ITExamDump 는 완전히 여러분이 인증시험준비와 안전이 시험패스를 위한 완벽한 덤프제공사이트입니다.우리 ITExamDump의 덤프들은 응시자에 따라 ,시험 ,시험방법에 따라 제품의 완성도도 다릅니다.그 말은 즉 알 맞춤 자료입니다.여러분은 ITExamDump의 알맞춤 덤프들로 아주 간단하고 편안하게 패스할 수 있습니다.많은 it인증관연 응시자들은 모두 우리ITExamDump가 제공하는 문제와 답 덤프로 자격증 취득을 했습니다.때문에 우리ITExamDump또한 업계에서 아주 좋은 이미지를 가지고 잇습니다
현재 경쟁울이 심한IT시대에,ISACA CISA자격증 취득만으로 이 경쟁이 심한 사회에서 자신만의위치를 보장할수 있고 더욱이는 한층업된 삶을 누릴수 있을수도 있습니다. 우리ITExamDump 에서 여러분은ISACA CISA관련 학습지도서를 얻을 수 있습니다. 우리ITExamDump는 IT업계엘리트 한 강사들이 퍼펙트한ISACA CISA문제집을 만들어서 제공합니다. 우리가 제공하는ISACA CISA문제와 답으로 여러분은 한번에 성공적으로 시험을 패스 하실수 있습니다. 중요한것 저희 문제집을 선택함으로 여러분의 시간도 절약해드리고 무엇보다도 많은 근심없이 심플하게 시험을 패스하여 좋다는 점입니다.
ISACA인증 CISA시험을 준비하기 위해 잠도 설쳐가면서 많이 힘들죠? ITExamDump덤프가 고객님의 곁을 지켜드립니다. ITExamDump에서 제공해드리는ISACA인증 CISA덤프는 실제ISACA인증 CISA시험문제를 연구하여 만든 공부자료이기에 최고의 품질을 자랑합니다. ITExamDump덤프를 열심히 공부하여 멋진 IT전문가의 꿈을 이루세요.
시험 번호/코드: CISA
시험 이름: ISACA (Isaca CISA )
ISACA인증 CISA시험을 패스하는 지름길은ITExamDump에서 연구제작한 ISACA 인증CISA시험대비 덤프를 마련하여 충분한 시험준비를 하는것입니다. 덤프는 ISACA 인증CISA시험의 모든 범위가 포함되어 있어 시험적중율이 높습니다. ISACA 인증CISA시험패는 바로 눈앞에 있습니다. 링크를 클릭하시고ITExamDump의ISACA 인증CISA시험대비 덤프를 장바구니에 담고 결제마친후 덤프를 받아 공부하는것입니다.
ITExamDump는 여러 it인증에 관심 있고 또 응시하고 싶으신 분들에게 편리를 드립니다. 그리고 많은 분들이 이미 ITExamDump제공하는 덤프로 it인증시험을 한번에 패스를 하였습니다. 즉 우리 ITExamDump 덤프들은 아주 믿음이 가는 보장되는 덤프들이란 말이죠. ITExamDump에는 베터랑의전문가들로 이루어진 연구팀이 잇습니다, 그들은 it지식과 풍부한 경험으로 여러 가지 여러분이ISACA인증CISA시험을 패스할 수 있을 자료 등을 만들었습니다 여러분이ISACA인증CISA시험에 많은 도움이CISA될 것입니다. ITExamDump 가 제공하는CISA테스트버전과 문제집은 모두CISA인증시험에 대하여 충분한 연구 끝에 만든 것이기에 무조건 한번에CISA시험을 패스하실 수 있습니다.
성공을 위해 길을 찾고 실패를 위해 구실을 찾지 않는다는 말이 있습니다. ISACA인증 CISA시험이 영어로 출제되어 시험패스가 너무 어렵다 혹은 회사다니느라 공부할 시간이 없다는 등등은 모두 공부하기싫은 구실에 불과합니다. ITExamDump의 ISACA인증 CISA덤프만 마련하면 실패를 성공으로 바꿀수 있는 기적을 체험할수 있습니다.제일 간단한 방법으로 가장 어려운 문제를 해결해드리는것이ITExamDump의 취지입니다.
