[2025年05月] 実際問題を使ってCISA無料問題集サンプルと問題と練習テストエンジン
合格させるISACA CISA試験問題でテスト復刻エンジンとPDF
質問 # 314
.Which of the following are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem? Choose the BEST answer.
- A. Integrated synchronized systems
- B. Neural networks
- C. Multitasking applications
- D. Expert systems
正解:B
解説:
Neural networks are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem.
質問 # 315
Which of the following initiatives would be MOST effective to proactively manage the risk of excessive and unauthorized software customizations?
- A. Formalizing change management processes
- B. Performing change management audits
- C. Implementing stronger access controls
- D. Implementing quality assurance (QA) reviews
正解:A
質問 # 316
A third-party consultant is managing the replacement of an accounting system. Which of the following should be the IS auditor's GREATEST concern?
- A. The user department will manage access rights.
- B. The replacement is occurring near year-end reporting
- C. Data migration is not part of the contracted activities.
- D. Testing was performed by the third-party consultant
正解:A
解説:
The greatest concern for an IS auditor in this scenario is that the user department will manage access rights to the new accounting system. This could pose a significant risk of unauthorized access, segregation of duties violations, data tampering and fraud. The IS auditor should ensure that access rights are defined, approved and monitored by an independent function, such as IT security or internal audit. The other options are not as concerning as option C, as they can be mitigated by other controls or procedures. Data migration is an important part of the system replacement project, but it can be performed by another party or verified by the IS auditor. The timing of the replacement near year-end reporting is a challenge, but it can be managed by proper planning, testing and contingency plans. Testing performed by the third-party consultant is acceptable, as long as it is reviewed and validated by the IS auditor or another independent party. References: CISA Review Manual (Digital Version) 1, Chapter 3: Information Systems Acquisition, Development & Implementation, Section 3.4: System Implementation.
質問 # 317
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that:
- A. assessment of the situation may be delayed.
- B. notification of the teams might not occur.
- C. potential crisis recognition might be ineffective.
- D. execution of the disaster recovery plan could be impacted.
正解:D
解説:
Section: Protection of Information Assets
Explanation: Execution of the business continuity plan would be impacted if the organization does not know when to declare a crisis. Choices A, C and D are steps that must be performed to know whether to declare a crisis. Problem and severity assessment would provide information necessary in declaring a disaster.
Once a potential crisis is recognized, the teams responsible for crisis management need to be notified.
Delaying this step until a disaster has been declared would negate the effect of having response teams.
Potential crisis recognition is the first step in responding to a disaster.
質問 # 318
Which of the following is the MOST effective way to ensure adequate system resources are available for high- priority activities?
- A. System virtualization
- B. Job scheduling
- C. Code optimization
- D. Zero Trust
正解:B
解説:
Job scheduling ensures that system resources are allocated efficiently by prioritizing high-priority tasks during peak periods. It prevents resource contention by scheduling less critical jobs at off-peak times or when resources are underutilized. This method is the most direct and effective way to ensure adequate resources for essential activities.
* System Virtualization (Option A): While useful for optimizing resource utilization, it does not prioritize activities dynamically.
* Zero Trust (Option C): This is a security framework and does not address resource allocation.
* Code Optimization (Option D): This improves performance but is not directly related to resource scheduling.
Reference: ISACA CISA Review Manual, Job Practice Area 3: Information Systems Operations and Business Resilience.
質問 # 319
Which of the following statement INCORRECTLY describes network device such as a Router?
- A. Router does not forward broadcast packet
- B. Router assigns a different network address per port
- C. Router creates a new header for each packet
- D. Router builds a routing table based on MAC address
正解:D
解説:
Explanation/Reference:
The INCORRECTLY keyword is used in the question. You need to find out a statement which is not valid about router. Router builds a routing table based on IP address and not on MAC address.
Difference between Router and Bridge:
Router
Bridge
Creates a new header for each packet
Does not alter header. Only reads the header
Builds routing table based on IP address
Build forwarding table based on MAC address
Assigns a different network address per port
Use the same network address for all ports
Filters traffic based on IP address
Filter traffic based on MAC address
Does not forward broadcast packet
Forward broadcast packet
Does not forward traffic that contain destination address unknown to the router Forward traffic if destination address is unknown to bridge For your exam you should know below information about network devices:
Repeaters
A repeater provides the simplest type of connectivity, because it only repeats electrical signals between cable segments, which enables it to extend a network. Repeaters work at the physical layer and are add- on devices for extending a network connection over a greater distance. The device amplifies signals because signals attenuate the farther they have to travel.
Repeaters can also work as line conditioners by actually cleaning up the signals. This works much better when amplifying digital signals than when amplifying analog signals, because digital signals are discrete units, which makes extraction of background noise from them much easier for the amplifier. If the device is amplifying analog signals, any accompanying noise often is amplified as well, which may further distort the signal.
