O'Reilly logo

The CISA® Prep Guide: Mastering the Certified Information Systems Auditor Exam by John Kramer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

3.7. Sample Questions

Here is a sampling of questions in the format of the CISA exam. These questions are related to the technical infrastructure and operational practices, and will help test your understanding of this subject. Answers with explanations are provided in Appendix A.

  1. The best way to understand the security configuration of an operating system is to

    1. Consult the vendor's installation manuals

    2. Review the security plan for the system

    3. Interview the systems programmer who installed the software

    4. Review the system-generated configuration parameters

  2. What three things are the most important security controls that should be present when reviewing an operating systems security?

    1. The code comes from a trusted source.

    2. Audit logging is turned on.

    3. Unnecessary services are turned off.

    4. The default passwords are changed.

    5. Systems administrators do not have any more access than they need to in order to perform their job.

    1. I, II, and III

    2. III, IV, and V

    3. I, III, and IV

    4. I, II, and IV

  3. Databases are complex to evaluate from a risk perspective because

    1. Access controls for application views, query permissions, field level table access, as well as access to reports and query results must be reviewed to assess the security of data.

    2. They can have complex data structures that may be joined through several keys.

    3. Data definitions must be maintained in order to understand the data classifications.

    4. Data flows and data normalization processes make both table sizing and transaction mapping difficult.

  4. In a two-phase commit database ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required