수많은ISACA인증 CISA시험공부자료중에서ITExamDump의ISACA인증 CISA덤프가 가장 출중한 원인은 무엇일가요? ITExamDump의ISACA인증 CISA덤프는 실제시험문제의 출제방향을 연구하여 IT전문가로 되어있는 덤프제작팀이 만든 최신버전 덤프입니다. ITExamDump의ISACA인증 CISA덤프가 있으면 힘든ISACA인증 CISA시험이 쉬어져서 자격증을 제일 빠른 시간내에 취득할수 있습니다.제일 어려운 시험을 제일 간단한 방법으로 패스하는 방법은ITExamDump의ISACA인증 CISA덤프로 시험준비 공부를 하는것입니다.
CISA 덤프무료샘플다운로드하기: http://www.itexamdump.com/CISA.html
NO.1 Which of the following data validation edits is effective in detecting transposition and transcription
errors?
A. Range check
B. Check digit
C. Validity check
D. Duplicate check
Answer: B
ISACA CISA자격증 CISA덤프 CISA시험문제
Explanation:
A check digit is a numeric value that is calculated mathematically and is appended to data to
ensure that the original data have not been altered or an incorrect, but valid, value substituted.
This control is effective in detecting transposition and transcription errors.
Incorrect answers:
A. A range check is checking data that matches a predetermined range of values.
C. A validity check is programmed checking of the data validity in accordance with predetermined criteria.
D. In a duplicate check, new or fresh transactions are matched to those previously entered to ensure that
they are not already in the system.
NO.2 A number of system failures are occurring when corrections to previously detected errors are
resubmitted for acceptance testing. This would indicate that the maintenance team is probably not
adequately performing which of the following types of testing?
A. Unit testing
B. Integration testing
C. Design walk-throughs
D. Configuration management
Answer: B
ISACA인증 CISA CISA pdf CISA자격증
Explanation:
A common system maintenance problem is that errors are often corrected quickly (especially when
deadlines are tight) , units are tested by the programmer, and then transferred to the acceptance test area.
This often results in system problems that should have been detected during integration or system testing.
Integration testing aims at ensuring that the major components of the system interface correctly.
NO.3 Which of the following systems-based approaches would a financial processing company employ to
monitor spending patterns to identify abnormal patterns and report them?
A. A neural network
B. Database management software
C. Management information systems
D. Computer assisted audit techniques
Answer: A Explanation:
A neural network will monitor and learn patterns, reporting exceptions for investigation. Incorrect answers:
B. Database management software is a method of storing and retrieving data.
C. Management information systems provide management statistics but do not normally have a
monitoring and detection function.
D. Computer-assisted audit techniques detect specific situations, but are not intended to learn patterns
and detect abnormalities.
NO.4 A critical function of a firewall is to act as a:
A. special router that connects the Internet to a LAN.
B. device for preventing authorized users from accessing the LAN.
C. server used to connect authorized users to private trusted network resources.
D. proxy server to increase the speed of access to authorized users.
Answer: B
ISACA CISA CISA시험문제 CISA
Explanation:
A firewall is a set of related programs, located at a network gateway server, that protects the resources of
a private network from users of other networks. An enterprise with an intranet that allows its workers
access to the wider Internet installs a firewall to prevent outsiders from accessing its own private data
resources and for controlling the outside resources to which its own users have access. Basically, a
firewall, working closely with a router program, filters all network packets to determine whether or not to
forward them toward their destination. A firewall includes or works with a proxy server that makes network
requests on behalf of workstation users. A firewall is often installed in a specially designated computer
separate from the rest of the network so no incoming request can get directed to private network
resources.
NO.5 Which of the following is a telecommunication device that translates data from digital form to analog
form and back to digital?
A. Multiplexer
B. Modem
C. Protocol converter
D. Concentrator
Answer: B
ISACA dumps CISA CISA dumps CISA자격증
Explanation:
A modem is a device that translates data from digital to analog and back to digital.
NO.6 Which of the following translates e-mail formats from one network to another so that the message can
travel through all the networks?
A. Gateway
B. Protocol converter
C. Front-end communication processor
D. Concentrator/multiplexor
Answer: A
ISACA dump CISA CISA pdf CISA
Explanation:
A gateway performs the job of translating e-mail formats from one network to another so messages can
make their way through all the networks.
Incorrect answers:
B. A protocol converter is a hardware device that converts between two different types of transmissions,
such as asynchronous and synchronous transmissions.
C. A front-end communication processor connects all network communication lines to a central computer
to relieve the central computer from performing network control, format conversion and message handling
tasks.
D. A concentrator/multiplexor is a device used for combining several lower-speed channels into a
higher-speed channel.
NO.7 An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is
LEAST likely to expect the job description of the DBA to include:
A. defining the conceptual schema.
B. defining security and integrity checks.
C. liaising with users in developing data model.
D. mapping data model with the internal schema.
Answer: D Explanation:
A DBA only in rare instances should be mapping data elements from the data model to the internal
schema (physical data storage definitions). To do so would eliminate data independence for application
systems. Mapping of the data model occurs with the conceptual schema since the conceptual schema
represents the enterprisewide view of data within an organization and is the basis for deriving an end-user
department data model.
NO.8 Which of the following hardware devices relieves the central computer from performing network
control, format conversion and message handling tasks?
A. Spool
B. Cluster controller
C. Protocol converter
D. Front end processor
Answer: D
ISACA시험문제 CISA자료 CISA자료 CISA인증
Explanation:
A front-end processor is a hardware device that connects all communication lines to a central computer to
relieve the central computer.
NO.9 A hub is a device that connects:
A. two LANs using different protocols.
B. a LAN with a WAN.
C. a LAN with a metropolitan area network (MAN).
D. two segments of a single LAN.
Answer: D
ISACA dump CISA CISA CISA
Explanation:
A hub is a device that connects two segments of a single LAN. A hub is a repeater. It provides transparent
connectivity to users on all segments of the same LAN. It is a level 1 device. Incorrect answers:
A. A bridge operates at level 2 of the OSI layer and is used to connect two LANs using different protocols
(e.g., joining an ethernet and token network) to form a logical network.
B. A gateway, which is a level 7 device, is used to connect a LAN to a WAN.
C. A LAN is connected with a MAN using a router, which operates in the network layer.
NO.10 Which of the following network configuration options contains a direct link between any two host
machines?
A. Bus
B. Ring
C. Star
D. Completely connected (mesh)
Answer: D
ISACA CISA CISA CISA
Explanation:
A completely connected mesh configuration creates a direct link between any two host machines.
Incorrect answers:
A. A bus configuration links all stations along one transmission line.
B. A ring configuration forms a circle, and all stations are attached to a point on the transmission circle.
D. In a star configuration each station is linked directly to a main hub.
NO.11 IS management has decided to rewrite a legacy customer relations system using fourth generation
languages (4GLs). Which of the following risks is MOST often associated with system development using
4GLs?
A. Inadequate screen/report design facilities
B. Complex programming language subsets
C. Lack of portability across operating systems
D. Inability to perform data intensive operations
Answer: D
ISACA인증 CISA인증 CISA덤프 CISA pdf
Explanation:
4.Ls are usually not suitable for data intensive operations. Instead, they are used mainly for graphic user
interface (GUI) design or as simple query/report generators.
Incorrect answers:
A, B. Screen/report design facilities are one of the main advantages of 4GLs, and 4GLs have simple
programming language subsets.
C. Portability is also one of the main advantages of 4GLs.
NO.12 Which of the following is MOST likely to result from a business process reengineering (BPR) project?
A. An increased number of people using technology
B. Significant cost savings, through a reduction in the complexity of information technology
C. A weaker organizational structures and less accountability
D. Increased information protection (IP) risk will increase
Answer: A
ISACA dumps CISA CISA자격증 CISA dumps CISA
Explanation:
A BPR project more often leads to an increased number of people using technology, and this would be a
cause for concern. Incorrect answers:
B. As BPR is often technology oriented, and this technology is usually more complex and volatile than in
the past, cost savings do not often materialize in this area.
D. There is no reason for IP to conflict with a BPR project, unless the project is not run properly.
NO.13 A data administrator is responsible for: A. maintaining database system software.
B. defining data elements, data names and their relationship.
C. developing physical database structures.
D. developing data dictionary system software.
Answer: B
ISACA dumps CISA CISA CISA덤프
Explanation:
A data administrator is responsible for defining data elements, data names and their relationship. Choices
A, C and D are functions of a database administrator (DBA)
NO.14 An offsite information processing facility having electrical wiring, air conditioning and flooring, but no
computer or communications equipment is a:
A. cold site.
B. warm site.
C. dial-up site.
D. duplicate processing facility.
Answer: A
ISACA pdf CISA최신덤프 CISA
Explanation:
A cold site is ready to receive equipment but does not offer any components at the site in advance of the
need.
Incorrect answers:
B. A warm site is an offsite backup facility that is configured partially with network connections and
selected peripheral equipment, such as disk and tape units, controllers and CPUs, to operate an
information processing facility.
D. A duplicate information processing facility is a dedicated, self-developed recovery site that can back up
critical applications.
NO.15 Which of the following is a benefit of using callback devices?
A. Provide an audit trail
B. Can be used in a switchboard environment
C. Permit unlimited user mobility
D. Allow call forwarding
Answer: A
ISACA시험문제 CISA CISA CISA자격증 CISA시험문제
Explanation:
A callback feature hooks into the access control software and logs all authorized and unauthorized access
attempts, permitting the follow-up and further review of potential breaches. Call forwarding (choice D) is a
means of potentially bypassing callback control. By dialing through an authorized phone number from an
unauthorized phone number, a perpetrator can gain computer access. This vulnerability can be controlled
through callback systems that are available.
NO.16 Which of the following is a dynamic analysis tool for the purpose of testing software modules?
A. Blackbox test
B. Desk checking
C. Structured walk-through
D. Design and code
Answer: A
ISACA CISA자격증 CISA CISA CISA pdf CISA
Explanation:
A blackbox test is a dynamic analysis tool for testing software modules. During the testing of software
modules a blackbox test works first in a cohesive manner as one single unit/entity, consisting of numerous
modules and second, with the user data that flows across software modules. In some cases, this even
drives the software behavior.
Incorrect answers:
In choices B, C and D, the software (design or code) remains static and somebody simply closely
examines it by applying his/her mind, without actually activating the software. Hence, these cannot be
referred to as dynamic analysis tools.
NO.17 To affix a digital signature to a message, the sender must first create a message digest by applying a
cryptographic hashing algorithm against:
A. the entire message and thereafter enciphering the message digest using the sender's private key.
B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's
private key.
C. the entire message and thereafter enciphering the message using the sender's private key.
D. the entire message and thereafter enciphering the message along with the message digest using the
sender's private key.
Answer: A
ISACA CISA dump CISA자료 CISA자격증
Explanation:
A digital signature is a cryptographic method that ensures data integrity, authentication of the message,
and non-repudiation. To ensure these, the sender first creates a message digest by applying a
cryptographic hashing algorithm against the entire message and thereafter enciphers the message digest
using the sender's private key. A message digest is created by applying a cryptographic hashing algorithm
against the entire message not on any arbitrary part of the message. After creating the message digest,
only the message digest is enciphered using the sender's private key, not the message.
NO.18 Which of the following tests is an IS auditor performing when a sample of programs is selected to
determine if the source and object versions are the same?
A. A substantive test of program library controls
B. A compliance test of program library controls
C. A compliance test of the program compiler controls
D. A substantive test of the program compiler controls
Answer: B
ISACA CISA시험문제 CISA CISA자격증 CISA
Explanation:
A compliance test determines if controls are operating as designed and are being applied in a manner that
complies with management policies and procedures. For example, if the IS auditor is concerned whether
program library controls are working properly, the IS auditor might select a sample of programs to
determine if the source and object versions are the same. In other words, the broad objective of any
compliance test is to provide auditors with reasonable assurance that a particular control on which the
auditor plans to rely is operating as the auditor perceived it in the preliminary evaluation.
NO.19 A sequence of bits appended to a digital document that is used to secure an e-mail sent through the
Internet is called a:
A. digest signature.
B. electronic signature.
C. digital signature.
D. hash signature.
Answer: C
ISACA CISA CISA자격증 CISA
Explanation:
A digital signature through the private cryptographic key authenticates a transmission from a sender
through the private cryptographic key. It is a string of bits that uniquely represent another string of bits, a
digital document. An electronic signature refers to the string of bits that digitally represents a handwritten
signature captured by a computer system when a human applies it on an electronic pen pad, connected
to the system.
NO.20 A LAN administrator normally would be restricted from:
A. having end-user responsibilities.
B. reporting to the end-user manager.
C. having programming responsibilities.
D. being responsible for LAN security administration.
Answer: C
ISACA CISA dumps CISA pdf
Explanation:
A LAN administrator should not have programming responsibilities but may have end- user
responsibilities. The LAN administrator may report to the director of the IPF or, in a decentralized
operation, to the end-user manager. In small organizations, the LAN administrator also may be
responsible for security administration over the LAN.
NO.21 Which of the following BEST describes the necessary documentation for an enterprise product
reengineering (EPR) software installation?
A. Specific developments only
B. Business requirements only
C. All phases of the installation must be documented
D. No need to develop a customer specific documentation
Answer: C
ISACA dumps CISA CISA dump CISA CISA자료
Explanation:
A global enterprise product reengineering (EPR) software package can be applied to a business to
replace, simplify and improve the quality of IS processing. Documentation is intended to help understand
how, why and which solutions that have been selected and implemented, and therefore must be specific
to the project. Documentation is also intended to support quality assurance and must be comprehensive.
NO.22 In an EDI process, the device which transmits and receives electronic documents is the:
A. communications handler.
B. EDI translator.
C. application interface.
D. EDI interface.
Answer: A
ISACA CISA자격증 CISA시험문제 CISA
Explanation:
A communications handler transmits and receives electronic documents between trading partners
and/or wide area networks (WANs).
Incorrect answers:
B. An EDI translator translates data between the standard format and a trading partner's proprietary
format.
C. An application interface moves electronic transactions to, or from, the application system and performs
data mapping.
D. An EDI interface manipulates and routes data between the application system and the communications
handler.
NO.23 Structured programming is BEST described as a technique that:
A. provides knowledge of program functions to other programmers via peer reviews.
B. reduces the maintenance time of programs by the use of small-scale program modules.
C. makes the readable coding reflect as closely as possible the dynamic execution of the program.
D. controls the coding and testing of the high-level functions of the program in the development process.
Answer: B
ISACA인증 CISA기출문제 CISA
Explanation:
A characteristic of structured programming is smaller, workable units. Structured programming has
evolved because smaller, workable units are easier to maintain. Structured programming is a style of
programming which restricts the kinds of control structures. This limitation is not crippling. Any program
can be written with allowed control structures. Structured programming is sometimes referred to as
go-to-less programming, since a go-to statement is not allowed. This is perhaps the most well known
restriction of the style, since go-to statements were common at the time structured programming was
becoming more popular. Statement labels also become unnecessary, except in languages where
subroutines are identified by labels.
NO.24 Which of the following would be the BEST method for ensuring that critical fields in a master record
have been updated properly?
A. Field checks
B. Control totals
C. Reasonableness checks
D. A before-and-after maintenance report
Answer: D
ISACA CISA dump CISA dump CISA시험문제 CISA
Explanation:
A before-and-after maintenance report is the best answer because a visual review would provide the most
positive verification that updating was proper.
NO.25 Which of the following types of data validation editing checks is used to determine if a field contains
data, and not zeros or blanks?
A. Check digit
B. Existence check
C. Completeness check
D. Reasonableness check
Answer: C
ISACA CISA자료 CISA CISA
Explanation:
A completeness check is used to determine if a field contains data and not zeros or blanks. Incorrect
answers:
A. A check digit is a digit calculated mathematically to ensure original data was not altered.
B. An existence check also checks entered data for agreement to predetermined criteria.
D. A reasonableness check matches input to predetermined reasonable limits or occurrence rates.
NO.26 The MOST significant level of effort for business continuity planning (BCP) generally is required during
the:
A. testing stage.
B. evaluation stage.
C. maintenance stage.
D. early stages of planning.
Answer: D
ISACA CISA CISA CISA
Explanation:
Company.com in the early stages of a BCP will incur the most significant level of program development
effort, which will level out as the BCP moves into maintenance, testing and evaluation stages. It is during
the planning stage that an IS auditor will play an important role in obtaining senior management's
commitment to resources and assignment of BCP responsibilities.
NO.27 A call-back system requires that a user with an id and password call a remote server through a dial-up
line, then the server disconnects and: A. dials back to the user machine based on the user id and
password using a telephone number from its database.
B. dials back to the user machine based on the user id and password using a telephone number provided
by the user during this connection.
C. waits for a redial back from the user machine for reconfirmation and then verifies the user id and
password using its database.
D. waits for a redial back from the user machine for reconfirmation and then verifies the user id and
password using the sender's database.
Answer: A
ISACA CISA시험문제 CISA자격증 CISA CISA
Explanation:
A call-back system in a net centric environment would mean that a user with an id and password calls a
remote server through a dial-up line first, and then the server disconnects and dials back to the user
machine based on the user id and password using a telephone number from its database. Although the
server can depend upon its own database, it cannot know the authenticity of the dialer when the user dials
again. The server cannot depend upon the sender's database to dial back as the same could be
manipulated.
NO.28 Which of the following devices extends the network and has the capacity to store frames and act as a
storage and forward device?
A. Router
B. Bridge
C. Repeater
D. Gateway
Answer: B
ISACA dumps CISA최신덤프 CISA최신덤프 CISA자료 CISA최신덤프 CISA
Explanation:
A bridge connects two separate networks to form a logical network (e.g., joining an ethernet and token
network) and has the storage capacity to store frames and act as a storage and forward device. Bridges
operate at the OSI data link layer by examining the media access control header of a data packet.
Incorrect answers:
A. Routers are switching devices that operate at the OSI network layer by examining network addresses
(i.e., routing information encoded in an IP packet). The router, by examining the IP address, can make
intelligent decisions in directing the packet to its destination.
C. Repeaters amplify transmission signals to reach remote devices by taking a signal from a LAN,
reconditioning and retiming it, and sending it to another. This functionality is hardware encoded and
occurs at the OSI physical layer.
D. Gateways provide access paths to foreign networks.
NO.29 A database administrator is responsible for:
A. defining data ownership.
B. establishing operational standards for the data dictionary.
C. creating the logical and physical database.
D. establishing ground rules for ensuring data integrity and security.
Answer: C
ISACA CISA인증 CISA CISA CISA
Explanation:
A database administrator is responsible for creating and controlling the logical and physical database.
Defining data ownership resides with the head of the user department or top management if the data is
common to the organization. IS management and the data administrator are responsible for establishing
operational standards for the data dictionary. Establishing ground rules for ensuring data integrity and
security in line with the corporate security policy is a function of the security administrator.
NO.30 The use of a GANTT chart can:
A. aid in scheduling project tasks.
B. determine project checkpoints.
C. ensure documentation standards.
D. direct the post-implementation review.
Answer: A
ISACA CISA CISA CISA CISA dump
Explanation:
A GANTT chart is used in project control. It may aid in the identification of needed checkpoints but its
primary use is in scheduling. It will not ensure the completion of documentation nor will it provide direction
for the post-implementation review.
ITExamDump의ISACA인증 CISA덤프는 시험패스율이 거의 100%에 달하여 많은 사랑을 받아왔습니다. 저희 사이트에서 처음 구매하는 분이라면 덤프풀질에 의문이 갈것입니다. 여러분이 신뢰가 생길수 있도록ITExamDump에서는ISACA인증 CISA덤프구매 사이트에 무료샘플을 설치해두었습니다.무료샘플에는 5개이상의 문제가 있는데 구매하지 않으셔도 공부가 됩니다. ISACA인증 CISA덤프로ISACA인증 CISA시험을 준비하여 한방에 시험패하세요.
댓글 없음:
댓글 쓰기