CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 244
1. The BEST way to minimize the risk of communication failures in an e-commerce environment would be to use:
A) compression software to minimize transmission duration.
B) functional or message acknowledgments.
C) a packet-filtering firewall to reroute messages.
D) leased asynchronous transfer mode lines.
2. An IS auditor reviewing an organization's data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:
A) source documentation retention.
B) data file security.
C) version usage control.
D) one-for-one checking.
3. Which of the following BEST limits the impact of server failures in a distributed environment?
A) Redundant pathways
B) Clustering
C) Dial backup lines
D) Standby power
4. When reviewing a hardware maintenance program, an IS auditor should assess whether:
A) the schedule of all unplanned maintenance is maintained.
B) it is in line with historical trends.
C) it has been approved by the IS steering committee.
D) the program is validated against vendor specifications.
5. An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records.Which of the following is the MOST effective compensating control for this weakness?
A) Staging and job set up
B) Supervisory review of logs
C) Regular back-up of tapes
D) Offsite storage of tapes
A) compression software to minimize transmission duration.
B) functional or message acknowledgments.
C) a packet-filtering firewall to reroute messages.
D) leased asynchronous transfer mode lines.
2. An IS auditor reviewing an organization's data file control procedures finds that transactions are applied to the most current files, while restart procedures use earlier versions. The IS auditor should recommend the implementation of:
A) source documentation retention.
B) data file security.
C) version usage control.
D) one-for-one checking.
3. Which of the following BEST limits the impact of server failures in a distributed environment?
A) Redundant pathways
B) Clustering
C) Dial backup lines
D) Standby power
4. When reviewing a hardware maintenance program, an IS auditor should assess whether:
A) the schedule of all unplanned maintenance is maintained.
B) it is in line with historical trends.
C) it has been approved by the IS steering committee.
D) the program is validated against vendor specifications.
5. An IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape header records.Which of the following is the MOST effective compensating control for this weakness?
A) Staging and job set up
B) Supervisory review of logs
C) Regular back-up of tapes
D) Offsite storage of tapes
1. Right Answer: D
Explanation: Leased asynchronous transfer mode lines are a way to avoid using public and shared infrastructures from the carrier or Internet service provider that have a greater number of communication failures. Choice A, compression software, is a valid way to reduce the problem, but is not as good as leased asynchronous transfer mode lines. Choice B is a control based on higher protocol layers and helps if communication lines are introducing noise, but not if a link is down. ChoiceC, a packet-filtering firewall, does not reroute messages.
2. Right Answer: C
Explanation: For processing to be correct, it is essential that the proper version of a file is used. Transactions should be applied to the most current database, while restart procedures should use earlier versions. Source documentation should be retained for an adequate time period to enable documentation retrieval, reconstruction or verification of data, but it does not aid in ensuring that the correct version of a file will be used. Data file security controls prevent access by unauthorized users who could then alter the data files; however, it does not ensure that the correct file will be used. It is necessary to ensure that all documents have been received for processing, one-for-one; however, this does not ensure the use of the correct file.
3. Right Answer: B
Explanation: Clustering allows two or more servers to work as a unit, so that when one of them fails, the other takes over. Choices A and C are intended to minimize the impact of channel communications failures, but not a server failure. Choice D provides an alternative power source in the event of an energy failure.
4. Right Answer: D
Explanation: Though maintenance requirements vary based on complexity and performance workloads, a hardware maintenance schedule should be validated against the vendor-provided specifications. For business reasons, an organization may choose a more aggressive maintenance program than the vendor's program. The maintenance program should include maintenance performance history, be it planned, unplanned, executed or exceptional. Unplanned maintenance cannot be scheduled. Hardware maintenance programs do not necessarily need to be in line with historical trends. Maintenance schedules normally are not approved by the steering committee.
5. Right Answer: A
Explanation: If the IS auditor finds that there are effective staging and job set up processes, this can be accepted as a compensating control. Choice B is a detective control while choices C and D are corrective controls, none of which would serve as good compensating controls.
Explanation: Leased asynchronous transfer mode lines are a way to avoid using public and shared infrastructures from the carrier or Internet service provider that have a greater number of communication failures. Choice A, compression software, is a valid way to reduce the problem, but is not as good as leased asynchronous transfer mode lines. Choice B is a control based on higher protocol layers and helps if communication lines are introducing noise, but not if a link is down. ChoiceC, a packet-filtering firewall, does not reroute messages.
2. Right Answer: C
Explanation: For processing to be correct, it is essential that the proper version of a file is used. Transactions should be applied to the most current database, while restart procedures should use earlier versions. Source documentation should be retained for an adequate time period to enable documentation retrieval, reconstruction or verification of data, but it does not aid in ensuring that the correct version of a file will be used. Data file security controls prevent access by unauthorized users who could then alter the data files; however, it does not ensure that the correct file will be used. It is necessary to ensure that all documents have been received for processing, one-for-one; however, this does not ensure the use of the correct file.
3. Right Answer: B
Explanation: Clustering allows two or more servers to work as a unit, so that when one of them fails, the other takes over. Choices A and C are intended to minimize the impact of channel communications failures, but not a server failure. Choice D provides an alternative power source in the event of an energy failure.
4. Right Answer: D
Explanation: Though maintenance requirements vary based on complexity and performance workloads, a hardware maintenance schedule should be validated against the vendor-provided specifications. For business reasons, an organization may choose a more aggressive maintenance program than the vendor's program. The maintenance program should include maintenance performance history, be it planned, unplanned, executed or exceptional. Unplanned maintenance cannot be scheduled. Hardware maintenance programs do not necessarily need to be in line with historical trends. Maintenance schedules normally are not approved by the steering committee.
5. Right Answer: A
Explanation: If the IS auditor finds that there are effective staging and job set up processes, this can be accepted as a compensating control. Choice B is a detective control while choices C and D are corrective controls, none of which would serve as good compensating controls.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment