Download New Updated (July) Isaca CISA Actual Test 191-200

Ensurepass

 

QUESTION 191

Parity bits are a control used to validate:

 

A.

Data authentication

B.

Data completeness

C.

Data source

D.

Data accuracy

 

Correct Answer: B

Explanation:

Parity bits are a control used to validate data completeness.

 

 

QUESTION 192

An IS auditor usually places more reliance on evidence directly collected. What is an example of such evidence?

 

A.

Evidence collected through personal observation

B.

Evidence collected through systems logs provided by the organization’s security administration

C.

Evidence collected through surveys collected from internal staff

D.

Evidence collected through transaction reports provided by the organization’s IT administration

 

Correct Answer: A

Explanation:

An IS auditor usually places more reliance on evidence directly collected, such as through personal observation.

 

 

QUESTION 193

Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly?

 

A.

Field checks

B.

Control totals

C.

Reasonableness checks

D.

A before-and-after maintenance report

 

Correct Answer: D

Explanation:

A before-and-after maintenance report is the best answer because a visual review would provide the most positive verification that updating was proper.

 

 

QUESTION 194

Whenever an application is modified, what should be tested to determine the full impact of the change? Choose the BEST answer.

 

A.

Interface systems with other applications or systems

B.

The entire program, including any interface systems with other applications or systems

C.

All programs, including interface systems with other applications or systems

D.

Mission-critical functions and any interface systems with other applications or systems

 

Correct Answer: B

Explanation:

Whenever an application is modified, the entire program, including any interface systems with other applications or systems, should be tested to determine the full impact of the change.

 

 

QUESTION 195

Which of the following is best suited for searching for address field duplications?

 

A.

Text search forensic utility software

B.

Generalized audit software

C.

Productivity audit software

D.

Manual review

 

Correct Answer: B

Explanation:

Generalized audit software can be used to search for address field duplications.

 

 

QUESTION 196

Why is the WAP gateway a component warranting critical concern and review for the IS auditor when auditing and testing controls enforcing message confidentiality?

 

A.

WAP is often configured by default settings and is thus insecure.

B.

WAP provides weak encryption for wireless traffic.

C.

WAP functions as a protocol-conversion gateway for wireless TLS to Internet SSL.

D.

WAP often interfaces critical IT systems.

 

Correct Answer: C

Explanation:

Functioning as a protocol-conversion gateway for wireless TLS to Internet SSL, the WAP gateway is a component warranting critical concern and review for the IS auditor when auditing and testing controls that enforce message confidentiality.

 

 

QUESTION 197

Which of the following can degrade network performance? Choose the BEST answer.

 

A.

Superfluous use of redundant load-sharing gateways

B.

Increasing traffic collisions due to host congestion by creating new collision domains

C.

Inefficient and superfluous use of network devices such as switches

D.

Inefficient and superfluous use of network devices such as hubs

 

Correct Answer: D

Explanation:

Inefficient and superfluous use of network devices such as hubs can degrade network performance.

 

 

QUESTION 198

What protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business?

 

A.

Assigning copyright to the organization

B.

Program back doors

C.

Source code escrow

D.

Internal programming expertise

 

Correct Answer: C

Explanation:

Source code escrow protects an application purchaser’s ability to fix or change an application in case the application vendor goes out of business.

 

 

QUESTION 199

Which of the following is a good control for protecting confidential data residing on a PC?

 

A.

Personal firewall

B.

File encapsulation

C.

File encryption

D.

Host-based intrusion detection

 

Correct Answer: C

Explanation:

File encryption is a good control for protecting confidential data residing on a PC.

 

 

 

 

 

QUESTION 200

What is an effective countermeasure for the vulnerability of data entry operators potentially leaving their computers without logging off? Choose the BEST answer.

 

A.

Employee security awareness training

B.

Administrator alerts

C.

Screensaver passwords

D.

Close supervision

 

Correct Answer: C

Explanation:

Screensaver passwords are an effective control to implement as a countermeasure for the vulnerability of data entry operators potentially leaving their computers without logging off.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.