Download New Updated (July) Isaca CISA Actual Test 111-120

Ensurepass

QUESTION 111

If an IS auditor observes that an IS department fails to use formal documented methodologies, policies, and standards, what should the auditor do? Choose the BEST answer.

 

A.

Lack of IT documentation is not usually material to the controls tested in an IT audit.

B.

The auditor should at least document the informal standards and policies. Furthermore, the IS auditor should create formal documented policies to be implemented.

C.

The auditor should at least document the informal standards and policies, and test for compliance. Furthermore, the IS auditor should recommend to management that formal documented policies be developed and implemented.

D.

The auditor should at least document the informal standards and policies, and test for compliance. Furthermore, the IS auditor should create formal documented policies to be implemented.

 

Correct Answer: C

Explanation:

If an IS auditor observes that an IS department fails to use formal documented methodologies, polici
es, and standards, the auditor should at least document the informal standards and policies, and test for compliance. Furthermore, the IS auditor should recommend to management that formal documented policies be developed and implemented.

 

 

QUESTION 112

Establishing data ownership is an important first step for which of the following processes? Choose the BEST answer.

 

A.

Assigning user access privileges

B.

Developing organizational security policies

C.

Creating roles and responsibilities

D.

Classifying data

 

Correct Answer: D

Explanation:

To properly implement data classification, establishing data ownership is an important first step.

 

 

QUESTION 113

What supports data transmission through split cable facilities or duplicate cable facilities?

 

A.

Diverse routing

B.

Dual routing

C.

Alternate routing

D.

Redundant routing

 

Correct Answer: A

Explanation:

Diverse routing supports data transmission through split cable facilities, or duplicate cable facilities.

 

 

QUESTION 114

Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same?

 

A.

A substantive test of program library controls

B.

A compliance test of program library controls

C.

A compliance test of the program compiler controls

D.

A substantive test of the program compiler controls

 

Correct Answer: B

Explanation:

A compliance test determines if controls are operating as designed and are being applied in a manner that complies with management policies and procedures. For example, if the IS auditor is concerned whether program library controls are working properly, the IS auditor might select a sample of programs to determine if the source and object versions are the same. In other words, the broad objective of any compliance test is to provide auditors with reasonable assurance that a particular control on which the auditor plans to rely is operating as the auditor perceived it in the preliminary evaluation.

 

 

QUESTION 115

If a database is restored from information backed up before the last system image, which of the following is recommended?

 

A.

The system should be restarted after the last transaction.

B.

The system should be restarted before the last transaction.

C.

The system should be restarted at the first transaction.

D.

The system should be restarted on the last transaction.

 

Correct Answer: B

Explanation:

If a database is restored from information backed up before the last system image, the system should be restarted before the last transaction because the final transaction must be reprocessed.

 

 

QUESTION 116

Who is responsible for the overall direction, costs, and timetables for systems- development projects?

 

A.

The project sponsor

B.

The project steering committee

C.

Senior management

D.

The project team leader

 

Correct Answer: B

Explanation:

The project steering committee is responsible for the overall direction, costs, and timetables for systems-development projects.

 

 

QUESTION 117

If an IS auditor observes that individual modules of a system perform correctly in development project tests, the auditor should inform management of the positive results and recommend further:

 

A.

Documentation development

B.

Comprehensive integration testing

C.

Full unit testing

D.

Full regression testing

 

Correct Answer: B

Explanation:

If an IS auditor observes that individual modules of a system perform correctly in development project tests, the auditor should inform management of the positive results and recommend further comprehensive integration testing.

 

 

QUESTION 118

Processing controls ensure that data is accurate and complete, and is processed only through which of the following? Choose the BEST answer.

 

A.

Documented routines

B.

Authorized routines

C.

Accepted routines

D.

Approved routines

 

Correct Answer: B

Explanation:

Processing controls ensure that data is accurate and complete, and is processed only through authorized routines.

 

 

QUESTION 119

What is a primary high-level goal for an auditor who is reviewing a system development project?

 

A.

To ensure that programming and processing environments are segregated

B.

To ensure that proper approval for the project has been obtained

C.

To ensure that business objectives are achieved

D.

To ensure that projects are monitored and administrated effectively

 

Correct Answer: C

Explanation:

A primary high-level goal for an auditor who is reviewing a systems- development project is to ensure that business objectives are achieved. This objective guides all other systems development objectives.

 

QUESTION 120

What is essential for the IS auditor to obtain a clear understanding of network management?

 

A.

Security administrator access to systems

B.

Systems logs of all hosts providing application services

C.

A graphical map of the network topology

D.

Administrator access to systems

 

Correct Answer: C

Explanation:

A graphical interface to the map of the network topology is essential for the IS auditor to obtain a clear understanding of network management.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.