The following is specially organized for you the latest Isaca CISA exam dumps, and CISA practice questions, free of charge! Free resources from Pass4itsure CISA exam dumps (Q&As: 3107), helping you 100% pass all exams!
Updated Isaca CISA exam questions
QUESTION 1
A transaction journal provides the information necessary for detecting unauthorized ___________ (fill in the blank) from
a terminal.
A. Deletion
B. Input
C. Access
D. Duplication
Correct Answer: B
A transaction journal provides the information necessary for detecting unauthorized input from a terminal.
QUESTION 2
Which of the following layer of an enterprise data flow architecture is concerned with basic data communication?
A. Data preparation layer
B. Desktop Access Layer
C. Internet/Intranet layer
D. Data access layer
Correct Answer: C
Internet/Intranet layer ?This layer is concerned with basic data communication. Included here are browser
based user interface and TCP/IP networking.
For CISA exam you should know below information about business intelligence:
Business intelligence(BI) is a broad field of IT encompasses the collection and analysis of information to
assist decision making and assess organizational performance. To deliver effective BI, organizations need
to design and implement a data architecture. The complete data architecture consists of two components
The enterprise data flow architecture (EDFA)
A logical data architecture
Various layers/components of this data flow architecture are as follows:
Presentation/desktop access layer ?This is where end users directly deal with information. This layer
includes familiar desktop tools such as spreadsheets, direct querying tools, reporting and analysis suits offered by vendors such as Congas and business objects, and purpose built application such as balanced
source cards and digital dashboards.
Data Source Layer ?Enterprise information derives from number of sources:
Operational data ?Data captured and maintained by an organization\\’s existing systems, and usually held in
system-specific database or flat files. External Data ?Data provided to an organization by external sources.
This could include data such as customer demographic and market share information.
Nonoperational data ?Information needed by end user that is not currently maintained in a computer
accessible format.
Core data warehouse ?This is where all the data of interest to an organization is captured and organized to
assist reporting and analysis. DWs are normally instituted as large relational databases. A property constituted DW
should support three basic form of an inquiry.
Drilling up and drilling down ?Using dimension of interest to the business, it should be possible to aggregate data as
well as drill down. Attributes available at the more granular levels of the warehouse can also be used to refine the
analysis.
Drill across ?Use common attributes to access a cross section of information in the warehouse such as sum sales
across all product lines by customer and group of customers according to length of association with the company.
Historical Analysis ?The warehouse should support this by holding historical, time variant data. An example of historical
analysis would be to report monthly store sales and then repeat the analysis using only customer who were preexisting
at the start of the year in order to separate the effective new customer from the ability to generate repeat business with
existing customers.
Data Mart Layer ?Data mart represents subset of information from the core DW selected and organized to meet the
needs of a particular business unit or business line. Data mart can be relational databases or some form on-line
analytical processing (OLAP) data structure.
Data Staging and quality layer ?This layer is responsible for data copying, transformation into DW format and quality
control. It is particularly important that only reliable data into core DW. This layer needs to be able to deal with problems
periodically thrown by operational systems such as change to account number format and reuse of old accounts and
customer numbers.
Data Access Layer ?This layer operates to connect the data storage and quality layer with data stores in the data
source layer and, in the process, avoiding the need to know to know exactly how these data stores are organized.
Technology now permits SQL access to data even if it is not stored in a relational database.
Data Preparation layer ?This layer is concerned with the assembly and preparation of data for loading into data marts.
The usual practice is to per-calculate the values that are loaded into OLAP data repositories to increase access speed.
Data mining is concern with exploring large volume of data to determine patterns and trends of information. Data mining
often identifies patterns that are counterintuitive due to number and complexity of data relationships. Data quality needs
to be very high to not corrupt the result.
Metadata repository layer ?Metadata are data about data. The information held in metadata layer needs to extend
beyond data structure names and formats to provide detail on business purpose and context. The metadata layer
should be comprehensive in scope, covering data as they flow between the various layers, including documenting
transformation and validation rules.
Warehouse Management Layer ?The function of this layer is the scheduling of the tasks necessary to build and maintain the DW and populate data marts. This layer is also involved in administration of security.
