Which of the following backup schemes is the BEST option when storage media is limited?
Correct Answer: C
A differential backup scheme is the best option when storage media is limited, as it only backs up the data that has changed since the last full backup. This reduces the amount of storage space required and also simplifies the restoration process, as only the last full backup and the last differential backup are needed. A real-time backup scheme would require continuous replication of data, which would consume a lot of storage space and network bandwidth. A virtual backup scheme would create a snapshot of the data at a point in time, but it would not reduce the storage space required, as it would still need to store the changes made to the data. A full backup scheme would back up all the data every time, which would require the most storage space and also take longer to complete. References: ISACA, CISA Review Manual, 27th Edition, 2018, page 405
CISA Exam Question 387
What is the PRIMARY reason to adopt a risk-based IS audit strategy?
Correct Answer: B
CISA Exam Question 388
Which type of control is being implemented when a biometric access device is installed at the entrance to a facility?
Correct Answer: A
A biometric access device installed at the entrance to a facility is a type of preventive control. Preventive controls are designed to deter or prevent undesirable events from occurring12. They are proactive measures that aim to inhibit incidents before they happen12. In this case, the biometric access device prevents unauthorized individuals from gaining access to the facility by requiring unique biological characteristics for authentication12. References: Guide to Biometric Access Control & Door Lock Security - Avigilon Biometric access control: meaning, types and implementation - Smowl
CISA Exam Question 389
An organization has engaged a third party to implement an application to perform business-critical calculations. Which of the following is the MOST important process to help ensure the application provides accurate calculations?
Correct Answer: D
The most important process to help ensure the application provides accurate calculations is quality assurance (QA), which involves verifying that the application meets the specified requirements and standards, and testing the application for functionality, performance, reliability, security, and usability. QA helps to identify and correct any defects or errors in the application before it is deployed to the production environment. Key performance indicator (KPI) monitoring, change management, and configuration management are important processes for managing and maintaining the application after it is implemented, but they do not directly ensure the accuracy of the calculationsperformed by the application. References: CISA Review Manual (Digital Version), Chapter 3: Information Systems Acquisition, Development & Implementation, Section 3.3: Practices for Quality Assurance
CISA Exam Question 390
Which of the following is the BEST way to identify whether the IT help desk is meeting service level agreements (SLAS)?
Correct Answer: A
The best way to identify whether the IT help desk is meeting service level agreements (SLAs) is A. Review exception reports. Exception reports are documents that highlight any deviations from the agreed service levels, such as breaches, delays, or failures. They can help the IT help desk to monitor their performance, identify root causes, and implement corrective actions. Reviewing exception reports can also help the IT help desk to communicate with the end users and stakeholders about any service issues and their resolution. Reference: IT help desk support SLA, Section 4: Reporting and Reviewing Service Levels, Page 3.
