CISA-mock Test - Domain 4 (100 Questions

1
CISA-mock Test - Domain 4 (100

Questions)
Questions and Answers
 1.
What is Recovery Time Objective (RTO)?
Discuss
o A.
A. The extent of acceptable system downtime.
o B.
B. The time period the crisis is expected to last
o C.
C. The extent of acceptable data loss.
o D.
D. The time required for the crisis management team to respond
 2.
ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

2
What level of Recovery Time Objective (RTO) will a critical monitoring system
have?
Discuss
o A.
A. Very high RTO
o B.
B. Very low RTO, close to zero
o C.
C. Close to a year
o D.
D. Medium level of RTO, close to 50 %
 3.
What is Recovery Point Objective (RPO)?
Discuss
o A.
A. The extent of acceptable system downtime.
o B.
B. The time period the crisis is expected to last
o C.
C. The extent of acceptable data loss.
o D.
D. The date by which lost data can be recovered by Recovery team
 4.
A Recovery Point Objective (RPO) will be deemed critical if it is?
Discuss
o A.
A. Small

3
o B.
B. Large
o C.
C. Medium
o D.
D. Large than industry standards
 5.
If the Recovery Point Objective (RPO) is close to zero, how will the overall
cost of maintaining the environment for recovery be?
o A.
A. High
o B.
B. Low
o C.
C. Medium
o D.
D. There is no relation between RPO and cost.
 6.
A hot site should be implemented as a recovery strategy when the:
Discuss
o A.
A. recovery time objective (RTO) is low.
o B.
B. recovery point objective (RPO) is high.
o C.
C. recovery time objective (RTO) is high.

4
o D.
D. disaster tolerance is high.
 7.
In which of the following situations is it MOST appropriate to implement data
mirroring as the recovery strategy?
o A.
A. Disaster tolerance is high.
o B.
B. Recovery time objective is high.
o C.
C. Recovery point objective is low.
o D.
D. Recovery point objective is high.
 8.
Following is the RTO and RPO of a financial system: RTO-96 hours RPO-0
hours (No data loss) Which of the following is the MOST cost-effective
solution?
Discuss
o A.
A. A hot site that can be operational in two hours with data backup every 2
hours.
o B.
B. Reciprocal agreement for alternate site with data backup every 2 hours.
o C.
C. Synchronous backup of the data and standby active systems in a hot site
o D.
D. Synchronous backup of the data in a warm site that can be operational in

48 hours

5
 9.
A hot site should be implemented as a recovery strategy when the:
o A.
A. disaster tolerance is low.
o B.
o C.
o D.
D. disaster tolerance is high.
 10.
An organisation has done provision for hot sit as an alternate arrangement.
An advantage of the use of hot sites as a backup alternative is that:
o A.
A. cost of maintaining the environment is low.
o B.
B. hot sites can be arranged in or near primary site.
o C.
C. hot sites can be made ready for operation within a short period of time.
o D.
D. system compatibility is not an requirement in case of hot site.
 11.
For recovering a non-critical system, which of the following is appropriate
option ?
Discuss
o A.
A. Cold Site

6
o B.
B. Mirrored Site
o C.
C. Hot site
o D.
D. Warm site
 12.
Which of the following situation is MOST suitable for implementation of hot
site as a recovery strategy?
Discuss
o A.
A. disaster tolerance is high
o B.
o C.
o D.
D. disaster tolerance is low
 13.
An alternate recovery site with space and basic infrastructure like electrical
wiring, air-conditioning and flooring, but no computer or communications
equipment is a:
Discuss
o A.
A. cold site.
o B.
B. warm site.
o C.

7
C. hot site
o D.
D. mirrored site
 14.
What is GREATEST concern when implementing warm site as a recovery site
?
o A.
A. Timely availability of hardware
o B.
B. Availability of heat, humidity and air conditioning equipment
o C.
C. Adequacy of electrical power connections
o D.
D. Space arrangement.
 15.
Which among the following will have lowest expenditure in terms of recovery
arrangement?
Discuss
o A.
A. Warm site facility
o B.
B. Cold Site
o C.
C. Hot site
o D.
D. Reciprocal agreement
 16.