Application messaging layer ?This layer is concerned with transporting information between the various layers. In
addition to business data, this layer encompasses generation, storage and targeted communication of control
messages.
Internet/Intranet layer ?This layer is concerned with basic data communication. Included here are browser based user
interface and TCP/IP networking.
Various analysis models used by data architects/ analysis follows:
Activity or swim-lane diagram ?De-construct business processes.
Entity relationship diagram ?Depict data entities and how they relate. These data analysis methods obviously play an
important part in developing an enterprise data model. However, it is also crucial that knowledgeable business operative
is involved in the process. This way proper understanding can be obtained of the business purpose and context of the
data. This also mitigates the risk of replication of suboptimal data configuration from existing systems and database into
DW.
The following were incorrect answers:
Desktop access layer or presentation layer is where end users directly deal with information. This layer includes familiar
desktop tools such as spreadsheets, direct querying tools, reporting and analysis suits offered by vendors such as
Congas and business objects, and purpose built application such as balanced source cards and digital dashboards.
Data preparation layer ?This layer is concerned with the assembly and preparation of data for loading into
data marts. The usual practice is to per-calculate the values that are loaded into OLAP data repositories to
increase access speed.
Data access layer ?his layer operates to connect the data storage and quality layer with data stores in the
data source layer and, in the process, avoiding the need to know to know exactly how these data stores
are organized. Technology now permits SQL access to data even if it is not stored in a relational database.
Reference:
CISA review manual 2014 Page number 188
……
Get complete free Isaca CISA exam practice questions: https://www.collection4pdf.com/updated-isaca-cisa-exam-dumps-pdf-and-practice-questions-free/
Latest Isaca CISA actual exam questions for free (update 2021.7)! If you want to read more, this site recommends a complete online blog on Isaca exam practice questions: collection4pdf.com. Here, you have everything you need to easily prepare and pass the certification exam.
Learning Resources (Pass4itsure) About Isaca Exam:
- Latest Isaca CISA pdf
- Latest Isaca CISA practice questions (1-13)
- Isaca CISA Practice testing questions from Youtube
Latest Isaca CISA exam dumps pdf and CISA practice questions
QUESTION 1
The specific advantage of white box testing is that it:
A. verifies a program can operate successfully with other parts of the system.
B. ensures a program\\’s functional operating effectiveness without regard to the internal program structure.
C. determines procedural accuracy or conditions of a program\\’s specific logic paths.
D. examines a program\\’s functionality by executing it in a tightly controlled or virtual environment with restricted access
to the host system.
Correct Answer: C
White box testing assesses the effectiveness of software program logic. Specifically, test data are used in determining
procedural accuracy or conditions of a program\\’s logic paths. Verifying the program can operate successfully with
other parts of the system is sociability testing. Testing the program\\’s functionality without knowledge of internal
structures is black box testing. Controlled testing of programs in a semi-debugged environment, either heavily controlled
step-by-step or via monitoring in virtual machines, is sand box testing.
QUESTION 2
Off-site data storage should be kept synchronized when preparing for recovery of time- sensitive data such as that
resulting from which of the following?
A. Financial reporting
B. Sales reporting
C. Inventory reporting
D. Transaction processing
Correct Answer: D
Off-site data storage should be kept synchronized when preparing for the recovery of timesensitive data such as that
resulting from transaction processing.
QUESTION 3
A hardware control that helps to detect errors when data are communicated from one computer to another is known as
a:
A. duplicate check.
B. table lookup.
C. validity check.
D. parity check.
Correct Answer: D
A parity check will help to detect data errors when data are read from memory or communicated from one computer to
another. A one-bit digit (either 0 or 1) is added to a data item to indicate whether the sum of that data item\\’s bit is odd
or even. When the parity bit disagrees with the sum of the other bits, an error report is generated.
QUESTION 4
After observing suspicious activities in a server, a manager requests a forensic analysis. Which of the following findings
should be of MOST concern to the investigator?
A. Server is a member of a workgroup and not part of the server domain
B. Guest account is enabled on the server
C. Recently, 100 users were created in the server
D. Audit logs are not enabled for the server
Correct Answer: D
Audit logs can provide evidence which is required to proceed with an investigation and should not be disabled. For
business needs, a server can be a member of a workgroup and, therefore, not a concern. Having a guest account
enabled on a system is a poor security practice but not a forensic investigation concern. Recently creating 100 users in
the server may have been required to meet business needs and should not be a concern.
QUESTION 5
During an audit of a mission-critical system hosted in an outsourced data center, an IS auditor discovers that contracted
routine maintenance for the alternate power generator was not performed. Which of the following should be the
auditor\\’s MAIN concern?
A. Fraudulent behavior by the outsourcer charging for work not performed
B. Failure of the alternate power generator during a power outage
C. High repair costs if faulty generator parts are not detected in a timely manner
D. Loss of warranty due to lack of system maintenance
Correct Answer: B
QUESTION 6
Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?
A. Embedded audit module
B. Integrated test facility
C. Snapshots
D. Audit hooks
Correct Answer: D
The audit hook technique involves embedding code in application systems for the examination of selected transactions.
This helps an IS auditor to act before an error or an irregularity gets out of hand. An embedded audit module involves
embedding specially-written software in the organization\\’s host application system so that application systems are
monitored on a selective basis. An integrated test facility is used when it is not practical to use test data, and snapshots
are used when an audit trail is required.
QUESTION 7
In a typical network architecture used for e-commerce, a load balancer is normally found between the: A. routers and
the web servers.
B. mail servers and the mail repositories.
C. users and the external gateways.
D. databases and the external gateways.
Correct Answer: A
QUESTION 8
Which of the following is the MOST important factor when determining the frequency of information security risk
reassessment?
A. Audit findings
B. Risk priority
C. Mitigating controls
D. Risk metrics
Correct Answer: D
QUESTION 9
Which of the following ensures the availability of transactions in the event of a disaster?
A. Send tapes hourly containing transactions offsite,
B. Send tapes daily containing transactions offsite.
C. Capture transactions to multiple storage devices.
D. Transmit transactions offsite in real time.
Correct Answer: D
The only way to ensure availability of all transactions is to perform a real-time transmission to an offsite facility. Choices
A and B are not in real time and, therefore, would not include all the transactions. Choice C does not ensure availability
at an offsite location.
QUESTION 10
Which of the following attack is MOSTLY performed by an attacker to steal the identity information of a user such as
credit card number, passwords, etc?
A. Smurf attack
B. Traffic analysis
C. Harming
D. Interrupt attack
Correct Answer: C
Harming is a cyber attack intended to redirect a website\\’s traffic to another, bogus site. Harming can be conducted
either by changing the hosts file on a victim\\’s computer or by exploitation of a vulnerability in DNS server software.
DNS
servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers
are sometimes referred to as “poisoned”. Harming requires unprotected access to target a computer, such as altering a
customer\\’s home computer, rather than a corporate business server.
The term “phrasing” is a neologism based on the words “farming” and “phishing”. Phishing is a type of socialengineering attack to obtain access credentials, such as user names and passwords. In recent years, both phrasing and
phishing
have been used to gain information for online identity theft. Phrasing has become of major concern to businesses
hosting ecommerce and online banking websites. Sophisticated measures known as anti-harming are required to
protect
against this serious threat. Antivirus software and spyware removal software cannot protect against harming.
For your exam you should know the information below:
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and
sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.
Communications
purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are
commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with
malware.
Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a
fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social
engineering
techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal
with the growing number of reported phishing incidents include legislation, user training, public awareness, and
technical security measures.
Spear phishing – Phishing attempts directed at specific individuals or companies have been termed spear phishing.
Attackers may gather personal information about their target to increase their probability of success.
Link manipulation
Most methods of phishing use some form of technical deception designed to make a link in an email (and the spoofed
website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of sub domains are
common
tricks used by phishes. In the following example URL, http://www.yourbank.example.com/, it appears as though the URL
will take you to the example section of your bank website; actually this URL points to the “your bank” (i.e. phishing)
section of the example website. Another common trick is to make the displayed text for a link (the text between the are
tags) suggest a reliable destination, when the link actually goes to the phishes\\’ site. The following example link, //
en.wikipedia.org/wiki/Genuine, appears to direct the user to an article entitled “Genuine”; clicking on it will in fact take
the user to the article entitled “Deception”. In the lower left hand corner of most browsers users can preview and verify
where the link is going to take them. Hovering your cursor over the link for a couple of seconds may do a similar thing,
but this can still be set by the phishes through the HTML tooltip tag.
Website forgery
Once a victim visits the phishing website, the deception is not over. Some phishing scams use JavaScript commands in
order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by
closing the original bar and opening up a new one with the legitimate URL.
An attacker can even use flaws in a trusted website\\’s own scripts against the victim. These types of attacks (known as
cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or service\\’s own
web
page, where everything from the web address to the security certificates appears correct. In reality, the link to the
website is crafted to carry out the attack, making it very difficult to spot without specialist knowledge.
The following answers are incorrect:
Smurf Attack ?Occurs when mix-configured network device allow packet to be sent to all hosts on a particular network
via the broadcast address of the network
Traffic analysis – is the process of intercepting and examining messages in order to deduce information from patterns in
communication. It can be performed even when the messages are encrypted and cannot be decrypted. In general, the
greater the number of messages observed, or even intercepted and stored, the more can be inferred from the traffic.
Traffic analysis can be performed in the context of military intelligence, counter-intelligence, or pattern-of-life analysis,
and is
a concern in computer security.
Interrupt attack- Interrupt attack occurs when a malicious action is performed by invoking the operating system to
execute a particular system call.
Reference:
CISA review manual 2014 Page number 323 Official ISC2 guide to CISSP CBK 3rd Edition Page number326
http://en.wikipedia.org/wiki/Phishing
http://en.wikipedia.org/wiki/Pharming
QUESTION 11
Which of the following method is recommended by security professional to PERMANENTLY erase sensitive data on
magnetic media?
A. Degaussing
B. Overwrite every sector of magnetic media with pattern of 1\\’s and 0\\’s
C. Format magnetic media
D. Delete File allocation table
Correct Answer: A
PERMANENTLY is the keyword used in the question. You need to find out data removal method which remove data
permanently from magnetic media.
Degaussing is the most effective method out of all provided choices to erase sensitive data on magnetic media provided
magnetic media is not requiring to be reuse. Some degausses can destroy drives. The security professional should
exercise caution when recommending or using degausses on media for reuse.
A device that performs degaussing generates a coercive magnetic force that reduces the magnetic flux density of the
storage media to zero. This magnetic force is what properly erases data from media. Data are stored on magnetic
media by
the representation of the polarization of the atoms. Degaussing changes this polarization (magnetic alignment) by using
a type of large magnet to bring it back to its original flux (magnetic alignment).
For your exam you should know the information below:
When media is to be reassigned (a form of object reuse), it is important that all residual data is carefully removed.
Simply deleting files or formatting the media does not actually remove the information. File deletion and media
formatting often simply remove the pointers to the information. Providing assurance for object reuse requires specialized
tools and
techniques according to the type of media on which the data resides.
Specialized hardware devices known as degausses can be used to erase data saved to magnetic media. The measure
of the amount of energy needed to reduce the magnetic field on the media to zero is known as coercivity. It is important
to
make sure that the coercivity of the degasser is of sufficient strength to meet object reuse requirements when erasing
data. If a degasser is used with insufficient coercivity, then a remanence of the data will exist.
Remanence is the measure of the existing magnetic field on the media; it is the residue that remains after an object is
degaussed or written over. Data is still recoverable even when the remanence is small. While data remanence exists,
there
is no assurance of safe object reuse. Some degausses can destroy drives. The security professional should exercise
caution when recommending or using degausses on media for reuse.
Software tools also exist that can provide object reuse assurance. These tools overwrite every sector of magnetic media
with a random or predetermined bit pattern. Overwrite methods are effective for all forms of electronic media with the
exception of read-only optical media. There is a drawback to using overwrite software. During normal write operations
with magnetic media, the head of the drive moves back-and-forth across the media as data is written. The track of the
head
does not usually follow the exact path each time. The result is a miniscule amount of data remanence with each pass.
With specialized equipment, it is possible to read data that has been overwritten.
To provide higher assurance in this case, it is necessary to overwrite each sector multiple times. Security practitioners
should keep in mind that a one-time pass may be acceptable for noncritical information, but sensitive data should be
overwritten with multiple passes. Overwrite software can also be used to clear the sectors within solid-state media such
as USB thumb drives. It is suggested that physical destruction methods such as incineration or secure recycling should
be considered for solid-state media that is no longer used.
The last form of preventing unauthorized access to sensitive data is media destruction. Shredding, burning, grinding,
and pulverizing are common methods of physically destroying media. Degaussing can also be a form of media
destruction.
High-power degausses are so strong in some cases that they can literally bend and warp the platters in a hard drive.
Shredding and burning are effective destruction methods for non-rigid magnetic media. Indeed, some shredders are
capable of shredding some rigid media such as an optical disk. This may be an effective alternative for any optical
media
containing nonsensitive information due to the residue size remaining after feeding the disk into the machine.
However, the residue size might be too large for media containing sensitive information. Alternatively, grinding and
pulverizing are acceptable choices for rigid and solid-state media. Specialized devices are available for grinding the face
of
optical media that either sufficiently scratches the surface to render the media unreadable or actually grinds off the data
layer of the disk. Several services also exist which will collect drives, destroy them on site if requested and provide
certification of completion. It will be the responsibility of the security professional to help, select, and maintain the most
appropriate solutions for media cleansing and disposal.
The following answers are incorrect:
Overwrite every sector of magnetic media with pattern of 1\\’s and 0\\’s-Less effective than degaussing provided
magnetic media is not requiring to be reuse. Format magnetic media ?Formatting magnetic media does not erase all
data. Data can
be recoverable after formatting using software tools.
Delete File allocation table-It will not erase all data. Data can be recoverable using software tools.
Reference: CISA review manual 2014 Page number 338
Official ISC2 guide to CISSP CBK 3rd Edition Page number 720.
QUESTION 12
Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions?
A. Parity check
B. Echo check
C. Block sum check
D. Cyclic redundancy check
Correct Answer: D
The cyclic redundancy check (CRC) can check for a block of transmitted data. The workstations generate the CRC and
transmit it with the data. The receiving workstation computes a CRC and compares it to the transmitted CRC. if both of
them are equal. Then the block is assumed error free, in this case (such as in parity error or echo check), multiple errors
can be detected. In general, CRC can detect all single-bit and bubble-bit errors. Parity check (known as vertical
redundancy check) also involves adding a bit (known as the parity bit) to each character during transmission. In this
case, where there is a presence of bursts of errors (i.e., impulsing noise during high transmission rates), it has a
reliability of approximately 50 percent. Inhigher transmission rates, this limitation is significant. Echo checks detect line
errors by retransmitting data to the sending device for comparison with the original transmission.
QUESTION 13
A database administrator has detected a performance problem with some tables which could be solved through
denormalization. This situation will increase the risk of:
A. concurrent access.
B. deadlocks.
C. unauthorized access to data.
D. a loss of data integrity.
Correct Answer: D
Normalization is the removal of redundant data elements from the database structure. Disabling normalization in
relational databases will create redundancy and a risk of not maintaining consistency of data, with the consequent loss
of data integrity. Deadlocks are not caused by denormalization. Access to data is controlled by defining user rights to
information, and is not affected by denormalization.
You may be interested in other exam practice questions! Click on.
Isaca CISA exam dumps pdf free download https://drive.google.com/file/d/144fMR_b65Lru9pBaa4s6VLb9MZHTANmC/view?usp=sharing
Isaca CISA Practice testing questions from Youtube
Pass4itsure CISA experts are here to help you!
Pass4itsure has many years of exam experience! A group of professional CISA exam experts! Update test questions throughout the year! The most complete test questions and answers! The safest buying experience! The biggest free sharing exam practice questions and answers! Our goal is to help more people pass the exam!
Latest Pass4itsure CISA dumps discount code
Conclusion:
Free real Isaca CISA exam preparation materials, Isaca CISA practice exam + Isaca CISA pdf dumps. Use them correctly and you will not fail. Get the full CISA exam dumps( Q&As: 3107).
Free Isaca CISA dumps pdf download online! https://drive.google.com/file/d/144fMR_b65Lru9pBaa4s6VLb9MZHTANmC/view?usp=sharing