CISA DOMAIN #4 - INFORMATION SYSTEMS
OPERATIONS & BUSINESS RESILIENCE
INFORMATION SYSTEMS OPERATIONS
QUIZZES AND RIGHT ANSWERS.
Data flow diagrams are used by IS auditors to: ANSWER : - graphically summarize data paths and
storage. They trace data from their origination to destination, highlighting the paths and storage of data.
An IS auditor performing an application maintenance audit would review the log of program changes for
the: ANSWER : - authorization of program changes.
An IS auditor finds out-of-range data in some tables of a database. Which of the following controls
should the IS auditor recommend to avoid this situation? ANSWER : - Implement integrity constraints
in the database. This is a preventative control because data are checked against predefined tables or
rules, preventing any undefined data from being entered.
Responsibility and reporting lines cannot always be established when auditing automated systems
because: ANSWER : - ownership is difficult to establish where resources are shared.
Which of the following would help to ensure the portability of an application connected to a database?
ANSWER : - Usage of a Structured Query Language - this facilitates portability because it is an industry
standard used by many systems.
Business units are concerned about the performance of a newly implemented system. Which of the
following should an IS auditor recommend? ANSWER : - Develop a baseline and monitor system usage.
This will aid in developing empirical data upon which decisions for modifying the system can be made.
Which of the following is the MOST critical to the quality of data in a data warehouse? ANSWER : -
Accuracy of the source data.
Which of the following reports should an IS auditor use to check compliance with a service level
agreement's requirement for uptime? ANSWER : - Availability reports - because you can see the
downtime from these reports so you'll know the inverse as well.
,Which of the following would an IS auditor consider to be MOST helpful when evaluating the
effectiveness and adequacy of a preventive computer maintenance program? ANSWER : - A system
downtime log - provides evidence regarding the effectiveness and adequacy of computer preventive
maintenance programs. The log is a detective control, but because it is validating the effectiveness of
the maintenance program, it is validating a preventive control.
Which of the following is a network diagnostic tool that monitors and records network information?
ANSWER : - Protocol analyzer - this is a network diagnostic tool that monitors and records network
information from packets traveling in the link to which the analyzer is attached.
The database administrator suggests that database efficiency can be improved by denormalizing some
tables. This would result in: ANSWER : - increased redundancy. Normalization reduces redundancy and
denormalization increases redundancy.
The objective of concurrency control in a database system is to: ANSWER : - ensure integrity when two
processes attempt to update the same data at the same time.
Which of the following controls would provide the GREATEST assurance of database integrity?
ANSWER : - Table link/reference checks - serves to detect table linking errors (such as completeness
and accuracy of the contents of the database), and thus provides the greatest assurance of database
integrity.
Which of the following is widely accepted as one of the critical components in networking
management? ANSWER : - Configuration and change management
Which of the following is MOST directly affected by network performance monitoring tools? ANSWER :
- Availability - Network monitoring tools allow observation of network performance and problems. This
allows the administrator to take corrective action when network problems are observed. Therefore, the
characteristic that is most directly affected by network monitoring is availability.
Vendors have released patches fixing security flaws in their software. Which of the following should an
IS auditor recommend in this situation? ANSWER : - Assess the impact of patches prior to installation.
, Which of the following controls would be MOST effective in ensuring that production source code and
object code are synchronized? ANSWER : - Date and time-stamp reviews of source and object code -
This would ensure that source code, which has been compiled, matches the production object code.
An IS auditor reviewing database controls discovered that changes to the database during normal
working hours were handled through a standard set of procedures. However, changes made after
normal hours required only an abbreviated number of steps. In this situation, which of the following
would be considered an adequate set of compensating controls? ANSWER : - Use the DBA user account
to make changes, log the changes and review the change log the following day. Normal user accounts
should not have access to the database.
Which of the following tests performed by an IS auditor would be the MOST effective in determining
compliance with change control procedures in an organization? ANSWER : - Identify changes that have
occurred and verify approvals. Don't just rely on the change control records to see what changes
occurred because not all changes might not be recorded.
A programmer maliciously modified a production program to change data and then restored it back to
the original code. Which of the following would MOST effectively detect the malicious activity?
ANSWER : - Reviewing system log files. You can't rely on comparing source codes because they were
changed back so you wouldn't catch the activity.
When reviewing system parameters, an IS auditor's PRIMARY concern should be that: ANSWER : - they
are set to meet both security and performance requirements. The primary concern is to find the balance
between security and performance.
If a database is restored using before-image dumps, where should the process begin following an
interruption? ANSWER : - Before the last transaction. If before images are used, the last transaction in
the dump will not have updated the database prior to the dump being taken.
When are checkpoints used to restore data? ANSWER : - In application failures.
Online banking transactions are being posted to the database when processing suddenly comes to a
halt. The integrity of the transaction processing is BEST ensured by: ANSWER : - database commits and
rollbacks. Rollbacks ensure that the processing that has been partially completed is reversed back and
not saved if the entire transaction does not complete successfully.
OPERATIONS & BUSINESS RESILIENCE
INFORMATION SYSTEMS OPERATIONS
QUIZZES AND RIGHT ANSWERS.
Data flow diagrams are used by IS auditors to: ANSWER : - graphically summarize data paths and
storage. They trace data from their origination to destination, highlighting the paths and storage of data.
An IS auditor performing an application maintenance audit would review the log of program changes for
the: ANSWER : - authorization of program changes.
An IS auditor finds out-of-range data in some tables of a database. Which of the following controls
should the IS auditor recommend to avoid this situation? ANSWER : - Implement integrity constraints
in the database. This is a preventative control because data are checked against predefined tables or
rules, preventing any undefined data from being entered.
Responsibility and reporting lines cannot always be established when auditing automated systems
because: ANSWER : - ownership is difficult to establish where resources are shared.
Which of the following would help to ensure the portability of an application connected to a database?
ANSWER : - Usage of a Structured Query Language - this facilitates portability because it is an industry
standard used by many systems.
Business units are concerned about the performance of a newly implemented system. Which of the
following should an IS auditor recommend? ANSWER : - Develop a baseline and monitor system usage.
This will aid in developing empirical data upon which decisions for modifying the system can be made.
Which of the following is the MOST critical to the quality of data in a data warehouse? ANSWER : -
Accuracy of the source data.
Which of the following reports should an IS auditor use to check compliance with a service level
agreement's requirement for uptime? ANSWER : - Availability reports - because you can see the
downtime from these reports so you'll know the inverse as well.
,Which of the following would an IS auditor consider to be MOST helpful when evaluating the
effectiveness and adequacy of a preventive computer maintenance program? ANSWER : - A system
downtime log - provides evidence regarding the effectiveness and adequacy of computer preventive
maintenance programs. The log is a detective control, but because it is validating the effectiveness of
the maintenance program, it is validating a preventive control.
Which of the following is a network diagnostic tool that monitors and records network information?
ANSWER : - Protocol analyzer - this is a network diagnostic tool that monitors and records network
information from packets traveling in the link to which the analyzer is attached.
The database administrator suggests that database efficiency can be improved by denormalizing some
tables. This would result in: ANSWER : - increased redundancy. Normalization reduces redundancy and
denormalization increases redundancy.
The objective of concurrency control in a database system is to: ANSWER : - ensure integrity when two
processes attempt to update the same data at the same time.
Which of the following controls would provide the GREATEST assurance of database integrity?
ANSWER : - Table link/reference checks - serves to detect table linking errors (such as completeness
and accuracy of the contents of the database), and thus provides the greatest assurance of database
integrity.
Which of the following is widely accepted as one of the critical components in networking
management? ANSWER : - Configuration and change management
Which of the following is MOST directly affected by network performance monitoring tools? ANSWER :
- Availability - Network monitoring tools allow observation of network performance and problems. This
allows the administrator to take corrective action when network problems are observed. Therefore, the
characteristic that is most directly affected by network monitoring is availability.
Vendors have released patches fixing security flaws in their software. Which of the following should an
IS auditor recommend in this situation? ANSWER : - Assess the impact of patches prior to installation.
, Which of the following controls would be MOST effective in ensuring that production source code and
object code are synchronized? ANSWER : - Date and time-stamp reviews of source and object code -
This would ensure that source code, which has been compiled, matches the production object code.
An IS auditor reviewing database controls discovered that changes to the database during normal
working hours were handled through a standard set of procedures. However, changes made after
normal hours required only an abbreviated number of steps. In this situation, which of the following
would be considered an adequate set of compensating controls? ANSWER : - Use the DBA user account
to make changes, log the changes and review the change log the following day. Normal user accounts
should not have access to the database.
Which of the following tests performed by an IS auditor would be the MOST effective in determining
compliance with change control procedures in an organization? ANSWER : - Identify changes that have
occurred and verify approvals. Don't just rely on the change control records to see what changes
occurred because not all changes might not be recorded.
A programmer maliciously modified a production program to change data and then restored it back to
the original code. Which of the following would MOST effectively detect the malicious activity?
ANSWER : - Reviewing system log files. You can't rely on comparing source codes because they were
changed back so you wouldn't catch the activity.
When reviewing system parameters, an IS auditor's PRIMARY concern should be that: ANSWER : - they
are set to meet both security and performance requirements. The primary concern is to find the balance
between security and performance.
If a database is restored using before-image dumps, where should the process begin following an
interruption? ANSWER : - Before the last transaction. If before images are used, the last transaction in
the dump will not have updated the database prior to the dump being taken.
When are checkpoints used to restore data? ANSWER : - In application failures.
Online banking transactions are being posted to the database when processing suddenly comes to a
halt. The integrity of the transaction processing is BEST ensured by: ANSWER : - database commits and
rollbacks. Rollbacks ensure that the processing that has been partially completed is reversed back and
not saved if the entire transaction does not complete successfully.
