ISACA CISA v2022-01-10 q320

ISACA.CISA.v2022-01-10.
q320
Exam Code: CISA

Exam Name: Certified Information Systems Auditor
Certification Provider: ISACA
Free Question Number: 320
Version: v2022-01-10
# of views: 104
# of Questions views: 3200
https://www.freecram.com/torrent/ISACA.CISA.v2022-01-10.q320.html
NEW QUESTION: 1
Which of the following is the BEST way to achieve high availability and fault tolerance for
an e-business system?
A. Robust systems architecture
B. Network diversity
C. Secure offsite backup storage
D. Storage area network
Answer: A (LEAVE A REPLY)
NEW QUESTION: 2
An organization is planning to re-purpose workstations mat were used to handle
confidential information. Which of the following would be the IS auditor's BEST
recommendation to dispose of this information?
A. Erase the disks by degaussing.
B. Delete the disk partitions.
C. Reformat the disks.
D. Overwrite the disks with random data
Answer: D (LEAVE A REPLY)
NEW QUESTION: 3
Which of the following should be the PRIMARY consideration for IT management when
selecting a new information security tool that monitors suspicious file access patterns?
A. Data correlation and visualization capabilities
B. Integration with existing architecture
C. Ease of support and troubleshooting
D. Ability to contribute to key performance indicator data
Answer: B (LEAVE A REPLY)
NEW QUESTION: 4
Which of the following poses the GREATEST security risk when implementing acquired
application systems?
A. Social engineering
B. Default logon IDs
C. Password length
D. Lack of audit logs
NEW QUESTION: 5
What is the BEST way (or an IS auditor to assess the adequacy of an expert consultant
who was selected to be involved in an audit engagement?
A. Obtain an understanding of the expert's relevant experience.
B. Review the independence and objectivity of the expert.
C. Verify that the engagement letter outlines the expert's responsibilities.
D. Review the industry reputation of the expert consultant's firm.
NEW QUESTION: 6
An IS auditor is reviewing a network diagram. Which of the following would be the BEST
location for placement of a firewall?
A. At borders of network segments with different security levels
B. Inside the demilitarized zone (DMZ)
C. Between each host and the local network switch/hub
D. Between virtual local area networks (VLANs)
NEW QUESTION: 7
Which of the following should be of GREATEST concern to an IS auditor reviewing project
documentation for a client relationship management (CRM) system migration project?
A. Five weeks prior to the target date, there are still numerous defects in the printing
functionality.
B. A single implementation phase is planned and the legacy system will be immediately
decommissioned.
C. The technical migration is planned for a holiday weekend and end users may not be
available.
D. Employees are concerned that data representation in the new system is completely
different from the old system.
Answer: (SHOW ANSWER)
NEW QUESTION: 8
Which of the following is the MOST effective sampling method for an IS auditor to use for
identifying fraud and circumvention of regulations?
A. Statistical sampling
B. Variable sampling
C. Stop-or-go sampling
D. Discovery sampling
NEW QUESTION: 9
The use of control totals reduces the risk of
A. incomplete processing
B. improper authorization
C. improper backup.
D. posting to the wrong record
NEW QUESTION: 10
An IS auditor is reviewing a data conversion project Which of the following is the auditor's
BEST recommendation prior to golive?
A. Conduct a mock conversion test.
B. Automate the test scripts
C. Establish a conliguiation baseline.
D. Review test procedures and scenarios
NEW QUESTION: 11
Which of the following BEST enables an organization to quantify acceptable data loss in
the event of a disaster?
A. Availability of backup software
B. Recovery time objective (RTO)
C. Recovery point objective (RPO)
D. Mean time to recover (MTTR)
Answer: C (LEAVE A REPLY)
NEW QUESTION: 12
Which of the following is the GREATEST risk associated with vulnerability scanning tools
used to identify security weaknesses?
A. Use of open source tools
B. False positives
C. Outdated signatures for detection
D. False negatives
NEW QUESTION: 13
During an ongoing audit management requests a briefing on the findings to date Which of
the following is the IS auditor's BEST course of action? *
A. Request management wait until a final report is ready for discussion
B. Present observations lor discussion only.
C. Request the auditee provide management responses
D. Review working papers with the auditee
NEW QUESTION: 14
Which of the following is the GREATEST benefit of implementing an incident management
process?
A. Reduction of cost by the efficient use of resources
B. Reduction in the business impact of incidents
C. Reduction in security threats
D. Opportunity for frequent reassessment of incidents
NEW QUESTION: 15
While conducting a review of project plans related to a new software development, an IS
auditor finds the project initiation document (PID) is incomplete. What is the BEST way for
the auditor to proceed?
A. Escalate to the project steering committee.
B. Inform audit management of possible risks associated with the deficiency.
C. Prepare a finding for the audit report.
D. Meet with the project sponsor to discuss the incomplete document.
NEW QUESTION: 16
Which of the following are examples of detective controls?
A. Source code review and echo checks in telecommunications
B. Check points in production jobs and rerun procedures
C. Use of access control software and deploying encryption software
D. Continuity of operations planning and backup procedures
Valid CISA Dumps shared by Fast2test.com for Helping Passing CISA Exam!
Fast2test.com now offer the newest CISA exam dumps, the Fast2test.com CISA exam
questions have been updated and answers have been corrected get the newest
Fast2test.com CISA dumps with Test Engine here: https://www.fast2test.com/CISA-
premium-file.html (440 Q&As Dumps, 30%OFF Special Discount: freecram)
NEW QUESTION: 17
An organization plans to implement a virtualization strategy enabling multiple operating
systems on a single host. Which of the following should be the GREATEST concern with
this strategy?
A. Licensing costs of the host
B. Adequate storage space
C. Application performance
D. Network bandwidth
NEW QUESTION: 18
In a high-volume, real-time system, the MOST effective technique by which to continuously
monitor and analyze transaction processing is:
A. integrated test facility (ITF)
B. transaction tagging
C. embedded audit modules.
D. parallel simulation.
NEW QUESTION: 19
Which of the following types of testing would BEST mitigate the risk of a newly
implemented system adversely impacting existing systems?
A. Sociability testing
B. User acceptance testing (UAT)
C. Functionality testing
D. Unit testing
NEW QUESTION: 20