8
In which of the following recovery processing site, only arrangement for

electricity and HVAC is available?
o A.
A. Cold site
o B.
B. Mirrored site
o C.
C. Hot site
o D.
D. Warm site
 17.
Which of the following is the GREATEST concern when an organization's
backup facility is at a hot site?
Discuss
o A.
A. Timely availability of hardware
o B.
B. Availability of heat, humidity and air conditioning equipment
o C.
C. Adequacy of electrical power connections
o D.
D. Requirement of updated database.
 18.
The MOST significant security concern when using flash memory (e.g., USB
removable disk) is that the:
Discuss
o A.
A. contents are highly volatile.

9
o B.
B. data cannot be backed up.
o C.
C. data can be copied
o D.
D. device may not be compatible with other peripherals.
 19.
In a LAN environment, which of the following minimizes the risk of data
corruption during transmission?
Discuss
o A.
A. Using end-to-end encryption for data communication
o B.
B. Using separate conduits for electrical and data cables
o C.
C. Using check sums for checking the corruption of data
o D.
D. Connecting the terminals using a star topology
 20.
Which of the following is an operating system access control function?
Discuss
o A.
A. Logging user activities
o B.
B. Logging data communication access activities
o C.
C. Verifying user authorization at the field level

10
o D.
D. Changing data files
 21.
Which of the following types of transmission media provide the BEST security
against unauthorized access?
Discuss
o A.
A. Copper wire
o B.
B. Twisted pair
o C.
C. Fiber-optic cables
o D.
D. Coaxial cables
 22.
Which of the following exposures associated with the spooling of sensitive
reports for offline printing should an IS auditor consider to be the MOST
serious?
Discuss
o A.
A. Sensitive data can be read by operators.
o B.
B. Data can be amended without authorization.
o C.
C. Unauthorized report copies can be printed
o D.
D. Output can be lost in the event of system failure.

11
 23.
For an online transaction processing system, transactions per second is a
measure of:
Discuss
o A.
A. throughput.
o B.
B. response time.
o C.
C. turnaround time.
o D.
D. uptime.
 24.
Which of the following would enable an enterprise to provide its business
partners access to its intranet (i.e., extranet) across the Internet?
Discuss
o A.
A. Virtual private network
o B.
B. Client-server
o C.
C. Dial-in access
o D.
D. Network service provider
 25.
In a web server, a common gateway interface (CGI) is MOST often used as
a(n):
Discuss

12
o A.
A. consistent way for transferring data to the application program and back to
the user.
o B.
B. computer graphics imaging method for movies and TV.
o C.
C. graphic user interface for web design.
o D.
D. interface to access the private gateway domain.
 26.
A programmer maliciously modified a production program to change data and
then restored the original code. Which of the following would MOST effectively
detect the malicious activity?
Discuss
o A.
A. Comparing source code
o B.
B. Reviewing system log files
o C.
C. Comparing object code
o D.
D. Reviewing executable and source code integrity
 27.
In a small organization, an employee performs computer operations and,
when the situation demands, program modifications. Which of the following
should the IS auditor recommend?
Discuss
o A.
A. Automated logging of changes to development libraries

13
o B.
B. Additional staff to provide separation of duties
o C.
C. Procedures that verify that only approved program changes are

implemented
o D.
D. Access controls to prevent the operator from making program

modifications
 28.
Which of the following propagation problems do wired and wireless
transmissions have in common?
Discuss
o A.
A. Cross-talk
o B.
B. Shadow zones
o C.
C. Attenuation
o D.
D. Multipath interference
 29.
Which of the following LAN physical layouts is subject to total loss if one
device fails?
Discuss
o A.
A. Star
o B.
B. Bus

14
o C.
C. Ring
o D.
D. Completely connected
 30.
Which of the following is the MOST effective means of determining which
controls are functioning properly in an operating system?
Discuss
o A.
A. Consulting with the vendor
o B.
B. Reviewing the vendor installation guide
o C.
C. Consulting with the system programmer
o D.
D. Reviewing the system generation parameters
 31.
By establishing a network session through an appropriate application, a
sender transmits a message by breaking it into packets, but the packets may
reach the receiver out of sequence. Which OSI layer addresses the out-of-
sequence message through segment sequencing?
Discuss
o A.
A. Network layer
o B.
B. Session layer
o C.
C. Application layer

15
o D.
D. Transport layer
 32.
Which of the following procedures would MOST effectively detect the loading
of illegal software packages onto a network?
Discuss
o A.
A. The use of diskless workstations
o B.
B. Periodic checking of hard drives
o C.
C. The use of current antivirus software
o D.
D. Policies that result in instant dismissal if violated
 33.
A benefit of quality of service (QoS) is that the:
Discuss
o A.
A. entire network's availability and performance will be significantly improved
o B.
B. telecom carrier will provide the company with accurate service-level

compliance reports.
o C.
C. participating applications will have guaranteed service levels.
o D.
D. communications link will be supported by security controls to perform

secure online transactions.
 34.

16
An installed Ethernet cable run in an unshielded twisted pair (UTP) network is

more than 100 meters long. Which of the following could be caused by the
length of the cable?
Discuss
o A.
A. Electromagnetic interference (EMI)
o B.
B. Cross-talk
o C.
C. Dispersion
o D.
D. Attenuation
 35.
Which of the following is the BEST control to detect internal attacks on IT
resources?
Discuss
o A.
A. Checking of activity logs
o B.
B. Reviewing firewall logs
o C.
C. Implementing a security policy
o D.
D. Implementing appropriate segregation of duties
 36.
One of the purposes of library control software is to allow:
Discuss
o A.

17
A. programmers access to production source and object libraries.
o B.
B. batch program updating.
o C.
C. operators to update the control library with the production version before
testing is completed
o D.
D. read-only access to source code.
 37.
The BEST way to minimize the risk of communication failures in an e-
commerce environment would be to use:
Discuss
o A.
A. compression software to minimize transmission duration.
o B.
B. functional or message acknowledgments.
o C.
C. a packet-filtering firewall to reroute messages.
o D.
D. leased asynchronous transfer mode lines.
 38.
Which of the following controls would be MOST effective in ensuring that
production source code and object code are synchronized?
Discuss
o A.
A. Release-to-release source and object comparison reports
o B.
B. Library control software restricting changes to source code

18
o C.
C. Restricted access to source code and object code
o D.
D. Date and time-stamp reviews of source and object code
 39.
IS management has recently informed the IS auditor of its decision to disable
certain referential integrity controls in the payroll system to provide users with
a faster report generator. This will MOST likely increase the risk of:
Discuss
o A.
A. data entry by unauthorized users.
o B.
B. a nonexistent employee being paid
o C.
C. an employee receiving an unauthorized raise.
o D.
D. duplicate data entry by authorized users.
 40.
Which of the following is MOST directly affected by network performance
monitoring tools?
Discuss
o A.
A. Integrity
o B.
B. Availability
o C.
C. Completeness
o D.

19
D. Confidentiality
 41.
The database administrator has decided to disable certain normalization
controls in the database management system (DBMS) software to provide
users with increased query performance. This will MOST likely increase the
risk of:
Discuss
o A.
A. loss of audit trails.
o B.
B. redundancy of data.
o C.
C. loss of data integrity.
o D.
D. unauthorized access to data.
 42.
Which of the following network components is PRIMARILY set up to serve as
a security measure by preventing unauthorized traffic between different
segments of the network?
Discuss
o A.
A. Firewalls
o B.
B. Routers
o C.
C. Layer 2 switches
o D.
D. VLANs

20
 43.
In a client-server system, which of the following control techniques is used to
inspect activity from known or unknown users?
Discuss
o A.
A. Diskless workstations
o B.
B. Data encryption techniques
o C.
C. Network monitoring devices
o D.
D. Authentication systems
 44.
The most likely error to occur when implementing a firewall is:
o A.
A. incorrectly configuring the access lists.
o B.
B. compromising the passwords due to social engineering.
o C.
C. connecting a modem to the computers in the network.
o D.
D. inadequately protecting the network and server from virus attacks.
 45.
IT operations for a large organization have been outsourced. An IS auditor
reviewing the outsourced operation should be MOST concerned about which
of the following findings?
Discuss
o A.

21
A. The outsourcing contract does not cover disaster recovery for the
outsourced IT operations.
o B.
B. The service provider does not have incident handling procedures.
o C.
C. Recently a corrupted database could not be recovered because of library

management problems.
o D.
D. Incident logs are not being reviewed
 46.
A network diagnostic tool that monitors and records network information is
a(n):
Discuss
o A.
A. online monitor.
o B.
B. downtime report.
o C.
C. help desk report.
o D.
D. protocol analyzer.
 47.
In regard to moving an application program from the test environment to the
production environment, the BEST control would be provided by having the:
Discuss
o A.
A. application programmer copy the source program and compiled object

module to the production libraries.
o B.

22
B. application programmer copy the source program to the production

libraries and then have the production control group compile the program.
o C.
C. production control group compile the object module to the production

libraries using the source program in the test environment.
o D.
D. production control group copy the source program to the production

libraries and then compile the program. compile the program.
 48.
To evaluate the referential integrity of a database, an IS auditor should review
the:
Discuss
o A.
A. composite keys.
o B.
B. indexed fields.
o C.
C. physical schema.
o D.
D. foreign keys.
 49.
When reviewing a firewall, which of the following should be of MOST concern
to an IS auditor?
Discuss
o A.
A. A well-defined security policy
o B.
B Implementation of a firewall with the latest and most secure algorithm
o C.

23
C. The effectiveness of the firewall in enforcing the security policy
o D.
D. The security of the platform in which the firewall resides
 50.
Which of the following controls would provide the GREATEST assurance of
database integrity?
Discuss
o A.
A. Audit log procedures
o B.
B. Table link/reference checks
o C.
C. Query/table access time checks
o D.
D. Rollback and rollforward database features
 51.
Which of the following protocols would be involved in the implementation of a
router and an interconnectivity device monitoring system?
Discuss
o A.
A. Simple Network Management Protocol
o B.
B. File Transfer Protocol
o C.
C. Simple Mail Transfer Protocol
o D.
D. Telnet

24
 52.
Which of the following is the BEST method for preventing exploitation of
system vulnerabilities?
Discuss
o A.
A. Log monitoring
o B.
B. Virus protection
o C.
C. Intrusion detection
o D.
D. Patch management
 53.
Which of the following reports should an IS auditor use to check compliance
with a service level agreement's (SLA) requirement for uptime?
Discuss
o A.
A. Utilization reports
o B.
B. Hardware error reports
o C.
C. System logs
o D.
D. Availability reports
 54.
A programmer, using firecall IDs, as provided in the manufacture's manual,
gained access to the production environment and made an unauthorized
change. Which of the following could have prevented this from happening?
Discuss

25
o A.
A. Deactivation
o B.
B. Monitoring
o C.
C. Authorization
o D.
D. Resetting
 55.
A Ping command is used to measure:
Discuss
o A.
A. attenuation.
o B.
B. throughput,
o C.
C. delay distortion.
o D.
D. latency.
 56.
The method of routing traffic through split-cable facilities or duplicate-cable
facilities is called:
Discuss
o A.
A. alternative routing.
o B.
B. diverse routing.

