Practice Free CISA Exam Online Questions
Question #71
Documentation of workaround processes to keep a business function operational during recovery of
IT systems is a core part of a:
- A . business impact analysis (BIA).
- B . threat and risk assessment.
- C . business continuity plan (BCP).
- D . disaster recovery plan (DRP).
Correct Answer: C
C
Explanation:
A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster1. A core part of a BCP is the documentation of workaround processes to keep a business function operational during recovery of IT systems. Workaround processes are alternative methods or procedures that can be used to perform a business function when the normal IT systems are unavailable or disrupted2. For example, if an online payment system is down, a workaround process could be to accept manual payments or use a backup system. Workaround processes help to minimize the impact of IT disruptions on the business operations and ensure continuity of service to customers and stakeholders3.
Reference:
1 explains what is a business continuity plan and why it is important.
2 defines what is a workaround process and how it can be used in a BCP.
3 provides examples of workaround processes for different business functions.
C
Explanation:
A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster1. A core part of a BCP is the documentation of workaround processes to keep a business function operational during recovery of IT systems. Workaround processes are alternative methods or procedures that can be used to perform a business function when the normal IT systems are unavailable or disrupted2. For example, if an online payment system is down, a workaround process could be to accept manual payments or use a backup system. Workaround processes help to minimize the impact of IT disruptions on the business operations and ensure continuity of service to customers and stakeholders3.
Reference:
1 explains what is a business continuity plan and why it is important.
2 defines what is a workaround process and how it can be used in a BCP.
3 provides examples of workaround processes for different business functions.
Question #72
A checksum is classified as which type of control?
- A . Detective control
- B . Preventive control
- C . Corrective control
- D . Administrative control
Correct Answer: A
A
Explanation:
A checksum is classified as a detective control. A checksum is a mathematical value that is calculated from a data set and used to verify the integrity of the data. A checksum can detect if the data has been altered or corrupted during transmission or storage. A checksum does not prevent or correct the data corruption, but it alerts the user or system of the problem. Therefore, it is a detective control. A preventive control is a control that prevents an error or incident from occurring. A corrective control is a control that restores normal operations after an error or incident has occurred. An administrative control is a control that involves policies, procedures, standards, guidelines, or organizational structures.
Reference: CISA Review Manual (Digital Version)1, page 439.
A
Explanation:
A checksum is classified as a detective control. A checksum is a mathematical value that is calculated from a data set and used to verify the integrity of the data. A checksum can detect if the data has been altered or corrupted during transmission or storage. A checksum does not prevent or correct the data corruption, but it alerts the user or system of the problem. Therefore, it is a detective control. A preventive control is a control that prevents an error or incident from occurring. A corrective control is a control that restores normal operations after an error or incident has occurred. An administrative control is a control that involves policies, procedures, standards, guidelines, or organizational structures.
Reference: CISA Review Manual (Digital Version)1, page 439.
Question #73
Which of the following is the MOST effective control over visitor access to highly secured areas?
- A . Visitors are required to be escorted by authorized personnel.
- B . Visitors are required to use biometric authentication.
- C . Visitors are monitored online by security cameras
- D . Visitors are required to enter through dead-man doors.
Correct Answer: A
A
Explanation:
The most effective control over visitor access to highly secured areas is to require visitors to be escorted by authorized personnel. This control ensures that visitors are supervised at all times and do not enter any restricted or sensitive areas without permission. It also allows authorized personnel to verify the identity, purpose, and clearance of the visitors, and to monitor their behavior and activities. Escorting visitors also reduces the risk of tailgating, piggybacking, or unauthorized duplication of access credentials.
Requiring visitors to use biometric authentication, monitoring visitors online by security cameras, and requiring visitors to enter through dead-man doors are all examples of technical controls that can enhance visitor access control, but they are not as effective as escorting visitors. Biometric authentication can provide a high level of identity verification, but it does not prevent visitors from accessing unauthorized areas or compromising security in other ways. Security cameras can provide a record of visitor movements and actions, but they may not deter or detect security breaches in real time. Dead-man doors can prevent unauthorized entry by requiring two-factor authentication, but they do not ensure that visitors are accompanied by authorized personnel.
Reference: ISC Best Practices for Facility Access Control1
Visitor Management Best Practices From Top Organizations2
8 Best Practices for Setting Up a Visitor Management System3
A
Explanation:
The most effective control over visitor access to highly secured areas is to require visitors to be escorted by authorized personnel. This control ensures that visitors are supervised at all times and do not enter any restricted or sensitive areas without permission. It also allows authorized personnel to verify the identity, purpose, and clearance of the visitors, and to monitor their behavior and activities. Escorting visitors also reduces the risk of tailgating, piggybacking, or unauthorized duplication of access credentials.