Which of the following should be of concern to an IS auditor performing a software audit on
virtual machines?
A. Multiple users can access critical applications
B. Software licensing does not support virtual machines
C. Software has been installed on virtual machines by privileged users.
D. Applications have not been approved by the chief financial officer (CFO) .
NEW QUESTION: 21
Which of the following is necessary for effective risk management in IT governance?
A. Local managers are solely responsible for risk evaluation
B. Risk management strategy is approved by the audit committee
C. Risk evaluation is embedded in management processes.
D. IT risk management is separate from corporate risk management
NEW QUESTION: 22
Which of the following is the client organization's responsibility in a Software as a Service
(SaaS) environment?
A. Detecting unauthorized access
B. Ensuring the data is available when needed
C. Preventing insertion of malicious code
D. Ensuring that users are properly authorized
NEW QUESTION: 23
An IS auditor finds that one employee has unauthorized access to confidential dat a. The
IS auditor's BEST recommendation should be to:
A. recommend corrective actions to be taken by the security administrator.
B. require the business owner to conduct regular access reviews.
C. reclassify the data to a lower level of confidentiality.
D. implement a strong password schema for users,
NEW QUESTION: 24
An IS auditor is reviewing an industrial control system (ICS) that uses older unsupported
technology in the scope of an upcoming audit. What should the auditor consider the MOST
significant concern?
A. There is a greater risk of system exploitation.
B. Disaster recovery plans (DRPs) are not in place.
C. Attack vectors are evolving for industrial control systems.
D. Technical specifications are not documented.
NEW QUESTION: 25
Which of the following is the MOST important process to ensure planned IT system
changes are completed in an efficient manner?
A. Release management
B. Incident management
C. Demand management
D. Configuration management
NEW QUESTION: 26
Which of the following reports would provide the GREATEST assurance to an IS auditor
about the controls of a third party that processes critical data for the organization?
A. Black box penetration test report
B. Independent control assessment
C. Vulnerability scan report
D. The third party's control self-assessment (CSA)
NEW QUESTION: 27
What is the BEST way to control updates to the vendor master file in an accounts payable
system?
A. Periodically reviewing the entire vendor master file
B. Using prenumbered and authorized request forms
C. Comparing updates against authorization
D. Having only one person updating the master file
NEW QUESTION: 28
During the planning stage of a compliance audit an IS auditor discovers that a bank's
Inventory of compliance requirements does not include recent regulatory changes related
to managing data risk. What should the auditor do FIRST?
A. Discuss potential regulatory issues with the legal department.
B. Ask management why the regulatory changes have not been included
C. Report the missing regulatory updates to the chief information officer (CIO)
D. Exclude recent regulatory changes from the audit scope
NEW QUESTION: 29
internal IS auditor recommends that incoming accounts payable payment files be
encrypted. Which type of control is the auditor recommending?
A. Detective
B. Corrective
C. Preventive
D. Directive
NEW QUESTION: 30
An IS auditor has been asked to perform a post-Implementation assessment of a new
corporate human resources (HR) system. Which of the following control areas would be
MOST important to review for the protection of employee information?
A. Logging capabilities
B. Authentication mechanisms
C. System architecture
D. Data retention practices
NEW QUESTION: 31
Which of the following is the PRIMARY reason an IS auditor should use an IT-related
framework as a basis for scoping and structuring an audit?
A. It helps ensure comprehensiveness of the review and provides guidance on best
practices.
B. It demonstrates to management whether legal and regulatory requirements have been
met.
C. It simplifies audit planning and reduces resource requirements to complete an audit.
D. It provides a foundation to recommend certification of the organization's compliance
with the framework.
NEW QUESTION: 32
The PRIMARY benefit of information asset classification is that it:
A. helps to align organizational objectives.
B. enables risk management decisions.
C. facilitates budgeting accuracy.
D. prevents loss of assets.
NEW QUESTION: 33
Malicious program code was found in an application and corrected prior to release into
production. After the release, the same issue was reported. Which of the following is the IS
auditor's BEST recommendation?
A. Ensure the business signs off on end-to-end user acceptance test (UAT) results.
B. Ensure change management reports are independently reviewed.
C. Ensure programmers cannot access code after the completion of program edits.
D. Ensure corrected program code is compiled in a dedicated server.
NEW QUESTION: 34
A PRIMARY benefit derived by an organization employing control self-assessment (CSA)
techniques is that CSA
A. can identify nigh-risk areas for detailed review
B. can be used as a replacement for traditional audits.
C. allows management to relinquish responsibility for control.
D. allows IS auditors to independently assess risk
NEW QUESTION: 35
Which of the following is the PRIMARY reason for an organization's procurement
processes to include an independent party who is not directly involved with business
operations and related decision-making'?
A. To ensure continuity of processes and procedures
B. To avoid conflicts of interest
C. To ensure favorable price negotiations
D. To optimize use of business team resources
NEW QUESTION: 36
An organization plans to launch a social media presence as part of a new customer service
campaign. Which of the following is the MOST significant risk from the perspective of
potential litigation?
A. Access to corporate-sponsored social media accounts requires only single-factor
authentication.
B. Approved employees can use personal devices to post on the company $ behalf
C. There is a lack of dear procedures for responding to customers on social media outlets
D. The policy stating what employees can post on the organization s behalf is unclear.
NEW QUESTION: 37
Which of the following is a preventive control related to change management?
A. Debugging of implemented changes
B. Log review of managed changes
C. Audit of implemented changes for the period under review
D. Implementation of managed change approval processes
NEW QUESTION: 38
Which of the following is the BEST way to loster continuous improvement of IS audit
processes and practices?
A. Establish and embed quality assurance (QA) within the IS audit function.