26
o C.
C. redundancy.
o D.
D. circular routing.
 57.
Which of the following line media would provide the BEST security for a
telecommunication network?
Discuss
o A.
A. Broadband network digital transmission
o B.
B. Baseband network
o C.
C. Dial-up
o D.
D. Dedicated lines
 58.
An organization has outsourced IT operations to a service provider. The
organization's IS auditor makes the following observations: Key servers
located at the outsourcing organization are about to be moved to the service
provider.  Critical systems are backed up, but recovery is inefficient. 
Disaster recovery is not covered by the outsourcing contract.  The service
provider backs up data to the building next to it. Which of the following should
the IS auditor recommend be done immediately?
Discuss
o A.
A. Improve the backup of critical systems.
o B.
B. Delay moving the servers.
o C.

27
C. Incorporate disaster recovery in the contract.
o D.
D. Back up data to a location further away from the service provider.
 59.
During an audit of the tape management system at a data center, an IS
auditor discovered that parameters are set to bypass or ignore the labels
written on tape header records. The IS auditor also determined that effective
staging and job setup procedures were in place. In this situation, the IS
auditor should conclude that the:
Discuss
o A.
A. tape headers should be manually logged and checked by the operators.
o B.
B. staging and job setup procedures are not appropriate compensating

controls.
o C.
C. staging and job setup procedures compensate for the tape label control
weakness.
o D.
D. tape management system parameters must be set to check all labels.
 60.
Which of the following is the GREATEST risk related to the monitoring of audit
logs?
Discuss
o A.
A. Logs are not backed up periodically.
o B.
B. Routine events are recorded
o C.
C. Procedures for enabling logs are not documented.

28
o D.
D. Unauthorized system actions are recorded but not investigated.
 61.
Which of the following would an IS auditor consider to be the MOST helpful
when evaluating the effectiveness and adequacy of a computer preventive
maintenance program?
Discuss
o A.
A. A system downtime log
o B.
B. Vendors' reliability figures
o C.
C. Regularly scheduled maintenance log
o D.
D. A written preventive maintenance schedule
 62.
Which of the following would be the MOST secure firewall system?
Discuss
o A.
A. Screened-host firewall
o B.
B. Screened-subnet firewall
o C.
C. Dual-homed firewall
o D.
D. Stateful-inspection firewall
 63.

29
Which of the following is a control over component communication

failure/errors?
Discuss
o A.
A. Restricting operator access and maintaining audit trails
o B.
B. Monitoring and reviewing system engineering activity
o C.
C. Providing network redundancy
o D.
D. Establishing physical barriers to the data transmitted over the network
 64.
Which of the following BEST ensures the integrity of a server's operating
system?
Discuss
o A.
A. Protecting the server in a secure location
o B.
B. Setting a boot password
o C.
C. Hardening the server configuration
o D.
D. Implementing activity logging
 65.
Reconfiguring which of the following firewall types will prevent inward
downloading of files through the File Transfer Protocol (FTP)?
Discuss
o A.

30
A. Circuit gateway
o B.
B. Application gateway
o C.
C. Packet filter
o D.
D. Screening router
 66.
Checking for authorized software baselines is an activity addressed within
which of the following?
Discuss
o A.
A. Project management
o B.
B. Configuration management
o C.
C. Problem management
o D.
D. Risk management
 67.
An independent software program that connects two otherwise separate
applications sharing computing resources across heterogeneous technologies
is known as:
Discuss
o A.
A. middleware.
o B.
B. firmware.

31
o C.
C. application software.
o D.
D. embedded systems.
 68.
Which of the following is a control to detect an unauthorized change in a
production environment?
Discuss
o A.
A. Denying programmers access to production data
o B.
B. Requiring change requests to include benefits and costs
o C.
C. Periodically comparing control and current object and source programs
o D.
D. Establishing procedures for emergency changes
 69.
To share data in a multivendor network environment, it is essential to
implement program-to-program communication. With respect to program-to-
program communication features, that can be implemented in this
environment, which of the following makes implementation and maintenance
difficult?
Discuss
o A.
A. User isolation
o B.
B. Controlled remote access
o C.
C. Transparent remote access

32
o D.
D. The network environments
 70.
An IS auditor evaluating the resilience of a high-availability network should be
MOST concerned if:
Discuss
o A.
A. the setup is geographically dispersed.
o B.
B. the network servers are clustered in a site.
o C.
C. a hot site is ready for activation.
o D.
D. diverse routing is implemented for the network.
 71.
Which of the following types of firewalls would BEST protect a network from
an Internet attack?
Discuss
o A.
A. Screened subnet firewall
o B.
B. Application filtering gateway
o C.
C. Packet filtering router
o D.
D. Circuit-level gateway
 72.