A hub is a multi-port repeater. A hub is often referred to as a concentrator because it is the physical communication device that allows several computers and devices to communicate with each other. A hub does not understand or work with IP or MAC addresses. When one system sends a signal to go to another system connected to it, the signal is broadcast to all the ports, and thus to all the systems connected to the concentrator.
Repeater
Image from: http://www.erg.abdn.ac.uk/~gorry/course/images/repeater.gif Bridges A bridge is a LAN device used to connect LAN segments. It works at the data link layer and therefore works with MAC addresses. A repeater does not work with addresses; it just forwards all signals it receives. When a frame arrives at a bridge, the bridge determines whether or not the MAC address is on the local network segment. If the MAC address is not on the local network segment, the bridge forwards the frame to the necessary network segment.
Bridge
Image from: http://www.oreillynet.com/network/2001/01/30/graphics/bridge.jpg Routers Routers are layer 3, or network layer, devices that are used to connect similar or different networks. (For example, they can connect two Ethernet LANs or an Ethernet LAN to a Token Ring LAN.) A router is a device that has two or more interfaces and a routing table so it knows how to get packets to their destinations. It can filter traffic based on access control lists (ACLs), and it fragments packets when necessary. Because routers have more network-level knowledge, they can perform higher-level functions, such as calculating the shortest and most economical path between the sending and receiving hosts.
Router and Switch
Image from: http://www.computer-networking-success.com/images/router-switch.jpg Switches Switches combine the functionality of a repeater and the functionality of a bridge. A switch amplifies the electrical signal, like a repeater, and has the built-in circuitry and intelligence of a bridge. It is a multi-port connection device that provides connections for individual computers or other hubs and switches.
Gateways
Gateway is a general term for software running on a device that connects two different environments and that many times acts as a translator for them or somehow restricts their interactions.
Usually a gateway is needed when one environment speaks a different language, meaning it uses a certain protocol that the other environment does not understand. The gateway can translate Internetwork Packet Exchange (IPX) protocol packets to IP packets, accept mail from one type of mail server and format it so another type of mail server can accept and understand it, or connect and translate different data link technologies such as FDDI to Ethernet.
Gateway Server
Image from: http://static.howtoforge.com/
The following were incorrect answers:
The other options presented correctly describes about Router.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 263
質問 # 320
Which of the following roles combined with the role of a database administrator (DBA) will create a segregation of duties conflict?
- A. Security administrator
- B. Systems analyst
- C. Application end user
- D. Quality assurance
正解:A
解説:
Section: Governance and Management of IT
質問 # 321
A startup organization wants to develop a data loss prevention (DLP) program. The FIRST step should be to implement:
- A. Security awareness training
- B. Data classification
- C. Access controls
- D. Data encryption
正解:B
質問 # 322
A characteristic of a digital signature is that it:
- A. has a reproducible hashing algorithm.
- B. is validated when data are changed.
- C. is under control of the receiver.
- D. is unique to the message.
正解:D
質問 # 323
Which of the following layer of an OSI model controls dialog between computers?
- A. Presentation layer
- B. Session layer
- C. Application layer
- D. Transport layer
正解:B
解説:
Explanation/Reference:
The session layer allows session establishment between processes running on different stations. It provides:
Session establishment, maintenance and termination: allows two application processes on different machines to establish, use and terminate a connection, called a session.
Session support: performs the functions that allow these processes to communicate over the network, performing security, name recognition, logging, and so on.
For your exam you should know below information about OSI model:
The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the identification ISO/IEC 7498-1.
The model groups communication functions into seven logical layers. A layer serves the layer above it and is served by the layer below it. For example, a layer that provides error-free communications across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that make up the contents of that path. Two instances at one layer are connected by a horizontal.
OSI Model
Image source: http://www.petri.co.il/images/osi_model.JPG
PHYSICAL LAYER
The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium. It describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers. It provides:
Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better accommodate the characteristics of the physical medium, and to aid in bit and frame synchronization. It determines:
What signal state represents a binary 1
How the receiving station knows when a "bit-time" starts
How the receiving station delimits a frame
DATA LINK LAYER
The data link layer provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link. To do this, the data link layer provides:
Link establishment and termination: establishes and terminates the logical link between two nodes.
Frame traffic control: tells the transmitting node to "back-off" when no frame buffers are available.
Frame sequencing: transmits/receives frames sequentially.
Frame acknowledgment: provides/expects frame acknowledgments. Detects and recovers from errors that occur in the physical layer by retransmitting non-acknowledged frames and handling duplicate frame receipt.
Frame delimiting: creates and recognizes frame boundaries.
Frame error checking: checks received frames for integrity.
Media access management: determines when the node "has the right" to use the physical medium.