B. Invite external auditors and regulators to perform regular assessments of the IS audit
function.
C. Frequently review IS audit policies, procedures, and instruction manuals
D. Implement rigorous management review and sign-off of IS audit deliverables.
NEW QUESTION: 39
Which of the following is the MOST important factor when an organization is developing
information security policies and procedures?
A. Compliance with relevant regulations
B. Consultation with security staff
C. Alignment with an information security framework
D. Inclusion of mission and objectives
NEW QUESTION: 40
Which of the following is the GREATEST risk associated with conducting penetration
testing on a business-critical application production environment?
A. Data integrity may become compromised
B. Results may differ from those obtained in the test environment
C. This type of testing may not adhere to audit standards
D. System owners may not be informed in advance
NEW QUESTION: 41
An IS auditor is planning on utilizing attribute sampling to determine the error rate for
health care claims processed. Which of the following factors will cause the sample size to
decrease?
A. Acceptable risk level decrease
B. Expected error rate increase
C. Tolerable error rate increase
D. Population size increase
NEW QUESTION: 42
Which of the following should be of GREATEST concern for an IS auditor reviewing an
organization's bring your own device (BYOD) policy?
A. The policy does not include the right to audit BYOD devices.
B. Not all devices are approved for BYOD.
C. The policy is not updated annually.
D. A mobile device management (MDM) solution is not implemented.
NEW QUESTION: 43
Which of the following is a determine security control that reduces the likelihood of an
insider threat event?
A. Distributing disciplinary policies
B. Executing data recovery procedures
C. Removing malicious code
D. Creating contingency plans
NEW QUESTION: 44
A sales representative is reviewing the organization's feedback blog and gets redirected to
a site that sells illegal prescription drugs. The blog site is MOST likely susceptible to which
of the following types of attacks?
A. SQL injection
B. Phishing attack
C. Cross-site scripting
D. Directory harvesting
NEW QUESTION: 45
An IS auditor finds that an organization's data toss prevention (DLP) system is configured
to use vendor default settings to identify violations. The auditor's MAIN concern should be
that:
A. violation reports may not be reviewed in a timely manner.
B. violations may not be categorized according to the organization's risk profile.
C. a significant number of false positive violations may be reported.
D. violation reports may not be retained according to the organization's risk profile.
NEW QUESTION: 46
An IS auditor is asked to provide feedback on the systems options analysis for a new
project The BEST course of action for the IS auditor would be to:
A. comment on the criteria used to assess the alternatives.
B. request at least one other alternative.
C. identify the best alternative.
D. retain comments as findings for the audit report.
NEW QUESTION: 47
Which of the following BEST helps to identify errors during data transfer?
A. Decrease the size of data transfer packets.
B. Enable a logging process for data transfer.
C. Test the integrity of the data transfer.
D. Review and verify the data transfer sequence numbers.
NEW QUESTION: 48
An IS auditor has obtained a large complex data set for analysis. Which of the following
activities will MOST improve the output from the use of data analytics tools?
A. Data classification
B. Data masking
C. Data preparation
D. Data anonymization
NEW QUESTION: 49
When auditing the closing stages of a system development project, which of the following
should be the MOST important consideration?
A. Control requirements
B. Functional requirements documentation
C. User acceptance test (UAT) results
D. Rollback procedures
NEW QUESTION: 50
A senior auditor is reviewing work papers prepared by a junior auditor indicating that a
finding was removed after the auditee said they corrected the problem. Which of the
following is the senior auditor's MOST appropriate course of action?
A. Approve the work papers as written
B. Ask the auditee to retest
C. Have the finding reinstated
D. Refer the issue to the audit director
NEW QUESTION: 51
An organization that has suffered a cyber attack is performing a forensic analysis of the
affected users' computers Which of the following should be of GREATEST concern for the
IS editor reviewing this process?
A. The chain of custody has not been documented
B. Audit was only involved during extraction of the information.
C. The legal department has not been engaged.
D. An imaging process was used to obtain a copy of the data from each computer.
NEW QUESTION: 52
Which of the following BEST describes the relationship between vulnerability scanning and
penetration testing?
A. For entities with regulatory drivers, the two tests must be the same.
B. Both utilize a risk-based analysis that considers threat scenarios
C. Both are labor-intensive in preparation, planning and execution
D. The scope of both is determined primarily by the likelihood of exploitation
NEW QUESTION: 53
Which of the following is the GREATEST risk associated with data conversion and
migration during implementation of a new application?
A. Inadequate audit trails and logging
B. Lack of data transformation rules
C. Obsolescence and data backup compatibility
D. Absence of segregation of duties
NEW QUESTION: 54
Which of the following provides an IS auditor with the BEST evidence that a system has
been assessed for known exploits?
A. Black box testing report
B. Patch cycle report
C. Vulnerability scanning report
D. White box testing report
NEW QUESTION: 55
Which of the following is MOST important for an IS auditor to test when reviewing market
data received from external providers?
A. Data encryption configurations
B. Data transformation configurations
C. Data loading controls
D. Data quality controls
NEW QUESTION: 56
A help desk has been contacted regarding a lost business mobile device The FIRST
course of action should be to
A. verify the user's identity through a challenge response system
B. involve the security response team to launch an investigation
C. consult the legal team regarding the impact of intellectual property loss
D. attempt to locate the device remotely.
NEW QUESTION: 57
A banking organization has outsourced its customer data processing facilities to an
external service provider. Which of the following roles is accountable for ensuring the
security of customer data?
A. The bank's senior management
B. The service provider's data processor
C. The service provider's data privacy officer
D. The bank's vendor risk manager
NEW QUESTION: 58
Which of the following are BEST suited for continuous auditing?
