CISA exam

During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?A . Rollback strategy B. Test cases C. Post-implementation review objectives D. Business caseView AnswerAnswer: D

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?A . Periodically reviewing log files B. Configuring the router as a firewall C. Using smart cards with one-time...

Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?A . File level encryption B. File Transfer Protocol (FTP) C. Instant messaging policy D. Application level firewallsView AnswerAnswer: D

During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRSTA . perform a business impact analysis (BIA). B. issue an intermediate report to management. C. evaluate the impact on current disaster recovery capability. D. conduct additional compliance...

An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release. Which of the following should the IS auditor review FIRST?A . Capacity management plan B. Training plans C. Database conversion results D. Stress testing resultsView AnswerAnswer: D

IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance. Which of the following controls will MOST effectively compensate for the lack of referential integrity?A . More frequent data backups B. Periodic table link checks C. Concurrent access...

An IS auditor found that a company executive is encouraging employee use of social networking sites for business purposes. Which of the following recommendations would BEST help to reduce the risk of data leakage?A . Requiring policy acknowledgment and nondisclosure agreements (NDAs) signed by employees B. Establishing strong access controls...

Which of the following should an IS auditor be MOST concerned with during a post-implementation review?A . The system does not have a maintenance plan. B. The system contains several minor defects. C. The system deployment was delayed by three weeks. D. The system was over budget by 15%.View AnswerAnswer:...

An IT balanced scorecard is the MOST effective means of monitoring:A . governance of enterprise IT. B. control effectiveness. C. return on investment (ROI). D. change management effectiveness.View AnswerAnswer: A

Which of the following should an IS auditor recommend as a PRIMARY area of focus when an organization decides to outsource technical support for its external customers?A . Align service level agreements (SLAs) with current needs. B. Monitor customer satisfaction with the change. C. Minimize costs related to the third-party...