NETWORK LAYER
The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors. It provides:
Routing: routes frames among networks.
Subnet traffic control: routers (network layer intermediate systems) can instruct a sending station to
"throttle back" its frame transmission when the router's buffer fills up.
Frame fragmentation: if it determines that a downstream router's maximum transmission unit (MTU) size is less than the frame size, a router can fragment a frame for transmission and re-assembly at the destination station.
Logical-physical address mapping: translates logical addresses, or names, into physical addresses.
Subnet usage accounting: has accounting functions to keep track of frames forwarded by subnet intermediate systems, to produce billing information.
Communications Subnet
The network layer software must build headers so that the network layer software residing in the subnet intermediate systems can recognize them and use them to route data to the destination address.
This layer relieves the upper layers of the need to know anything about the data transmission and intermediate switching technologies used to connect systems. It establishes, maintains and terminates connections across the intervening communications facility (one or several intermediate systems in the communication subnet).
In the network layer and the layers below, peer protocols exist between a node and its immediate neighbor, but the neighbor may be a node through which data is routed, not the destination station. The source and destination stations may be separated by many intermediate systems.
TRANSPORT LAYER
The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
The size and complexity of a transport protocol depends on the type of service it can get from the network layer. For a reliable network layer with virtual circuit capability, a minimal transport layer is required. If the network layer is unreliable and/or only supports datagram's, the transport protocol should include extensive error detection and recovery.
The transport layer provides:
Message segmentation: accepts a message from the (session) layer above it, splits the message into smaller units (if not already small enough), and passes the smaller units down to the network layer. The transport layer at the destination station reassembles the message.
Message acknowledgment: provides reliable end-to-end message delivery with acknowledgments.
Message traffic control: tells the transmitting station to "back-off" when no message buffers are available.
Session multiplexing: multiplexes several message streams, or sessions onto one logical link and keeps track of which messages belong to which sessions (see session layer).
Typically, the transport layer can accept relatively large messages, but there are strict message size limits imposed by the network (or lower) layer. Consequently, the transport layer must break up the messages into smaller units, or frames, pretending a header to each frame.
The transport layer header information must then include control information, such as message start and message end flags, to enable the transport layer on the other end to recognize message boundaries. In addition, if the lower layers do not maintain sequence, the transport header must contain sequence information to enable the transport layer on the receiving end to get the pieces back together in the right order before handing the received message up to the layer above.
End-to-end layers
Unlike the lower "subnet" layers whose protocol is between immediately adjacent nodes, the transport layer and the layers above are true "source to destination" or end-to-end layers, and are not concerned with the details of the underlying communications facility. Transport layer software (and software above it) on the source station carries on a conversation with similar software on the destination station by using message headers and control messages.
SESSION LAYER
The session layer allows session establishment between processes running on different stations. It provides:
Session establishment, maintenance and termination: allows two application processes on different machines to establish, use and terminate a connection, called a session.
Session support: performs the functions that allow these processes to communicate over the network, performing security, name recognition, logging, and so on.
PRESENTATION LAYER
The presentation layer formats the data to be presented to the application layer. It can be viewed as the translator for the network. This layer may translate data from a format used by the application layer into a common format at the sending station, then translate the common format to a format known to the application layer at the receiving station.
The presentation layer provides:
Character code translation: for example, ASCII to EBCDIC.
Data conversion: bit order, CR-CR/LF, integer-floating point, and so on.
Data compression: reduces the number of bits that need to be transmitted on the network.
Data encryption: encrypt data for security purposes. For example, password encryption.
APPLICATION LAYER
The application layer serves as the window for users and application processes to access network services. This layer contains a variety of commonly needed functions:
Resource sharing and device redirection
Remote file access
Remote printer access
Inter-process communication
Network management
Directory services
Electronic messaging (such as mail)
Network virtual terminals
The following were incorrect answers:
Application Layer - The application layer serves as the window for users and application processes to access network services.
Presentation layer - The presentation layer formats the data to be presented to the application layer. It can be viewed as the translator for the network. This layer may translate data from a format used by the application layer into a common format at the sending station, then translate the common format to a format known to the application layer at the receiving station.
Transport layer - The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
The following reference(s) were/was used to create this question:
CISA review manual 2014 Page number 260
質問 # 324
Which of the following BEST enables an audit department to improve the quality of work performed by its auditors?
- A. Using audit-related data analytics tools
- B. Implementing global quality standards
- C. funding additional resources for audit work
- D. Implementing peer review of audit work
正解:A
質問 # 325
When auditing the alignment of IT to the business strategy, it is MOST Important for the IS auditor to:
- A. evaluate deliverables of new IT initiatives against planned business services.
- B. interview senior managers for their opinion of the IT function.
- C. compare the organization's strategic plan against industry best practice.