A. Low-value transactions
B. Manual transactions
C. Irregular transactions
D. Real-time transactions
NEW QUESTION: 59
An IS auditor learns a server administration team regularly applies workarounds to address
repeated failures of critical data processing services. Which of the following would BEST
enable the organization to resolve this issue?
A. Change management
B. Problem management
C. Incident management
D. Service level management
NEW QUESTION: 60
Which of the following security testing techniques is MOST effective in discovering
unknown malicious attacks?
A. Sandboxing
B. Penetration testing
C. Vulnerability testing
D. Reverse engineering
NEW QUESTION: 61
Which of the following is the BEST way to mitigate risk to an organization's network
associated with devices permitted under a bring your own device (BYOD) policy?
A. Ensure the policy requires antivirus software on devices
B. Require personal devices to be reviewed by IT staff
C. Enable port security on all network switches
D. Implement a network access control system
NEW QUESTION: 62
Capacity management enables organizations to:
A. identify the extent to which components need to be upgraded.
B. forecast technology trends.
C. establish the capacity of network communication links.
D. determine business transaction volumes.
NEW QUESTION: 63
Which of the following provides the MOST assurance that new information systems are
ready for migration to the production environment?
A. Approval by the change advisory board
B. Results of end user acceptance testing (UAT)
C. Results of penetration testing performed by the development team
D. System quality assurance (QA) performed by an in-house team
NEW QUESTION: 64
A financial institution has a system interface that is used by its branches to obtain
applicable currency exchange rates when processing transactions Which of the following
should be the PRIMARY control objective for maintaining the security of the system
interface?
A. Preventing unauthorized access to the data via interception
B. Preventing unauthorized access to the data via malicious activity
C. Ensuring the integrity of the data being transferred
D. Ensuring the availability of the data being transferred
NEW QUESTION: 65
The BEST way to determine whether programmers have permission to alter data in the
production environment is by reviewing:
A. how the latest system changes were implemented
B. the access rights that have been granted
C. the access control system's configuration.
D. the access control system's log settings.
NEW QUESTION: 66
Which of the following is the BEST development methodology to help manage project
requirements in a rapidly changing environment?
A. Object-oriented system development
B. Prototyping
C. Waterfall development process
D. Iterative development process
NEW QUESTION: 67
Which of the following MOST effectively mitigates the risk of disclosure of sensitive data
stored on company-owned smartphones?
A. Mobile device management (MDM)
B. Data leakage prevention (DLP) tools
C. Physical device tagging
D. Secure containers
NEW QUESTION: 68
Which of the following is the PRIMARY reason an IS auditor should discuss observations
with management before delivering a final report?
A. Validate the audit observations.
B. Identify business risks associated with the observations
C. Record the proposed course of corrective action.
D. Assist the management with control enhancements.
NEW QUESTION: 69
A bank is relocating its servers to a vendor that provides data center hosting services to
multiple clients. Which of the following controls would restrict other clients from physical
access to the bank servers?
A. Closed-circuit television camera
B. 24-hour security guards
C. Locking server cages
D. Biometric access at all data center entrances
NEW QUESTION: 70
An IS audit manager is preparing the starling plan for an audit engagement of a cloud
service provider What should be the manager's PRIMARY concern when made aware that
a new auditor in the department previous worked for this provider?
A. Integrity
B. Professional conduct
C. Independence
D. Competency
NEW QUESTION: 71
Which of the following is the MOST likely cause of a successful firewall penetration?
A. Firewall misconfiguration by the administrator
B. Virus infection
C. Use of a Trojan to bypass the firewall
D. Loophole m firewall vendor's code
NEW QUESTION: 72
During an audit of identity and access management, an IS auditory finds that the
engagement audit plan does not include the testing of controls that regulate access by
third parties. Which of the following would be the auditor's BEST course of action?
A. Escalate the deficiency to audit management.
B. Add testing of third-party access controls to the scope of the audit.
C. Plan to test these controls in another audit
D. Determine whether the risk has been identified in the planning documents
NEW QUESTION: 73
Which of the following is MOST important for an IS auditor to consider during a review of
the IT governance of an organization?
A. Risk management methodology
B. Funding allocation
C. Defined service levels
D. Decision making responsibilities
NEW QUESTION: 74
An organization is using a single account shared by personnel for its social networking
marketing page. Which of the following is the BEST method to maintain accountability over
the account?
A. Integrating the account with single sign-on
B. Reviewing access rights on a periodic basis
C. Regular monitoring of proxy server logs
D. Implementing an account password check-out process
NEW QUESTION: 75
What is the BEST control to address SQL injection vulnerabilities?
A. Unicode translation
B. Digital signatures
C. Input validation
D. Secure Sockets Layer (SSL) encryption
NEW QUESTION: 76
Secure code reviews as part of a conbnuous deployment program are which type of
control?
A. Logical
B. Corrective
C. Detective
D. Preventive
NEW QUESTION: 77
Which of the following is a preventive control that can be used to mitigate insider threats?
A. Role-based access
B. User activity monitoring
C. Backup procedures
D. Penetration testing
NEW QUESTION: 78
An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY
objective is to ensure that
A. security parameters are set in accordance with the organizations policies
B. a detailed business case was formally approved prior to the purchase.
C. security parameters are set in accordance with the manufacturer's standards
D. the procurement project invited tenders from at least three different suppliers.
NEW QUESTION: 79
As part of business continuity planning, which of the following is MOST important to assess
when conducting a business impact analysis (BIA)?
A. Critical applications in the cloud
B. Risk appetite
C. Completeness of critical asset inventory
D. Recovery scenarios
NEW QUESTION: 80
Due to budget restraints, an organization is postponing the replacement of an in-house
