ISACA CISA Certification Sample Questions

CISA Dumps, CISA PDF, CISA VCE, ISACA Information Systems Auditor VCEThe purpose of this Sample Question Set is to provide you with information about the ISACA Information Systems Auditor (CISA) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CISA certification test. To get familiar with real exam environment, we suggest you try our Sample ISACA CISA Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual ISACA Certified Information Systems Auditor (CISA) certification exam.

These sample questions are simple and basic questions that represent likeness to the real ISACA Information Systems Auditor exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium ISACA CISA Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

ISACA CISA Sample Questions:

01. Which of the following symmetric algorithms is a block cipher that the U.S. government adopted as AES to replace DES?
a) Rivest Cipher 4 (RC4)
b) Rijndael
c) Triple Data Encryption Standard (3DES)
d) Blowfish
02. An auditor should recommend the use of which of the following to determine the minimum level of service needed at an alternate site?
a) SDO
b) RTO
c) WRT
d) MTD
03. From an auditing perspective, which of the following standards most closely maps to a Plan-Do-Check-Act (PDCA) approach?
b) ISO 27001
c) Taguchi
d) CMM
04. Where should an organization keep copies of the business continuity plan?
a) Onsite only
b) Offsite only
c) Both onsite and offsite
d) None of the above
05. In project management, which of the following is a task related to closing a project?
a) Release of final product or service
b) Update of organizational assets
c) Administrative closure
d) All of the above
06. Observation and testing can be used effectively in which of the following areas?
a) Separation of duties
b) Error correction and control
c) Input authorization
d) All of the above
07. During which step of the audit life cycle does an auditor identify which skills are needed for the audit, how many auditors are required, and what other resources are needed?
a) Audit objective
b) Pre-audit planning
c) Data gathering
d) Results evaluation
08. In the NIST version of the SDLC process, the system or program performs the work for which it was designed in which waterfall phase?
a) Operation/Maintenance
b) Implementation
c) Initiation
d) Disposal
09. Which database-related term refers to the process of combining several low-sensitivity items to produce a high-sensitivity data item?
a) Relation
b) Aggregation
c) Granularity
d) Foreign key
10. When a system moves into production and changes are needed, which of the following is the final step in the change control process?
a) Document the new configuration.
b) Test the proposed change.
c) Implement the change, if approved.
d) Present the results to the change-control board.


Question: 01
Answer: b
Question: 02
Answer: a
Question: 03
Answer: b
Question: 04
Answer: c
Question: 05
Answer: d
Question: 06
Answer: d
Question: 07
Answer: b
Question: 08
Answer: a
Question: 09
Answer: b
Question: 10
Answer: c

Note: For any error in ISACA Certified Information Systems Auditor (CISA) certification exam sample questions, please update us by writing an email on

Rating: 4.8 / 5 (313 votes)