- D. ensure an IT steering committee is appointed to monitor new IT projects.
正解:A
解説:
When auditing the alignment of IT to the business strategy, it is most important for the IS auditor to evaluate deliverables of new IT initiatives against planned business services. This can help the IS auditor to assess whether the IT initiatives are meeting the business needs and expectations, delivering value and benefits, and supporting the business objectives and goals. Comparing the organization's strategic plan against industry best practice is a possible technique for auditing the alignment of IT to the business strategy, but it is not the most important thing for the IS auditor to do, as industry best practice may not be applicable or relevant to the specific context or situation of the organization. Interviewing senior managers for their opinion of the IT function is a possible technique for auditing the alignment of IT to the business strategy, but it is not the most important thing for the IS auditor to do, as senior managers' opinions may be subjective or biased, and may not reflect the actual performance or outcomes of the IT function. Ensuring an IT steering committee is appointed to monitor new IT projects is a possible control for ensuring the alignment of IT to the business strategy, but it is not the most important thing for the IS auditor to do, as an IT steering committee may not be effective or efficient in monitoring new IT projects, and may not have sufficient authority or influence over the IT function.
質問 # 326
Which of the following is the PRIMARY purpose for external assessments of internal audit's quality assurance systems and frameworks?
- A. To confirm the internal audit department has adequate budget to perform its duties
- B. To provide assurance that the internal audit function conforms with established professional practices.
- C. professional practices . To provide assurance that internal audit staff are qualified to perform their responsibilities
- D. To confirm the accuracy and reliability of prior internal audit results
正解:B
質問 # 327
Which of the following risk scenarios is BEST addressed by implementing policies and procedures related to full disk encryption?
- A. Physical theft of media on which information is stored
- B. Unauthorized logical access to information through an application interface
- C. Noncompliance fines related to storage of regulated information
- D. Data leakage as a result of employees leaving to work for competitors
正解:A
解説:
Explanation
Full disk encryption (FDE) is a means of protecting information by encrypting all of the data on a disk, including temporary files, programs, and system files1. FDE is best suited for addressing the risk scenario of physical theft of media on which information is stored, as it prevents unauthorized access to the data even if the device is lost or stolen2. FDE does not prevent data leakage as a result of employees leaving to work for competitors, as they may still have access to the data while using the device or copy the data to another device before leaving. FDE does not prevent noncompliance fines related to storage of regulated information, as it does not ensure that the data is stored in accordance with the applicable laws and regulations. FDE does not prevent unauthorized logical access to information through an application interface, as it does not control the access rights and permissions of users and applications. *References: According to the ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques for IS Audit and Assurance Professionals, section
2402 Planning, "The IS audit and assurance professional should identify and assess risk relevant to the area under review." 3 One of the risk factors to consider is "the sensitivity of information processed, stored or transmitted by the system" 3. FDE is one of the possible controls to mitigate the risk of unauthorized disclosure of sensitive information due to physical theft of media.
質問 # 328
Which of the following provides the GREATEST assurance that a middleware application compiling data from multiple sales transaction databases for forecasting is operating effectively?
- A. Exception reporting
- B. Manual checks
- C. Continuous auditing
- D. Automated reconciliations
正解:C
解説:
Continuous auditing provides the greatest assurance that a middleware application compiling data from multiple sales transaction databases for forecasting is operating effectively12. Continuous auditing involves the use of automated tools to continuously monitor and audit a system's operations12. This allows for real-time identification and resolution of issues, ensuring that the system is always functioning as expected12. It also provides ongoing assurance about the integrity and reliability of the data being compiled by the middleware application12.
References:
* 5 Data Integration Methods and Strategies | Talend
* What Is Middleware? Definition, Architecture, and Best Practices
質問 # 329
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
- A. Perform domain name system (DNS) server security hardening.
- B. Utilize a network-based firewall.
- C. Conduct regular user security awareness training.
- D. Enforce a strong password policy meeting complexity requirements.
正解:A
質問 # 330
An IS Auditor is performing a business continuity plan (BCP) audit and identifies that the plan has not been tested for five years, however, the plan was successfully activated during a recent extended power outage.
Which of the following is the 15 auditor's BEST count of action?
- A. Determine if lessons learned from the activation were incorporated into the plan
- B. Determine if a follow-up BCP audit is required to identify future gaps
- C. Determine if the business impact analysis (BIA) is still accurate.
- D. Determine if the annual BCP training program is in need of review
正解:A
質問 # 331
......
あなたを合格させるCISAお手軽に試験合格リアルCISA練習問題集で更新されたのは2025年05月27日:https://jp.fast2test.com/CISA-premium-file.html
2025年最新の実際に出ると確認されたISACA CISA無料試験問題:https://drive.google.com/open?id=1GTj11b6fQbHmXCqXJXFe7pI54cV7ERIi