developed mission critical application. Which of the following represents the GREATEST
risk?
A. Maintenance costs may rise
B. Inability to virtualize the server
C. Inability to align to changing business needs
D. Eventual replacement may be more expensive
NEW QUESTION: 81
Which of the following should be reviewed FIRST when assessing the effectiveness of an
organization's network security procedures and controls?
A. Inventory of authorized devices
B. Vulnerability remediation
C. Malware defenses
D. Data recovery capability
NEW QUESTION: 82
An organization seeks to control costs related to storage media throughout the information
life cycle while still meeting business and regulatory requirements. Which of the following is
the BEST way to achieve this objective?
A. Utilize solid state memory.
B. Perform periodic tape backups.
C. Stream backups to the cloud.
D. Implement a data retention policy.
NEW QUESTION: 83
During a review of a production schedule, an IS auditor observes that a staff member is not
complying with mandatory operational procedures. The auditor's NEXT step should be to:
A. Issue an audit memorandum identifying the incompliance
B. Note the noncompliance in the audit working papers
C. Determine why the procedures were not followed
D. Include the noncompliance in the audit report
NEW QUESTION: 84
Which of the following is MOST critical for the effective implementation of IT governance?
A. Strong risk management practices
B. Internal auditor commitment
C. Documented policies
D. Supportive corporate culture
NEW QUESTION: 85
Which of the following metrics is MOST useful to an IS auditor when evaluating whether IT
investments are meeting business objectives?
A. Actual return on investment (ROI) versus industry average ROI.
B. Realized return on investment (ROI) versus projected ROI
C. Budgeted spend versus actual spend
D. Actual versus projected customer satisfaction
NEW QUESTION: 86
Which of the following should be a concern to an IS auditor reviewing a digital forensic
process for a security incident?
A. The media with the original evidence was not write-blocked.
B. The forensic expert used open-source forensic tools.
C. Analysis was performed using an image of the original media.
D. The affected computer was not immediately shut down after the incident.
NEW QUESTION: 87
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
A. Residual risk from the findings of previous audits
B. Complexity of management's action plans
C. Audit cycle defined in the audit plan
D. Recommendation from executive management
NEW QUESTION: 88
Using swipe cards to limit employee access to restricted areas requires implementing
which additional control?
A. Physical sign-in of all employees for access to restricted areas
B. Initial escort of all new hires by a current employee
C. Employee-access criteria determined on the basis of IS experience
D. Periodic review of access profiles by management
NEW QUESTION: 89
Which of the following is the BEST indication of the completeness of interface control
documents used for the development of a new application?
A. All documents have been reviewed by end users.
B. Both successful and failed interface data transfers are recorded.
C. All inputs and outputs for potential actions are included.
D. Failed interface data transfers prevent subsequent processes.
NEW QUESTION: 90
An IS auditor is a member of an application development team that is selecting software.
Which of the following would impair the auditor's independence?
A. Approving the vendor selection methodology
B. verifying the weighting of each selection criteria
C. Witnessing the vendor selection process
D. Reviewing the request for proposal (RFP)
NEW QUESTION: 91
An organization has recently implemented a Voice-over IP (VoIP) communication system.
Which of the following should be the IS auditor's PRIMARY concern?
A. Lack of integration of voice and data communications
B. A single point of failure for both voice and data communications
C. Voice quality degradation due to packet loss
D. Inability to use virtual private networks (VPNs) for internal traffic
NEW QUESTION: 92
An organization's strategy to source certain IT functions from a Software as a Service
(SaaS) provider should be approved by the:
A. IT steering committee
B. IT operations manager
C. chief financial officer (CFO).
D. chief risk officer (CRO)
NEW QUESTION: 93
Which of the following would provide the BEST evidence for use in a forensic investigation
of an employee's hard drive?
A. A file level copy of the hard drive
B. Prior backups
C. Bit-stream copy of the hard drive
D. Memory dump to an external hard drive
NEW QUESTION: 94
Batch processes running in multiple countries are merged to one batch job to be executed
in a single data center. Which of the following is the GREATEST concern with this
approach?
A. The job execution approval process at the regional level may be compromised.
B. Restart of the batch job after disruption may impair the integrity of databases.
C. Change management may become highly complex after job integration
D. The knowledge base maintained by current staff may be lost.
NEW QUESTION: 95
When evaluating information security governance within an organization which of the
following findings should be of MOST concern to an IS auditor?
A. Information security policies are updated annually
B. The information security department has difficulty filling vacancies
C. An information security governance audit was not conducted within the past year
D. The data center manager has final sign-off on security projects.
NEW QUESTION: 96
An organization decides to establish a formal incident response capability with clear roles
and responsibilities facilitating centralized reporting of security incidents. Which type of
control is being implemented?
A. Preventive control
B. Corrective control
C. Compensating control
D. Detective control
NEW QUESTION: 97
Which of the following should be included in emergency change control procedures?
A. Use an emergency ID to move production programs into development.
B. Obtain user management approval before implementing the changes.
C. Update production source libraries to reflect changes.
D. Request that the help desk make the changes.
NEW QUESTION: 98
Which of the following provides the MOST comprehensive understanding of an
organizations information security posture?
A. External audit findings
B. The organization items security incident trends
C. Results of vulnerability assessments
D. Risk management metrics
NEW QUESTION: 99
An IS auditor plans to review all access attempts to a video-monitored and proximity card-
controlled communications room. Which of the following would be MOST useful to the
auditor?
A. System electronic log
B. Alarm system with CCTV
C. Security incident log
D. Manual sign-in and sign-out log
NEW QUESTION: 100