33
An organization is negotiating a service level agreement (SLA) with a vendor.

Which of the following should occur FIRST?
Discuss
o A.
A. Develop a feasibility study.
o B.
B. Check for compliance with corporate policies.
o C.
C. Draft the service level penalties.
o D.
D. Draft the service level requirements.
 73.
Which of the following applet intrusion issues poses the GREATEST risk of
disruption to an organization?
Discuss
o A.
A. A program that deposits a virus on a client machine
o B.
B. Applets recording keystrokes and, therefore, passwords
o C.
C. Downloaded code that reads files on a client's hard drive
o D.
D. Applets opening connections from the client machine
 74.
Which of the following is widely accepted as one of the critical components in
networking management?
Discuss
o A.

34
A. Configuration management
o B.
B. Topological mappings
o C.
C. Application of monitoring tools
o D.
D. Proxy server trouble shooting
 75.
Which of the following is MOST important when assessing services provided
by an Internet service provider (ISP)?
Discuss
o A.
A. Performance reports generated by the ISP
o B.
B. The service level agreement (SLA)
o C.
C. Interviews with the provider
o D.
D. Interviews with other clients of the ISP
 76.
When reviewing system parameters, an IS auditor's PRIMARY concern
should be that:
Discuss
o A.
A. they are set to meet security and performance requirements.
o B.
B. changes are recorded in an audit trail and periodically reviewed.

35
o C.
C. changes are authorized and supported by appropriate documents.
o D.
D. access to parameters in the system is restricted.
 77.
Which of the following systems-based approaches would a financial
processing company employ to monitor spending patterns to identify
abnormal patterns and report them?
Discuss
o A.
A. A neural network
o B.
B. Database management software
o C.
C. Management information systems
o D.
D. Computer-assisted audit techniques
 78.
Which of the following reports is a measure of telecommunication
transmissions and determines whether transmissions are completed
accurately?
Discuss
o A.
A. Online monitor reports
o B.
B. Downtime reports
o C.
C. Help desk reports

36
o D.
D. Response-time reports
 79.
Web and e-mail filtering tools are PRIMARILY valuable to an organization
because they:
Discuss
o A.
A. protect the organization from viruses and nonbusiness materials.
o B.
B. maximize employee performance.
o C.
C. safeguard the organization's image.
o D.
D. assist the organization in preventing legal issues
 80.
The database administrator (DBA) suggests that DB efficiency can be
improved by denormalizing some tables. This would result in:
Discuss
o A.
A. loss of confidentiality.
o B.
B. increased redundancy.
o C.
C. unauthorized accesses.
o D.
D. application malfunctions.
 81.

37
Which of the following should be done by an IS auditor when a source code

comparison indicates modifications were made?
Discuss
o A.
A. Determine whether modifications were authorized
o B.
B. Update the control copy of the source code.
o C.
C. Manually review the source code.
o D.
D. Insert remarks in the source code describing the modifications.
 82.
Utility programs that assemble software modules needed to execute a
machine instruction application program version are:
Discuss
o A.
A. text editors.
o B.
B. program library managers.
o C.
C. linkage editors and loaders.
o D.
D. debuggers and development aids.
 83.
In a database management system (DBMS), the location of data and the
method of accessing the data are provided by the:
Discuss
o A.

38
A. data dictionary.
o B.
B. metadata.
o C.
C. directory system.
o D.
D. data definition language.
 84.
The interface that allows access to lower- or higher-level network services is
called:
Discuss
o A.
A. firmware.
o B.
B. middleware.
o C.
C. X.25 interface.
o D.
D. utilities.
 85.
Which of the following is a control over database administration activities?
Discuss
o A.
A. A database checkpoint to restart processing after a system failure
o B.
B. Database compression to reduce unused space
o C.

