The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification. Show CISA Question 421QuestionDuring maintenance of a relational database, several values of the
foreign key in a transaction table of a relational database have been corrupted. A. the detail of involved transactions may no longer be associated with master data, causing errors when these transactions are processed. AnswerA. the detail of involved transactions may no longer be associated with master data, causing errors when these transactions are processed. ExplanationWhen the external key of a transaction is corrupted or lost, the application system will normally be incapable of directly attaching the master data to the transaction data. This will normally cause the system to undertake a sequential search and slow down the processing. If the concerned files are big, this slowdown will be unacceptable. Choice B is incorrect, since a system can recover the corrupted external key by reindexing the table. Choices C and D would not result from a corrupted foreign key. CISA Question 422QuestionAn IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated? A. Consistency AnswerD. Atomicity ExplanationAtomicity guarantees that either the entire transaction is processed or none of it is. Consistency ensures that the database is in a legal state when the transaction begins and ends, isolation means that, while in an intermediate state, the transaction data is invisible to external operations. Durability guarantees that a successful transaction will persist, and cannot be undone. CISA Question 423QuestionWhich of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures AnswerB. Table link/reference checks ExplanationPerforming table link/reference checks serves to detect table linking errors (such as
completeness and accuracy of the contents of the database), and thus provides the greatest assurance of database integrity. Audit log procedures enable recording of all events that have been identified and help in tracing the events. CISA Question 424QuestionThe objective of concurrency control in a database system is to: A. restrict updating of the database to authorized users. AnswerB. prevent integrity problems when two processes attempt to update the same data at the same time. ExplanationConcurrency controls prevent data integrity problems, which can arise when two update processes access the same data item at the same time. Access controls restrict updating of the database to authorized users, and controls such as passwords prevent the inadvertent or unauthorized disclosure of data from the database. Quality controls, such as edits, ensure the accuracy, completeness and consistency of data maintained in the database. CISA Question 425QuestionWhich of the following will prevent dangling tuples in a database? A. Cyclic integrity AnswerD. Referential integrity ExplanationReferential integrity ensures that a foreign key in one table will equal null or the value of a primary in the other table. For every tuple in a table having a referenced/ foreign key, there should be a corresponding tuple in another table, i.e., for existence of all foreign keys in the original tables, if this condition is not satisfied, then it results in a dangling tuple. Cyclical checking is the control technique for the regular checking of accumulated data on a file against authorized source documentation. There is no cyclical integrity testing. Domain integrity testing ensures that a data item has a legitimate value in the correct range or set. Relational integrity is performed at the record level and is ensured by calculating and verifying specific fields. CISA Question 426QuestionWhich of the following would BEST maintain the integrity of a firewall log? A. Granting access to log information only to
administrators AnswerD. Sending log information to a dedicated third-party log server ExplanationEstablishing a dedicated third-party log server and logging events in it is the best procedure for maintaining the integrity of a firewall log. When access control to the log server is adequately maintained, the risk of unauthorized log modification will be mitigated, therefore improving the integrity of log information. To enforce segregation of duties, administrators should not have access to log files. This primarily contributes to the assurance of confidentiality rather than integrity. There are many ways to capture log information: through the application layer, network layer, operating systems layer, etc.; however, there is no log integrity advantage in capturing events in the operating systems layer. If it is a highly mission-critical information system, it may be nice to run the system with a dual log mode. Having logs in two different storage devices will primarily contribute to the assurance of the availability of log information, rather than to maintaining its integrity. CISA Question 427QuestionDoing which of the following during peak production hours could result in unexpected downtime? A. Performing data migration or tape
backup AnswerB. Performing preventive maintenance on electrical systems ExplanationChoices A and C are processing events which may impact performance, but would not cause downtime. Enterprise-class routers have redundant hot-swappable power supplies, so replacing a failed power supply should not be an issue. Preventive maintenance activities should be scheduled for non-peak times of the day, and preferably during a maintenance window time period. A mishap or incident caused by a maintenance worker could result in unplanned downtime. CISA Question 428QuestionWhich of the following is the BEST type of program for an organization to implement to aggregate, correlate and store different log and event files, and then produce weekly and monthly reports for IS auditors? A. A security information event management (SIEM) product AnswerC. A log management tool ExplanationA log management tool is a product designed to aggregate events from many log files (with distinct formats and from different sources), store them and typically correlate them offline to produce many reports (e.g., exception reports showing different statistics including anomalies and suspicious activities), and to answer time-based queries (e.g., how many users have entered the system between 2 a.m. and 4 a.m. over the past three weeks?). A SIEM product has some similar features. It correlates events from log files, but does it online and normally is not oriented to storing many weeks of historical information and producing audit reports. A correlation engine is part of a SIEM product. It is oriented to making an online correlation of events. An extract, transform, load (ETL) is part of a business intelligence system, dedicated to extracting operational or production data, transforming that data and loading them to a central repository (data warehouse or data mart); an ETL does not correlate data or produce reports, and normally it does not have extractors to read log file formats. CISA Question 429QuestionTo verify that the correct version of a data file was used for a production run, an IS auditor should review: A. operator problem reports. AnswerC. system logs. ExplanationSystem logs are automated reports which identify most of the activities performed on the computer. Programs that analyze the system log have been developed to report on specifically defined items. The auditor can then carry out tests to ensure that the
correct file version was used for a production run. Operator problem reports are used by operators to log computer operation problems. Operator work schedules are maintained to assist in human resources planning. CISA Question 430QuestionAn IS auditor observes a weakness in the tape management system at a data center in that some parameters are set to bypass or ignore tape
header records. A. Staging and job set up AnswerA. Staging and job set up ExplanationIf the IS auditor finds that there are effective staging and job set up processes, this can be accepted as a compensating control. Choice B is a detective control while choices C and D are corrective controls, none of which would serve as good compensating controls. |