Which of the following would be the BEST indicator of the effectiveness of an
organization's portfolio management program?
A. Percentage of investments achieving their forecasted value
B. Stakeholders' perception of IT's value
C. Experience of the portfolio management personnel
D. Maturity levels of the value management processes
NEW QUESTION: 101

Which of the following is the MOST significant risk associated with peer-to-peer networking
technology?
A. Loss of information during transmission
B. Lack of reliable internet network connections
C. Reduction in staff productivity
D. Lack of central monitoring
NEW QUESTION: 102

Which of the following implementation strategies for new applications presents the
GREATEST risk during data conversion and migration from an old system to a new
system?
A. Phased implementation
B. Parallel simulation
C. Direct cutover
D. Pilot implementation
NEW QUESTION: 103

Which of the following is the PRIMARY benefit of continuous auditing?
A. It allows reduced sample sizes for testing
B. It enables timely detection of anomalies.
C. It deters fraudulent transactions.
D. It facilitates the use of robotic automation processes.
NEW QUESTION: 104

When determining which IS audits to conduct during the upcoming year, internal audit has
received a request from management for multiple audits of the contract division due to
fraud findings during the prior year Which of the following is the BEST basis for selecting
the audits to be performed?
A. Select audits based on management's suggestion
B. Select audits based on an organizational risk assessment.
C. Select audits based on the skill sets of the IS auditors.
D. Select audits based on collusion risk
NEW QUESTION: 105
A month after a company purchased and implemented system and performance
monitoring software reports were too large and therefore were not reviewed or acted upon
The MOST effective plan of action would be to
A. evaluate replacement systems and performance monitoring software
B. use analytical tools to produce exception reports from the system and performance
monitoring software
C. re-install the system and performance monitoring software
D. restrict functionality of system monitoring software to security-related events
NEW QUESTION: 106

Which of the following is the MAIN purpose of an information security management
system?
A. To identify and eliminate the root causes of information security incidents
B. To reduce the frequency and impact of information security incidents
C. To keep information security policies and procedures up-to-date
D. To enhance the impact of reports used to monitor information security incidents
NEW QUESTION: 107

A third-party service provider is hosting a private cloud for an organization. Which of the
following findings during an audit of the provider poses the GREATEST risk to the
organization?
A. 2% of backups had to be rescheduled due to backup media failures.
B. The organization's virtual machines share the same hypervisor with virtual machines of
other clients.
C. Two different hypervisor versions are used due to the compatibility restrictions of some
virtual machines.
D. 5% of detected incidents exceeded the defined service level agreement (SLA) for
escalation.
NEW QUESTION: 108
An online retailer is receiving customer complaints about receiving different items from
what they ordered on the organization's website. The root cause has been traced to poor
data quality. Despite efforts to clean erroneous data from the system, multiple data quality
issues continue to occur. Which of the following recommendations would be the BEST way
to reduce the likelihood of future occurrences?
A. Implement business rules to validate employee data entry.
B. Invest in additional employee training for data entry.
C. Outsource data cleansing activities to reliable third parties.
D. Assign responsibility for improving data quality.
NEW QUESTION: 109

Which of the following is the BEST way to mitigate the impact of ransomware attacks?
A. Backing up data frequently
B. Invoking the disaster recovery plan (DRP)
C. Requiring password changes for administrative accounts
D. Paying the ransom
NEW QUESTION: 110

When a firewall is subjected to a probing attack, the MOST appropriate first response is for
the firewall to:
A. reject the packet.
B. alert the administrator.
C. break the Internet connection.
D. drop the packet
NEW QUESTION: 111

When reviewing an organization's IT governance processes, which of the following
provides the BEST indication that information security expectations are being met at all
levels?
A. Approval of the security program by senior management
B. Implementation of a comprehensive security awareness program
C. Achievement of established security metrics
D. Utilization of an internationally recognized security standard
NEW QUESTION: 112

In an environment that automatically reports all program changes. which of the following is
the MOST efficient way to detect unauthorized changes to production programs?
A. Verifying user management approval of modifications
B. Periodically running and reviewing test data against production programs
C. Reviewing the last compile dale of production programs
D. Manually comparing code in production programs to controlled copies
NEW QUESTION: 113

An IS auditor finds that application servers had inconsistent security settings leading to
potential vulnerabilities Which of the following is the BEST recommendation by the IS
auditor?
A. Improve the change management process
B. Perform a penetration test
C. Establish security metrics.
D. Perform a configuration review
NEW QUESTION: 114

Which of the following is the GREATEST advantage of application penetration testing over
vulnerability scanning?
A. Penetration testing provides a more accurate picture of gaps in application controls
B. Penetration testing does not require a special skill set to be executed.
C. Penetration testing creates relatively smaller risks to application availability and integrity
D. Penetration testing can be conducted in a relatively short time period.
NEW QUESTION: 115

Which of the following should be done FIRST when developing a business continuity plan
(BCP)?
A. Review environmental controls.
B. Conduct a business impact analysis (BIA).
C. Perform a vulnerability analysis
D. Perform a business threat assessment.
NEW QUESTION: 116

The use of cookies constitutes the MOST significant security threat when they are used
for:
A. obtaining a public key from a certification authority (CA)
B. authenticating using username and password
C. forwarding email and Internet protocol (IP) addresses
D. downloading files from the host server
NEW QUESTION: 117

Which of the following findings should be of MOST concern to an IS auditor reviewing an
organization's business continuity plan (BCP)?
A. End users have not been trained on the latest version of the plan.
B. The plan has not been updated in several years.
C. The plan has not been signed by executive management.
D. No tabletop exercises have been conducted for the plan.
NEW QUESTION: 118

When an IS auditor evaluates key performance indicators (KPls) (or IT initiatives, it is
MOST important that the KPIs indicate.
A. IT solutions are within budget
B. IT resources are fully utilized
C. IT objectives are measured
D. IT deliverables are process driven.
NEW QUESTION: 119

Which of the following would be of MOST concern during an audit of an end-user
computing (EUC) system containing sensitive information?
A. Service level agreements (SLAs) are undefined.
B. Audit logging is not available.
C. System data is not protected.
D. The system's anti-virus software is outdated.
NEW QUESTION: 120

Which of the following is a detective control that can be used to uncover unauthorized
access to information systems?
A. Requiring internal audit to perform periodic reviews of system access logs
B. Protecting access to the data center with multif actor authentication
C. Implementing a security information and event management (SIEM) system
D. Requiring long and complex passwords for system access
NEW QUESTION: 121

An IS auditor is observing transaction processing and notes that a high-priority update job
ran out of sequence What is the MOST significant risk from this observation?
A. The job may not have run to completion
B. Daily schedules lack change control
C. The job completes with invalid data
D. Previous jobs may have failed
NEW QUESTION: 122

Which of the following is an example of a control that is both detective and preventive at
the same lime?
A. A payment order to a sanctioned country is detected in the system before the payment
is actually made.
B. Detective fraud controls performed on past transactions prevent legal action being taken
against the organization.
C. Detection of unauthorized activity in a database prevents further manipulation by the
database administrator (DBA).
D. A misconfiguration of an operating system is detected and future recurrence can
successfully be prevented.
NEW QUESTION: 123