39
C. Supervisory review of access logs
o D.
D. Backup and recovery procedures to ensure database availability
 86.
An IS auditor reviewing database controls discovered that changes to the
database during normal working hours were handled through a standard set
of procedures. However, changes made after normal hours required only an
abbreviated number of steps. In this situation, which of the following would be
considered an adequate set of compensating controls?
Discuss
o A.
A. Allow changes to be made only with the DBA user account.
o B.
B. Make changes to the database after granting access to a normal user

account
o C.
C. Use the DBA user account to make changes, log the changes and review
the change log the following day.
o D.
D. Use the normal user account to make changes, log the changes and
review the change log the following day. the following day.
 87.
Which of the following hardware devices relieves the central computer from
performing network control, format conversion and message handling tasks?
o A.
A. Spool
o B.
B. Cluster controller
o C.
C. Protocol converter

40
o D.
D. Front-end processor
 88.
An IS auditor has recently discovered that because of a shortage of skilled
operations personnel, the security administrator has agreed to work one late-
night shift a month as the senior computer operator. The MOST appropriate
course of action for the IS auditor is to:
Discuss
o A.
A. advise senior management of the risk involved.
o B.
B. agree to work with the security officer on these shifts as a form of

preventative control.
o C.
C. develop a computer-assisted audit technique to detect instances of abuses

of this arrangement.
o D.
D. review the system log for each of the late-night shifts to determine whether
any irregular actions occurred.
 89.
During the requirements definition phase for a database application,
performance is listed as a top priority. To access the DBMS files, which of the
following technologies should be recommend for optimal I/O performance?
Discuss
o A.
A. Storage area network (SAN)
o B.
B. Network Attached Storage (NAS)
o C.
C. Network file system (NFS v2)

41
o D.
D. Common Internet File System (CIFS)
 90.
An IS auditor is PRIMARILY concerned about electromagnetic emissions from
a cathode ray tube (CRT) because they may:
Discuss
o A.
A. cause health disorders (such as headaches) and diseases.
o B.
B. be intercepted and information may be obtained from them.
o C.
C. cause interference in communications.
o D.
D. cause errors in the motherboard.
 91.
To determine how data are accessed across different platforms in a
heterogeneous environment, an IS auditor should FIRST review:
Discuss
o A.
A. business software.
o B.
B. infrastructure platform tools.
o C.
C. application services.
o D.
D. system development tools.
 92.

42
Applying a retention date on a file will ensure that:

Discuss
o A.
A. data cannot be read until the date is set.
o B.
B. data will not be deleted before that date.
o C.
C. backup copies are not retained after that date.
o D.
D. datasets having the same name are differentiated.
 93.
An organization provides information to its supply chain partners and
customers through an extranet infrastructure. Which of the following should be
the GREATEST concern to an IS auditor reviewing the firewall security
architecture?
Discuss
o A.
A. A Secure Sockets Layer (SSL) has been implemented for user

authentication and remote administration of the firewall.
o B.
B. On the basis of changing requirements, firewall policies are updated.
o C.
C. Inbound traffic is blocked unless the traffic type and connections have
been specifically permitted
o D.
D. The firewall is placed on top of the commercial operating system with all
installation options. options.
 94.
An IS auditor is performing a network security review of a telecom company
that provides Internet connection services to shopping malls for their wireless

43
customers. The company uses Wireless Transport Layer Security (WTLS)

and Secure Sockets Layer (SSL) technology for protecting their customer's
payment information. The IS auditor should be MOST concerned, if a hacker:
Discuss
o A.
A. compromises the Wireless Application Protocol (WAP) gateway.
o B.
B. installs a sniffing program in front of the server.
o C.
C. steals a customer's PDA.
o D.
D. listens to the wireless transmission.
 95.
Which of the following would normally be found in application run manuals?
Discuss
o A.
A. Details of source documents
o B.
B. Error codes and their recovery actions
o C.
C. Program flowcharts and file definitions
o D.
D. Change records for the application source code
 96.
Change management procedures are established by IS management to:
Discuss
o A.

