Download New Updated (July) Isaca CISA Actual Test 121-130

Ensurepass

 

QUESTION 121

Off-site data backup and storage should be geographically separated so as to ________________ (fill in the blank) the risk of a widespread physical disaster such as a hurricane or earthquake.

 

A.

Accept

B.

Eliminate

C.

Transfer

D.

Mitigate

 

Correct Answer: D

Explanation:

Off-site data backup and storage should be geographically separated, to mitigate the risk of a widespread physical disaster such as a hurricane or an earthquake.

 

 

QUESTION 122

After an IS auditor has identified threats and potential impacts, the auditor should:

 

A.

Identify and evaluate the existing controls

B.

Conduct a business impact analysis (BIA)

C.

Report on existing controls

D.

Propose new controls

 

Correct Answer: A

Explanation:

After an IS auditor has identified threats and potential impacts, the auditor should then identify and evaluate the existing controls.

 

 

QUESTION 123

Of the three major types of off-site processing facilities, what type is characterized by at least providing for electricity and HVAC?

 

A.

Cold site

B.

Alternate site

C.

Hot site

D.

Warm site

 

Correct Answer: A

Explanation:

Of the three major types of off-site processing facilities (hot, warm, and cold), a cold site is characterized by at least providing for electricity and HVAC. A warm site improves upon this by providing for redundant equipment and software that ca
n be made operational within a short time.

 

 

QUESTION 124

Who is responsible for implementing cost-effective controls in an automated system?

 

A.

Security policy administrators

B.

Business unit management

C.

Senior management

D.

Board of directors

 

Correct Answer: B

Explanation:

Business unit management is responsible for implementing cost-e
ffective controls in an automated system.

 

 

QUESTION 125

When is regression testing used to determine whether new application changes have introduced any errors in the remaining unchanged code?

 

A.

In program development and change management

B.

In program feasibility studies

C.

In program development

D.

In change management

 

Correct Answer: A

Explanation:

Regression testing is used in program development and change management to determine whether new changes have introduced any errors in the remaining unchanged code.

 

 

QUESTION 126

What kind of protocols does the OSI Transport Layer of the TCP/IP protocol suite provide to ensure reliable communication?

 

A.

Nonconnection-oriented protocols

B.

Connection-oriented protocols

C.

Session-oriented protocols

D.

Nonsession-oriented protocols

 

Correct Answer: B

Explanation:

The transport layer of the TCP/IP protocol suite provides for connection- oriented protocols to ensure reliable communication.

 

 

 

 

 

QUESTION 127

What can be used to gather evidence of network attacks?

 

A.

Access control lists (ACL)

B.

Intrusion-detection systems (IDS)

C.

Syslog reporting

D.

Antivirus programs

 

< p class="MsoNormal" style="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">Correct Answer: B

Explanation:

Intrusion-detection systems (IDS) are used to gather evidence of network attacks.

 

 

QUESTION 128

Who should be responsible for network security operations?

 

A.

Business unit managers

B.

Security administrators

C.

Network administrators

D.

IS auditors

 

Correct Answer: B

Explanation:

Security administrators are usually responsible for network security operations.

 

 

QUESTION 129

A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and:

 

A.

dials back to the user machine based on the user id and password using a telephone number from its database.

B.

dials back to the user machine based on the user id and password using a telephone number provided by the user during this connection.

C.

waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using its database.

D.

waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using the sender’s data
base.

 

Correct Answer: A

Explanation:

A call-back system in a net centric environment would mean that a user with an id and password calls a remote server through a dial-up line first, and then the server disconnects and dials back to the user machine based on the user id and password using a telephone number from its database. Although the server can depend upon its own database, it cannot know the authenticity of the dialer when the user dials again. The server cannot depend upon the sender’s database to dial back as the same could be manipulated.

 

 

QUESTION 130

For which of the following applications would rapid recovery be MOST crucial?

 

A.

Point-of-sale system

B.

Corporate planning

C.

Regulatory reporting

D.

Departmental chargeback

 

Correct Answer: A

Explanation:

A point-of-sale system is a critical online system that when inoperable will jeopardize the ability of Company.com to generate revenue and track inventory properly.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …