prüfungsname: Certified Information Systems Auditor
- Zertifizierungsanbieter: ISACA
- Zuletzt aktualisiert am: 07.09.2025
During a pre-deployment assessment, what is the BEST indication that a business case will lead to the achievement of business objectives?
- A . The business case reflects stakeholder requirements.
- B . The business case is based on a proven methodology.
- C . The business case passed a quality review by an independent party.
- D . The business case identifies specific plans for cost allocation.
An organization has replaced all of the storage devices at its primary data center with new higher-capacity units The replaced devices have been installed at the disaster recovery site to replace older units An IS auditor s PRIMARY concern would be whether
- A . the recovery site devices can handle the storage requirements
- B . hardware maintenance contract is in place for both old and new storage devices
- C . the procurement was in accordance with corporate policies and procedures
- D . the relocation plan has been communicated to all concerned parties
During an audit of a financial application, it was determined that many terminated users‘ accounts were not disabled.
Which of the following should be the IS auditor’s NEXT step?
- A . Perform substantive testing of terminated users‘ access rights.
- B . Perform a review of terminated users‘ account activity
- C . Communicate risks to the application owner.
- D . Conclude that IT general controls ate ineffective.
Which of the following would be MOST helpful to an IS auditor performing a risk assessment of an application programming interface (API) that feeds credit scores from a well-known commercial credit agency into an organizational system?
- A . A data dictionary of the transferred data
- B . A technical design document for the interface configuration
- C . The most recent audit report from the credit agency
- D . The approved business case for the API
Backup procedures for an organization’s critical data are considered to be which type of control?
- A . Directive
- B . Corrective
- C . Detective
- D . Compensating
Which of the following is the MOST significant risk when an application uses individual end-user accounts to access the underlying database?
- A . Multiple connects to the database are used and slow the process_
- B . User accounts may remain active after a termination.
- C . Users may be able to circumvent application controls.
- D . Application may not capture a complete audit trail.
The PRIMARY advantage of object-oriented technology is enhanced:
- A . efficiency due to the re-use of elements of logic.
- B . management of sequential program execution for data access.
- C . grouping of objects into methods for data access.
- D . management of a restricted variety of data types for a data object.
When building or upgrading enterprise cryptographic infrastructure, which of the following is the MOST critical requirement for growing business environments?
- A . Service discovery
- B . Backup and restoration capabilities
- C . Network throttling
- D . Scalable architectures and systems
Which of the following is MOST important to the effectiveness of smoke detectors installed in a data processing facility?
- A . Detectors trigger audible alarms when activated.
- B . Detectors have the correct industry certification.
- C . Detectors are linked to dry pipe fire suppression systems.
- D . Detectors are linked to wet pipe fire suppression systems.
To enable the alignment of IT staff development plans with IT strategy, which of the following should be done FIRST?
- A . Review IT staff job descriptions for alignment
- B . Develop quarterly training for each IT staff member.
- C . Identify required IT skill sets that support key business processes
- D . Include strategic objectives m IT staff performance objectives