44
A. control the movement of applications from the test environment to the

production environment.
o B.
B. control the interruption of business operations from lack of attention to

unresolved problems.
o C.
C. ensure the uninterrupted operation of the business in the event of a

disaster.
o D.
D. verify that system changes are properly documented
 97.
An IS auditor reviewing an organization's data file control procedures finds
that transactions are applied to the most current files, while restart procedures
use earlier versions. The IS auditor should recommend the implementation of:
Discuss
o A.
A. source documentation retention.
o B.
B. data file security.
o C.
C. version usage control.
o D.
D. one-for-one checking
 98.
Which of the following is the MOST probable cause for a mail server being
used to send spam?
Discuss
o A.
A. Installing an open relay server

45
o B.
B. Enabling Post Office Protocol (POP3)
o C.
C. Using Simple Mail Transfer Protocol (SMTP)
o D.
D. Activating user accounting
 99.
Which of the following is the BEST method for preventing exploitation of
system vulnerabilities?
Discuss
o A.
A. Log monitoring
o B.
B. Virus protection
o C.
C. Intrusion detection
o D.
D. Patch management
 100.
Which of the following reports should an IS auditor use to check compliance
with a service level agreement's (SLA) requirement for uptime?
Discuss
o A.
A. Utilization reports
o B.
B. Hardware error reports
o C.

46
C. System logs
o D.
D. Availability reports

CISA-mock Test - Domain 4 (100 Questions

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CISA-mock Test - Domain 4 (100 Questions

Uploaded by

Copyright:

Available Formats

1

CISA-mock Test - Domain 4 (100

A. The extent of acceptable system downtime.

B. The time period the crisis is expected to last

C. The extent of acceptable data loss.

D. The time required for the crisis management team to respond

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

A. Very high RTO

B. Very low RTO, close to zero

D. Medium level of RTO, close to 50 %

A. The extent of acceptable system downtime.

B. The time period the crisis is expected to last

C. The extent of acceptable data loss.

D. The date by which lost data can be recovered by Recovery team

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

D. Large than industry standards

D. There is no relation between RPO and cost.

A. recovery time objective (RTO) is low.

B. recovery point objective (RPO) is high.

C. recovery time objective (RTO) is high.

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

D. disaster tolerance is high.

A. Disaster tolerance is high.

B. Recovery time objective is high.

C. Recovery point objective is low.

D. Recovery point objective is high.

D. Synchronous backup of the data in a warm site that can be operational in

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

A. disaster tolerance is low.

B. recovery point objective (RPO) is high.

C. recovery time objective (RTO) is high.

D. disaster tolerance is high.

A. cost of maintaining the environment is low.

B. hot sites can be arranged in or near primary site.

D. system compatibility is not an requirement in case of hot site.

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

A. disaster tolerance is high

B. recovery point objective (RPO) is high.

C. recovery time objective (RTO) is high.

D. disaster tolerance is low

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

A. Timely availability of hardware

B. Availability of heat, humidity and air conditioning equipment

C. Adequacy of electrical power connections

A. Warm site facility

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

In which of the following recovery processing site, only arrangement for

A. Timely availability of hardware

B. Availability of heat, humidity and air conditioning equipment

C. Adequacy of electrical power connections

D. Requirement of updated database.

A. contents are highly volatile.

ISACA MCQS SYED SHAHBAZ RAZA ZAIDI

B. data cannot be backed up.

C. data can be copied

D. device may not be compatible with other peripherals.

A. Using end-to-end encryption for data communication

B. Using separate conduits for electrical and data cables

C. Using check sums for checking the corruption of data

D. Connecting the terminals using a star topology

A. Logging user activities

B. Logging data communication access activities