To help determine whether a controls-reliant approach to auditing financial systems r a
company should be used which sequence of IS audit work is MOST appropriate'
A. Review of major financial applications followed by a review of IT governance processes
B. Review of the general IS controls followed by a review of the application controls
C. Review of application controls followed by a test of key business process controls
D. Detailed examination of financial transactions followed by review of the general ledger
NEW QUESTION: 124

A manufacturing company is implementing application software for its sales and
distribution system. Which of the following is the MOST important reason for the company
to choose a centralized online database?
A. Enhanced data redundancy
B. Elimination of multiple points of failure
C. Enhanced integrity controls
D. Elimination of the need for data normalization
NEW QUESTION: 125

An organization has agreed to perform remediation related to high-risk audit findings. The
remediation process involves a complex reorganization of user roles as well as the
Implementation of several compensating controls that may not be completed within the
next audit cycle Which of the following is the BEST way for an IS auditor to follow up on
their activities?
A. Provide management with a remediation timeline and verity adherence
B. Schedule a review of the controls after the projected remediation date
C. Review the progress of remediation on a regular basis
D. Continue to audit the failed controls according to the audit schedule
NEW QUESTION: 126

Which of the following is the BEST way to detect system security breaches?
A. Conducting continuous monitoring with an automated system security tool
B. Conducting frequent vulnerability scans
C. Performing intrusion tests on a regular basis
D. Ensuring maximum interoperability among systems throughout the organization
NEW QUESTION: 127

In the case of a disaster where the data center is no longer available which of the following
tasks should be done FIRST?
A. Perform data recovery
B. Activate the call tree
C. Analyze risk
D. Arrange for a secondary site
NEW QUESTION: 128

Which of the following is the BEST way to determine il IT is delivering value to the
business?
A. Analyze downtime frequency and duration.
B. Interview key IT managers and service providers.
C. Review IT service level agreement (SLA) results.
D. Perform control self-assessments (CSAs).
NEW QUESTION: 129

Which of the following is MOST influential when defining disaster recovery strategies?
A. Maximum tolerable downtime
B. Existing server redundancies
C. Data classification scheme
D. Annual loss expectancy
NEW QUESTION: 130

What is the BEST population to select from when testing that programs are migrated to
production with proper approval?
A. Change advisory board meeting minutes
B. List of production programs
C. List of changes provided by application programming managers
D. Completed change request forms
NEW QUESTION: 131

A bank has implemented a new accounting system. Which of the following is the BEST
lime for an IS auditor to perform a post-implementation review?
A. After the first reporting cycle
B. As close to go-live as possible
C. After user acceptance testing (UAT) is completed
D. One full year after go-live
NEW QUESTION: 132

Which of the following findings should be of GREATEST concern to an IS auditor
conducting a forensic analysis following incidents of suspicious activities on a server?
A. The server is outside the domain.
B. Audit logs are not enabled on the server.
C. Most suspicious activities were created by system IDs.
D. The server's operating system is outdated.
NEW QUESTION: 133
When implementing a new IT maturity model which of the following should occur FIRST?
A. Benchmark with industry peers
B. Define the target IT maturity level
C. Develop performance metrics
D. Determine the model elements to be evaluated
NEW QUESTION: 134

Which of the following documents would be MOST useful in detecting a weakness in
segregation of duties?
A. Process flowchart
B. Systems flowchart
C. Data flow diagram
D. Entity-relationship diagram
NEW QUESTION: 135

Of the following, who should approve a release to a critical application that would make the
application inaccessible for 24 hours?
A. Project manager
B. Chief information security officer (CISO)
C. Business process owner
D. Data custodian
NEW QUESTION: 136

Which of the following is the MOST effective way to identify anomalous transactions when
performing a payroll fraud audit?
A. Substantive testing of payroll files
B. Data analytics on payroll data
C. Sample-based review of pay stubs
D. Observation of payment processing
NEW QUESTION: 137

An organization has installed blade server technology in its data center. To determine
whether higher cooling demands are maintained, which of the following should the IS
auditor review?
A. Uninterruptible power supply (UPS) systems
B. Air conditioning capacity
C. Ventilation systems
D. Duct maintenance
NEW QUESTION: 138

Which of the following should be the PRIMARY objective of a migration audit?
A. Data integrity
B. System performance
C. Control adequacy
D. Business continuity
NEW QUESTION: 139

An IS auditor attempts to sample for variables in a population of items with wide
differences in values but determines that an unreasonably large number of sample items
must be selected to produce the desired confidence level. In this situation, which of the
following is the BEST audit decision?
A. Lower the desired confidence level
B. Select a stratified sample
C. Select a judgmental sample
D. Allow more time and test the required sample
NEW QUESTION: 140

During a review of an application system, an IS auditor identifies automated controls
designed to prevent the entry of duplicate transactions. What is the BEST way to verify that
the controls work as designed?
A. Implement periodic reconciliations.
B. Enter duplicate transactions in a copy of the live system.
C. Use generalized audit software for seeking data corresponding to duplicate
transactions.
D. Review quality assurance (QA) test results.
NEW QUESTION: 141

Which of the following control techniques BEST ensures the integrity of system interface
transmissions?
A. Parity check
B. Reasonableness check
C. Completeness check
D. Validity check
NEW QUESTION: 142

Which of the following development practices would BEST mitigate the risk associated with
theft erf user credentials transmitted between mobile devices and the corporate network?
A. Allow persistent sessions between mobile applications and the corporate network.
B. Enforce the validation of digital certificates used in the communication sessions
C. Release mobile applications in debugging mode to allow for easy troubleshooting.
D. Embed cryptographic keys within the mobile application source code.
NEW QUESTION: 143

Which of the following is MOST important for an IS auditor to verify during a disaster
recovery audit?
A. Regular backups are made and stored offsite
B. Tabletop disaster recovery tests are conducted
C. The disaster recovery plan (DRP) is updated on a regular basis.
D. Roles and responsibilities are documented.
NEW QUESTION: 144