Requiring visitors to use biometric authentication, monitoring visitors online by security cameras, and requiring visitors to enter through dead-man doors are all examples of technical controls that can enhance visitor access control, but they are not as effective as escorting visitors. Biometric authentication can provide a high level of identity verification, but it does not prevent visitors from accessing unauthorized areas or compromising security in other ways. Security cameras can provide a record of visitor movements and actions, but they may not deter or detect security breaches in real time. Dead-man doors can prevent unauthorized entry by requiring two-factor authentication, but they do not ensure that visitors are accompanied by authorized personnel.
Reference: ISC Best Practices for Facility Access Control1
Visitor Management Best Practices From Top Organizations2
8 Best Practices for Setting Up a Visitor Management System3
Question #74
An organization allows employees to retain confidential data on personal mobile devices.
Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?
- A . Require employees to attend security awareness training.
- B . Password protect critical data files.
- C . Configure to auto-wipe after multiple failed access attempts.
- D . Enable device auto-lock function.
Correct Answer: C
C
Explanation:
The best recommendation to mitigate the risk of data leakage from lost or stolen devices that contain confidential data is to configure them to auto-wipe after multiple failed access attempts, as this would prevent unauthorized access and erase sensitive information from the device. Requiring employees to attend security awareness training, password protecting critical data files, or enabling device auto-lockfunction are also good practices, but they may not be sufficient oreffective in preventing data leakage from lost or stolen devices.
Reference: CISA Review Manual (Digital Version), Chapter 5, Section 5.3
C
Explanation:
The best recommendation to mitigate the risk of data leakage from lost or stolen devices that contain confidential data is to configure them to auto-wipe after multiple failed access attempts, as this would prevent unauthorized access and erase sensitive information from the device. Requiring employees to attend security awareness training, password protecting critical data files, or enabling device auto-lockfunction are also good practices, but they may not be sufficient oreffective in preventing data leakage from lost or stolen devices.
Reference: CISA Review Manual (Digital Version), Chapter 5, Section 5.3
Question #75
Which of the following is PRIMARILY used in blockchain technology to create a distributed immutable ledger?
- A . Artificial intelligence (Al)
- B . Application hardening
- C . Edge computing
- D . Encryption
Correct Answer: D
Question #76
Which of the following is an effective way to ensure the integrity of file transfers in a peer-to-peer (P2P) computing environment?
- A . Associate a message authentication code with each file transferred.
- B . Ensure the files are transferred through an intrusion detection system (IDS).
- C . Encrypt the packets shared between peers within the environment.
- D . Connect the client computers in the environment to a jump server.
Correct Answer: A
Question #77
Before the release of a new application into an organization’s production environment, which of the following should be in place to ensure that proper testing has occurred and rollback plans are in place?
- A . Change approval board
- B . Standardized change requests
- C . Independent third-party approval
- D . Secure code review
Correct Answer: A
A
Explanation:
Comprehensive and Detailed Step-by-Step
AChange Approval Board (CAB)ensures thatall necessary testing and rollback planshave been reviewed before deployment.
Option A (Correct): ACABensures thatchanges are reviewed, tested, and approved, minimizing risks before an application is deployed. This includes confirming thatrollback plans are in place.
Option B (Incorrect): Standardized change requestsare important but donot guarantee review and approvalby management and stakeholders.
Option C (Incorrect): Third-party approvalmay be useful, but internalgovernance and control via a CABis more comprehensive.
Option D (Incorrect): Secure code reviewshelp identify vulnerabilities, but they donot confirm proper deployment and rollback procedures.
Reference: ISACA CISA Review Manual CDomain 3: Information Systems Acquisition, Development, and ImplementationC Coverschange management and deployment best practices.
A
Explanation:
Comprehensive and Detailed Step-by-Step
AChange Approval Board (CAB)ensures thatall necessary testing and rollback planshave been reviewed before deployment.
Option A (Correct): ACABensures thatchanges are reviewed, tested, and approved, minimizing risks before an application is deployed. This includes confirming thatrollback plans are in place.
Option B (Incorrect): Standardized change requestsare important but donot guarantee review and approvalby management and stakeholders.
Option C (Incorrect): Third-party approvalmay be useful, but internalgovernance and control via a CABis more comprehensive.
