Download New Updated (July) Isaca CISA Actual Test 161-170

Ensurepass

 

QUESTION 161

What is an acceptable recovery mechanism for extremely time-sensitive transaction processing?

 

A.

Off-site remote journaling

B.

Electronic vaulting

C.

Shadow file processing

D.

Storage area network

 

Correct Answer: C

Explanation:

Shadow file processing can be implemented as a recovery mechanism for extremely time-sensitive transaction processing.

 

 

QUESTION 162

A check digit is an effective edit check to:

 

A.

Detect data-transcription errors

B.

Detect data-transposition and transcription errors

C.

Detect data-transposition, transcription, and substitution errors

D.

Detect data-transposition errors

 

Correct Answer: B

Explanation:

A check digit is an effective edit check to detect data-transposition and transcription errors.

 

 

QUESTION 163

An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include:

 

A.

defining the conceptual schema.

B.

defining security and integrity checks.

C.

liaising with users in developing data model.

D.

mapping data model with the internal schema.

 

Correct Answer: D

Explanation:

A DBA only in rare instances should be mapping data elements from the data model to the internal schema (physical data storage definitions). To do so would eliminate data independence for application systems. Mappin
g of the data model occurs with the conceptual schema since the conceptual schema represents the enterprisewide view of data within an organization and is the basis for deriving an end-user department data model.

 

 

QUESTION 164

How does the SSL network protocol provide confidentiality?

 

A.

Through symmetric encryption such as RSA

B.

Through asymmetric encryption such as Data Encryption Standard, or DES

C.

Through asymmetric encryption such as Advanced Encryption Standard, or AES

D.

Through symmetric encryption such as Data Encryption Standard, or DES

 

Correct Answer: D

Explanation:

The SSL protocol provides confidentiality through symmetric encryption such as Data Encryption Standard, or DES.

 

 

QUESTION 165

An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to:

 

A.

Meet business objectives

B.

Enforce data security

C.

Be culturally feasible

D.

Be financially feasible

 

Correct Answer: A

Explanation:

An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to meet business objectives.

 

 

QUESTION 166

What is the PRIMARY purpose of audit trails?

 

A.

To document auditing efforts

B.

To correct data integrity errors

C.

To establish accountability and responsibility for processed transactions

D.

To prevent unauthorized access to data

 

Correct Answer: C

Explanation:

The primary purpose of audit trails is to establish accountability and responsibility for processed transactions.

 

 

 

 

 

QUESTION 167

Although BCP and DRP are often implemented and tested by middle management and end users, the ultimate responsibility and accountability for the plans remain with executive management, such as the _______________. (fill-in-the-blank)

 

A.

Security administrator

B.

Systems auditor

C.

Board of directors

D.

Financial auditor

 

Correct Answer: C

Explanation:

Although BCP and DRP are often implemented and tested by middle management and end users, the ultimate responsibility and accountability for the plans remain with executive management, such as the board of directors.

 

 

QUESTION 168

Which of the following provides the strongest authentication for physical access control?

 

A.

Sign-in logs

B.

Dynamic passwords

C.

Key verification

D.

Biometrics

 

Correct Answer: D

Explanation:

Biometrics can be used to provide excellent physical access control.

 

 

QUESTION 169

An organization having a number of offices across a wide geographical area has developed a disaster recovery plan (DRP). Using actual resources, which of the following is the MOST costeffective test of the DRP?

 

A.

Full operational test

B.

Preparedness test

C.

Paper test

D.

Regression test

 

Correct Answer: B

Explanation:

A preparedness test is performed by each local office/area to test the adequacy of the preparedness of local operations for the disaster recovery.

 

 

QUESTION 170

Which of the following could lead to an unintentional loss of confidentiality? Choose the BEST answer.

 

A.

Lack of employee awareness of a company’s information security policy

B.

Failure to comply with a company’s information security policy

C.

A momentary lapse of reason

D.

Lack of security policy enforcement procedures

 

Correct Answer: A

Explanation:

Lack of employee awareness of a company’s information security policy could lead to an unintentional loss of confidentiality.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …