Download New Updated (July) Isaca CISA Actual Test 301-310

Ensurepass

 

QUESTION 301

An IS auditor is assigned to perform a postimplementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor:

 

A.

implemented a specific control during the development of the application system.

B.

designed an embedded audit module exclusively for auditing the application system.

C.

participated as a member of the application system project team, but did not have operational responsibilities.

D.

provided consulting advice concerning application system best practices.

 

Correct Answer: A

Explanation:

Independence may be impaired if an IS auditor is, or has bee
n, actively involved in the development, acquisition and implementation of the application system. Choices B and C are situations that do not impair an IS auditor’s independence. Choice D isincorrect because an IS auditor’s independence is not impaired by providing advice on known best practices.

 

 

QUESTION 302

Which audit technique provides the BEST evidence of the segregation of duties in an IS department?

 

A.

Discussion with management

B.

Review of the organization chart

C.

Observation and interviews

D.

Testing of user access rights

 

Correct Answer: C

Explanation:

By observing the IS staff performing their tasks, an IS auditor can identify whether they are performing any incompatible operations, and by interviewing the IS staff, the auditor can get an overview of the tasks performed. Based on the observationsand interviews the auditor can evaluate the segregation of duties. Management may not be aware of the detailed functions of each employee in the IS department; therefore, discussion with the management would provide only limited information regardingsegregation of duties. An organization chart would not provide details of the functions of the employees. Testing of user rights would provide information about the rights they have within the IS systems, but would not provide complete information about the functions they perform.

 

 

QUESTION 303

Which of the following would be the MOST effective audit technique for identifying segregation of duties violations in a new enterprise resource planning (ERP) implementation?

 

A.

Reviewing a report of security rights in the system

B.

Reviewing the complexities of authorization objects

C.

Building a program to identify conflicts in authorization

D.

Examining recent access rights violation cases

 

Correct Answer: C

Explanation:

Since the objective is to identify violations in segregation of duties, it is necessary to define the logic that will identify conflicts in authorization. A program could be developed to identify these conflicts. A report of security rights in the enterprise resource planning (ERP) system would be voluminous and time consuming to review; therefore, this technique is not as effective as building a program. As complexities increase, it becomes more difficult to verify the effectiveness of the systems and complexity is not, in itself, a link to segregation of duties. It is good practice to review recent access rights violation cases; however, it may require a significant amount of time to truly identify which violations actually resulted froman inappropriate segregation of duties.

 

 

QUESTION 304

Which of the following would be the BEST population to take a sample from when testing program changes?

 

A.

Test library listings

B.

Source program listings

C.

Program change requests

D.

Production library listings

Correct Answer: D

Explanation:

The best source from which to draw any sample or test of system information is the automated system. The production libraries represent executables that are approved and authorized to process organizational datA. Source program listings would be timeintensive. Program change requests are the documents used to initiate change; there is no guarantee that the request has been completed for all changes. Test library listings do not represent the approved and authorized executables.

 

 

QUESTION 305

In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover potential anomalies in user or system behavior. Which of the following tools are MOST suitable for performing that task?

 

A.

CASE tools

B.

Embedded data collection tools

C.

Heuristic scanning tools

D.

Trend/variance detection tools

 

Correct Answer: D

Explanation:

Trend/variance detection tools look for anomalies in user or system behavior, for example, determining whether the numbers for prenumbered documents are sequential or increasing. CASE tools are used to assist software development. Embedded (audit) data collection software is used for sampling and to provide production statistics. Heuristic scanning tools can be used to scan for viruses to indicate possible infected code.

 

 

QUESTION 306

When preparing an audit report the IS auditor should ensure that the results are supported

by:

 

A.

statements from IS management.

B.

workpapers of other auditors.

C.

an organization
al control self-assessment.

D.

sufficient and appropriate audit evidence.

 

Correct Answer: D

Explanation:

ISACA’s standard on ‘reporting’ requires the IS auditor have sufficient and appropriate audit evidence to support the reported results. Statements from IS management provide a basis for obtaining concurrence on matters that cannot be verified with empirical evidence. The report should be based on evidence collected during the course of the review even though the auditor may have access to the work papers of other auditors. The results of an organizational control self-assessment (CSA) could supplement the audit findings. Choices A, B and C might be referenced during an audit but, of themselves, would not be considered a sufficient basis for issuing a report.

 

 

 

 

 

 

 

QUESTION 307

An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review?

 

A.

Availability of online network docum
entation

B.

Support of terminal access to remote hosts

C.

Handling file transfer between hosts and interuser communications

D.

Performance management, audit and control

 

Correct Answer: A

Explanation:

Network operating system user features include online availability of network documentation. Other features would be user access to various resources of network hosts, user authorization to access particular resources, and the network and host computers used without special user actions or commands. Choices B, C and D are examples of network operating systems functions.

 

 

QUESTION 308

Which of the following online auditing techniques is most effective for the early detection of errors or irregularities?

 

A.

Embedded audit module

B.

Integrated test facility

C.

Snapshots

D.

Audit hooks

 

Correct Answer: D

Explanation:

The audit hook technique involves embedding code in application systems for the examination of selected transactions. This helps an IS auditor to act before an error or an irregularity gets out of hand. An embedded audit module involves embedding specially- written software in the organization’s host application system so that application systems are monitored on a selective basis. An integrated test facility is used when it is not practical to use test data, and snapshots are used when an audittrail is required.

 

 

QUESTION 309

An IS auditor is reviewing access to an application to determine whether the 10 most recent “new user” forms were correctly authorized. This is an example of:

 

A.

variable sampling.

B.

substantive testing.

C.

compliance testing.

D.

stop-or-go sampling.

 

Correct Answer: C

Explanation:

Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values. Substantive testing substantiates the integrity of actual processing, such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed.

 

 

QUESTION 310

An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of the following findings should give the IS auditor the GREATEST concern?

 

A.

There are a number of external modems connected to the network.

B.

Users can install software on their desktops.

C.

Network monitoring is very limited.

D.

Many user IDs have identical passwords.

 

Correct Answer: D

Explanation:

Exploitation of a known user ID and password requires minimal technical knowledge and exposes the network resources to exploitation. The technical barrier is low and the impact can be very high; therefore, the fact that many user IDs have identical passwords represents the greatest threat. External modems represent a security risk, but exploitation still depends on the use of a valid user account. While the impact of users installing software on their desktops can be high {for example, due to the installation of Trojans or key-logging programs), the likelihood is not high due to the level of technical knowledge required to successfully penetrate the network. Although network monitoring can be a useful detective control, it will only detectabuse of user accounts in special circumstances and is, therefore, not a first line of defense.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP .
..

Instant Access to Free PDF Files: CompTIA | VMware | SAP …