ISACA CISA Certification Sample Questions

CISA Dumps, CISA PDF, CISA VCE, ISACA Information Systems Auditor VCEThe purpose of this Sample Question Set is to provide you with information about the ISACA Information Systems Auditor (CISA) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CISA certification test. To get familiar with real exam environment, we suggest you try our Sample ISACA CISA Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISACA Certified Information Systems Auditor (CISA) certification exam.

These sample questions are simple and basic questions that represent likeness to the real ISACA Information Systems Auditor exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISACA CISA Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

ISACA CISA Sample Questions:

01. Which of the following would MOST effectively control the usage of universal storage bus (USB) storage devices?
a) Policies that require instant dismissal if such devices are found
b) Software for tracking and managing USB storage devices
c) Administratively disabling the USB port
d) Searching personnel for USB storage devices at the facility's entrance
02. An IS auditor finds that a DBA has read and write access to production datA. The IS auditor should:
a) accept the DBA access as a common practice.
b) assess the controls relevant to the DBA function.
c) recommend the immediate revocation of the DBA access to production data.
d) review user access authorizations approved by the DBA.
03. What is the primary objective of a control self-assessment (CSA) program?
a) Enhancement of the audit responsibility
b) Elimination of the audit responsibility
c) Replacement of the audit responsibility
d) Integrity of the audit responsibility
04. Responsibility and reporting lines cannot always be established when auditing automated systems since:
a) diversified control makes ownership irrelevant.
b) staff traditionally changes jobs with greater frequency.
c) ownership is difficult to establish where resources are shared.
d) duties change frequently in the rapid development of technology.
05. Which of the following exposures could be caused by a line grabbing technique?
a) Unauthorized data access
b) Excessive CPU cycle usage
c) Lockout of terminal polling
d) Multiplexor control dysfunction
06. The GREATEST advantage of using web services for the exchange of information between two systems is:
a) secure communications.
b) improved performance.
c) efficient interfacing.
d) enhanced documentation.
07. Applying a digital signature to data traveling in a network provides:
a) confidentiality and integrity
b) security and nonrepudiation.
c) integrity and nonrepudiation.
d) confidentiality and nonrepudiation.
08. If the recovery time objective (RTO) increases:
a) the disaster tolerance increases.
b) the cost of recovery increases.
c) a cold site cannot be used.
d) the data backup frequency increases.
09. What uses questionnaires to lead the user through a series of choices to reach a conclusion?
a) Logic trees
b) Decision trees
c) Decision algorithms
d) Logic algorithms
10. Naming conventions for system resources are important for access control because they:
a) ensure that resource names are not ambiguous
b) reduce the number of rules required to adequately protect resources.
c) ensure that user access to resources is clearly and uniquely identified.
d) ensure that internationally recognized names are used to protect resources.


Question: 01
Answer: b
Question: 02
Answer: b
Question: 03
Answer: a
Question: 04
Answer: c
Question: 05
Answer: a
Question: 06
Answer: c
Question: 07
Answer: c
Question: 08
Answer: a
Question: 09
Answer: b
Question: 10
Answer: b

Note: For any error in ISACA Certified Information Systems Auditor (CISA) certification exam sample questions, please update us by writing an email on

Rating: 5 / 5 (37 votes)