The actual Testking Isaca examine manuals are already enjoying a more and more natural part inside candidates researching life, it save much time for folks steer clear of to wait the program. Our Isaca CISA dumps include numerous simulator exercises questions. The actual simulator exercises questions are usually combined in to the Isaca CISA solutions of our own Isaca CISA manuals. All of us promise an individual that you will get the particular achievement deffinately if you work tirelessly with our CISA qualification examine components. The greater an individual practise the particular Testking CISA dumps, the greater indicate you can attain. You can consider Isaca CISA publications or the e-books anyplace and also when you would like within the cause associated with they all are portable. Testking will assure the particular maximize benefits of customers due to our high-quality products.
2016 Jul CISA exam cram
Q111. - (Topic 3)
Establishing the level of acceptable risk is the responsibility of:
A. quality assurance management.
B. senior business management.
C. the chief information officer.
D. the chief security officer.
Senior management should establish the acceptable risk level, since they have the ultimate or final responsibility for the effective and efficient operation of the organization. Choices A, C and D should act as advisors to senior management in determining an acceptable risk level.
Q112. - (Topic 3)
The PRIMARY objective of implementing corporate governance by an organization's management is to:
A. provide strategic direction.
B. control business operations.
C. align IT with business.
D. implement best practices.
Corporate governance is a set of management practices to provide strategic direction, thereby ensuring that goals are achievable, risks are properly addressed and organizational resources are properly utilized. Hence, the primary objective of corporate governance is to provide strategic direction. Based on the strategic direction, business operations are directed and controlled.
Q113. - (Topic 1)
What is a callback system?
A. It is a remote-access system whereby the remote-access server immediately calls the user back at a predetermined number if the dial-in connection fails.
B. It is a remote-access system whereby the user's application automatically redials the remoteaccess server if the initial connection attempt fails.
C. It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server's configuration database.
D. It is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently allows the user to call back at an approved number for a limited period of time.
Explanation: A callback system is a remote-access control whereby the user initially connects to the network systems via dial-up access, only to have the initial connection terminated by the server, which then subsequently dials the user back at a predetermined number stored in the server's configuration database.
Q114. - (Topic 3)
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it:
A. has been approved by line management.
B. does not vary from the IS department's preliminary budget.
C. complies with procurement procedures.
D. supports the business objectives of the organization.
Strategic planning sets corporate or department objectives into motion. Both long-term and short-term strategic plans should be consistent with the organization's broader plans and business objectives for attaining these goals. Choice A is incorrectsince line management prepared the plans.
Q115. - (Topic 1)
When storing data archives off-site, what must be done with the data to ensure data completeness?
A. The data must be normalized.
B. The data must be validated.
C. The data must be parallel-tested.
D. The data must be synchronized.
Explanation: When storing data archives off-site, data must be synchronized to ensure data completeness.
Most up-to-date CISA download:
Q116. - (Topic 1)
Which of the following is a benefit of using callback devices?
A. Provide an audit trail
B. Can be used in a switchboard environment
C. Permit unlimited user mobility
D. Allow call forwarding
A callback feature hooks into the access control software and logs all authorized and unauthorized access attempts, permitting the follow-up and further review of potential breaches. Call forwarding (choice D) is a means of potentially bypassing callback control. By dialing through an authorized phone number from an unauthorized phone number, a perpetrator can gain computer access. This vulnerability can be controlled through callback systems that are available.
Q117. - (Topic 4)
An IS auditor is told by IS management that the organization has recently reached the highest level of the software capability maturity model (CMM). The software quality process MOST recently added by the organization is:
A. continuous improvement.
B. quantitative quality goals.
C. a documented process.
D. a process tailored to specific projects.
An organization would have reached the highest level of the software CMM at level 5, optimizing. Quantitative quality goals can be reached at level 4 and below, a documented process is executed at level 3 and below, and a process tailored to specific projects can be achieved at level 3 or below.
Q118. - (Topic 4)
The most common reason for the failure of information systems to meet the needs of users is that:
A. user needs are constantly changing.
B. the growth of user requirements was forecast inaccurately.
C. the hardware system limits the number of concurrent users.
D. user participation in defining the system's requirements was inadequate.
Lack of adequate user involvement, especially in the system's requirements phase, will usually result in a system that does not fully or adequately address the needs of the user. Only users can define what their needs are, and therefore what the system should accomplish.
Q119. - (Topic 1)
Which of the following typically focuses on making alternative processes and resources available for transaction processing?
A. Cold-site facilities
B. Disaster recovery for networks
C. Diverse processing
D. Disaster recovery for systems
Explanation: Disaster recovery for systems typically focuses on making alternative processes and resources available for transaction processing.
Q120. - (Topic 1)
What is the primary security concern for EDI environments? Choose the BEST answer.
A. Transaction authentication
B. Transaction completeness
C. Transaction accuracy
D. Transaction authorization
Explanation: Transaction authorization is the primary security concern for EDI environments.
see more CISA dumps