Isaca Updated CISA Exam Questions and Answers by malaika

 Changing the default configurations of a database system is a critical control for securing it from unauthorized access or exploitation. Default configurations often include weak passwords, unnecessary services, open ports, or known vulnerabilities that can be easily exploited by attackers. The other options are not as important as changing the default configurations, as they do not address the root cause of the security risks. Normalizing tables in the database is a design technique for improving data quality and performance, but it does not affect security. Changing the service port used by the database server is a form of security by obscurity, which can be easily bypassed by port scanning tools. Using the default administration account after changing the account password is still risky, as the account name may be known or guessed by attackers. References: CISA Review Manual (Digital Version), Chapter 5, Section 5.2.4

 The most important thing to include in forensic data collection and preservation procedures is preserving data integrity. Data integrity is the property that ensures that data is accurate, complete, and consistent throughout its lifecycle. Preserving data integrity is essential for forensic data collection and preservation procedures because it ensures that the data can be used as valid and reliable evidence in legal proceedings or investigations. Preserving data integrity can be achieved by using methods such as hashing, checksums, digital signatures, write blockers, tamper-evident seals, or timestamps. The other options are not as important as preserving data integrity in forensic data collection and preservation procedures, as they do not affect the validity or reliability of the data. Assuring the physical security of devices is a security measure that protects devices from unauthorized access, theft, damage, or destruction, but it does not ensure that the data on the devices is accurate, complete, and consistent. Maintaining chain of custody is a documentation technique that records and tracks the handling and transfer of devices or data among different parties involved in forensic activities, but it does not ensure that the data on the devices is accurate, complete, and consistent. Determining tools to be used is a planning activity that selects and prepares the appropriate tools for forensic data collection and preservation procedures, but it does not ensure that the data collected and preserved by the tools is accurate, complete, and consistent. References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4

The primary factor to determine system criticality within an organization is the maximum allowable downtime (MAD). MAD is the maximum time frame during which recovery must become effective before an outage compromises the ability of an organization to achieve its business objectives and/or survival. MAD reflects the business impact of a system outage on the organization’s operations, reputation, compliance, and finances. MAD can help to prioritize system recovery efforts, allocate resources, and establish recovery objectives.

 An organization’s audit charter primarily describes the auditors’ authority to conduct audits. The audit charter is a formal document that defines the purpose, scope, responsibilities, and reporting relationships of the internal audit function. It also establishes the auditors’ right of access to information, records, personnel, and physical properties relevant to their work. The audit charter provides the basis for the auditors’ independence and accountability to the governing body and senior management.