Option D (Incorrect): Secure code reviewshelp identify vulnerabilities, but they donot confirm proper deployment and rollback procedures.
Reference: ISACA CISA Review Manual CDomain 3: Information Systems Acquisition, Development, and ImplementationC Coverschange management and deployment best practices.
Question #78
Which of the following is the BEST method to maintain an audit trail of changes made to the source code of a program?
- A . Embed details within source code.
- B . Standardize file naming conventions.
- C . Utilize automated version control.
- D . Document details on a change register.
Correct Answer: C
C
Explanation:
Automated version control systems are the best method to maintain an audit trail of changes made to the source code of a program. They automatically track and manage changes to the source code over time, allowing you to see what changes were made, when they were made, and who made them1. This provides a clear and detailed audit trail that can be invaluable for debugging, understanding the evolution of the code, and ensuring accountability23.
C
Explanation:
Automated version control systems are the best method to maintain an audit trail of changes made to the source code of a program. They automatically track and manage changes to the source code over time, allowing you to see what changes were made, when they were made, and who made them1. This provides a clear and detailed audit trail that can be invaluable for debugging, understanding the evolution of the code, and ensuring accountability23.
Question #79
Which of the following is the BEST detective control for a job scheduling process involving data transmission?
- A . Metrics denoting the volume of monthly job failures are reported and reviewed by senior management.
- B . Jobs are scheduled to be completed daily and data is transmitted using a Secure File Transfer Protocol (SFTP).
- C . Jobs are scheduled and a log of this activity is retained for subsequent review.
- D . Job failure alerts are automatically generated and routed to support personnel.
Correct Answer: D
D
Explanation:
The best detective control for a job scheduling process involving data transmission is job failure alerts that are automatically generated and routed to support personnel. Job failure alerts are notifications that indicate when a scheduled job or task fails to execute or complete successfully, such as due to errors, interruptions, or delays. Job failure alerts can help detect and correct any issues or anomalies in the job scheduling process involving data transmission by informing and alerting the support personnel who can investigate and resolve the problem. The other options are not as effective as job failure alerts in detecting issues or anomalies in the job scheduling process involving data transmission, as they do not provide timely or specific information or feedback. Metrics denoting the volume of monthly job failures are reported and reviewed by senior management is a reporting technique that can help measure and improve the performance and reliability of the job scheduling process, but it does not provide immediate or detailed information on individual job failures. Jobs are scheduled to be completed daily and data is transmitted using a Secure File Transfer Protocol (SFTP) is a preventive control that can help ensure the timeliness and security of the job scheduling process involving data transmission, but it does not detect any issues or anomalies that may occur during the process. Jobs are scheduled and a log of this activity is retained for subsequent review is a logging technique that can help record and track the status and results of the job scheduling process involving data transmission, but it does not provide real-time or proactive information on job failures.
Reference: CISA Review Manual (Digital Version), Chapter 3, Section 3.2
D
Explanation:
The best detective control for a job scheduling process involving data transmission is job failure alerts that are automatically generated and routed to support personnel. Job failure alerts are notifications that indicate when a scheduled job or task fails to execute or complete successfully, such as due to errors, interruptions, or delays. Job failure alerts can help detect and correct any issues or anomalies in the job scheduling process involving data transmission by informing and alerting the support personnel who can investigate and resolve the problem. The other options are not as effective as job failure alerts in detecting issues or anomalies in the job scheduling process involving data transmission, as they do not provide timely or specific information or feedback. Metrics denoting the volume of monthly job failures are reported and reviewed by senior management is a reporting technique that can help measure and improve the performance and reliability of the job scheduling process, but it does not provide immediate or detailed information on individual job failures. Jobs are scheduled to be completed daily and data is transmitted using a Secure File Transfer Protocol (SFTP) is a preventive control that can help ensure the timeliness and security of the job scheduling process involving data transmission, but it does not detect any issues or anomalies that may occur during the process. Jobs are scheduled and a log of this activity is retained for subsequent review is a logging technique that can help record and track the status and results of the job scheduling process involving data transmission, but it does not provide real-time or proactive information on job failures.
Reference: CISA Review Manual (Digital Version), Chapter 3, Section 3.2
Question #80
Which of the following security measures will reduce the risk of propagation when a cyberattack occurs?
- A . Perimeter firewall
- B . Data loss prevention (DLP) system
- C . Network segmentation
- D . Web application firewall (WAF)
Correct Answer: C