1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

Which of the following is a substantive test?

Question Posted / bbb

Answers were Sorted based on User's Feedback



Which of the following is a substantive test?..

Answer / bbb

A. Reviewing password history reports
B. Ensuring approval for a program changes
C. Using a related statistical list to inventory the CD library
D. Checking a list of error reports

Is This Answer Correct ?    16 Yes 2 No

Which of the following is a substantive test?..

Answer / rajesh

Using a related statistical list to inventory the CD library

Is This Answer Correct ?    5 Yes 1 No

Which of the following is a substantive test?..

Answer / guest

certain program is selected to determine if the source and
object versions are the same?

Is This Answer Correct ?    5 Yes 4 No

Post New Answer

More CISA Certification Interview Questions

An internal audit department, that organizationally reports exclusively to the chief financial officer (CFO) rather than to an audit committee, is MOST likely to: A. have its audit independence questioned. B. report more business-oriented and relevant findings. C. enhance the implementation of the auditor's recommendations. D. result in more effective action being taken on the recommendations.

2 Answers   ABC, CISA,

Which of the following would be a MAJOR disadvantage of using prototyping as a systems development methodology? A. User expectations of project timescales may be overly optimistic. B. Effective change control and management is impossible to implement. C. User participation in day-to-day project management may be too extensive. D. Users usually are not sufficiently knowledgeable to assist in system development.

1 Answers  

A company disposing of personal computers that once were used to store confidential data should first: A. demagnetize the hard disk. B. low-level format the hard disk. C. delete all data contained on the hard disk. D. defragment the data contained on the hard disk.

1 Answers  

A malicious code that changes itself with each file it infects is called a: A. logic bomb. B. stealth virus. C. trojan horse. D. polymorphic virus.

3 Answers  

The use of statistical sampling procedures helps minimize: A. sampling risk. B. detection risk. C. inherent risk. D. control risk.

1 Answers  




The MAJOR advantage of the risk assessment approach over the baseline approach to information security management is that it ensures: A. information assets are over protected. B. a basic level of protection is applied regardless of asset value. C. appropriate levels of protection are applied to information assets. D. an equal proportion of resources are devoted to protecting all information assets.

1 Answers  

During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.

1 Answers  

Which of the following is a dynamic analysis tool for the purpose of testing software modules? A. Blackbox test B. Desk checking C. Structured walk-through D. Design and code

1 Answers  

Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management

1 Answers  

After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools? A. Differential reporting B. False positive reporting C. False negative reporting D. Less detail reporting

1 Answers  

The most common problem in the operation of an intrusion detection system (IDS) is: A. the detection of false positives. B. receiving trap messages. C. reject error rates. D. denial-of-service attacks.

1 Answers   ABC,

Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)