Which of the following is MOST helpful for an IS auditor to review when determining the
appropriateness of controls relevant to a specific audit area?
A. Control self-assessment (CSA)
B. Business impact analysis (BIA)
C. Control implementation methods
D. Enterprise architecture (EA) design
NEW QUESTION: 145

An organization performs both full and incremental database backups Which of the
following will BEST enable full restoration in the event of the destruction of the data
center?
A. Rotate all backups to an offsite location daily
B. Maintain full and incremental backups in a secure server room
C. Transmit incremental backups to an offsite location daily.
D. Move full backups to an offsite location weekly
NEW QUESTION: 146

The PRIMARY role of a control self-assessment (CSA) facilitator Is to:
A. conduct interviews to gam background information
B. provide solutions for control weaknesses.
C. focus the team on internal controls.
D. report on the internal control weaknesses.
NEW QUESTION: 147

Which of the following conditions would be of MOST concern to an IS auditor assessing
the risk of a successful brute force attack against encrypted data at rest?
A. Use of asymmetric encryption
B. Random key generation
C. Short key length
D. Use of symmetric encryption
NEW QUESTION: 148

Which of the following is MOST important when implementing a data classification
program?
A. Understanding the data classification levels
B. Planning for secure storage capacity
C. Formalizing data ownership
D. Developing a privacy policy
NEW QUESTION: 149

Which of the following validation techniques would BEST prevent duplicate electronic
vouchers?
A. Sequence check
B. Cyclic redundancy check
C. Reasonless check
D. Edit check
NEW QUESTION: 150

Which of the following is MOST important for an IS auditor to consider when reviewing
documentation for an organization's forensics policy?
A. Assigned roles and responsibilities
B. Access controls
C. Notification processes
D. Evidence preservation
NEW QUESTION: 151

An IS auditor finds that the process for removing access for terminated employee is not
documented. What is the MOST significant risk from this observation?
A. HR records may not match system access
B. Procedures may not align with the practices
C. Access rights may not be removed in a timely manner
D. Unauthorized access cannot be identified
NEW QUESTION: 152

Which of the following is the PRIMARY reason for an IS auditor to select a statistical
sampling method?
A. Statistical sampling methods must be used to mitigate audit risk.
B. Statistical sampling methods help the auditor to determine the tolerable error rate.
C. Statistical sampling methods enable the auditor to objectively quantify the probability of
error.
D. Statistical sampling methods are the most effective way to avoid sampling risk.
NEW QUESTION: 153

Which of the following approaches would BEST ensure that data protection controls are
embedded into software being developed?
A. Tracking data protection requirements throughout the SDLC
B. Deriving data protection requirements from key stakeholders
C. Utilizing a data protection template for user acceptance testing (UAT)
D. Implementing a quality assurance (QA) process during the development phase
NEW QUESTION: 154

When reviewing backup policies, an IS auditor MUST verify that backup intervals of critical
systems do not exceed which of the following?
A. Recovery time objective (RTO)
B. Recovery point objective (RPO)
C. Maximum acceptable outage (MAO)
D. Service level objective (SLO)
NEW QUESTION: 155

The decision to accept an IT control risk related to data quality should be the responsibility
of the:
A. IS audit manager.
B. chief information officer (CIO).
C. business owner.
D. information security team.
NEW QUESTION: 156

During business process reengineering (BPR) of a bank's teller activities, an IS auditor
should evaluate:
A. the impact of changed business processes.
B. the cost of new controls.
C. continuous improvement and monitoring plans.
D. BPR project plans
NEW QUESTION: 157

An IS auditor is following up on prior period items and finds management did not address
an audit finding. Which of the following should be the IS auditor's NEXT course of action?
A. Recommend alternative solutions to address the repeat finding
B. Conduct a risk assessment of the repeat finding
C. Note the exception in a new report as the item was not addressed by management
D. Interview management to determine why the finding was not addressed
NEW QUESTION: 158

An organization plans to receive an automated data feed into its enterprise data
warehouse from a third-party service provider. Which of the following would be the BEST
way to prevent accepting bad data?
A. Purchase data cleansing tools from a reputable vendor
B. Appoint data quality champions across the organization
C. Obtain error codes indicating failed data feeds
D. Implement business rules to reject invalid data
NEW QUESTION: 159

Which of the following applications has the MOST inherent risk and should be prioritized
during audit planning?
A. An onsite application that is unsupported
B. An internally developed application
C. A decommissioned legacy application
D. An outsourced accounting application
NEW QUESTION: 160

The GREATEST risk of database denormalization is:
A. loss of database integrity.
B. incorrect metadata.
C. decreased performance.
D. loss of data confidentiality.
NEW QUESTION: 161

Which of the following is MOST likely to be included in computer operating procedures in a
large data center?
A. Instructions for job scheduling
B. Procedures for resequencing source code
C. Guidance on setting security parameters
D. Procedures for utility configuration
NEW QUESTION: 162

Which of the following is the MOST effective control against injection attacks on a web
application?
A. Modern application firewalls
B. Setting up the application and database on different servers
C. Validation of data provided by application users
D. Strong identity controls for application users
NEW QUESTION: 163

An IS auditor performing a review of a newly purchased software program notes that an
escrow agreement has been executed for acquiring the source code. What is MOST
important for the IS auditor to verify?
A. The vendor is financially viable.
B. Product acceptance testing has been completed.
C. The source code is being updated for each change.
D. The source code is being held by an independent third party.
NEW QUESTION: 164

An organization is shifting to a remote workforce. In preparation, the IT department is
performing stress and capacity testing of remote access infrastructure and systems. What
type of control is being implemented?
A. Directive
B. Detective
C. Compensating
D. Preventive
NEW QUESTION: 165

An accounts receivable data entry routine prevents the entry of the same customer with
different account numbers. Which of the following is the BEST way to test if this
programmed control is effective?
A. Implement a computer-assisted audit technique (CAAT).
B. Attempt to create a duplicate customer.
C. Compare source code against authorized software.
D. Review a sorted customer list for duplicates.
NEW QUESTION: 166

An organization with high availability resource requirements is selecting a provider for
cloud computing. Which of the following would cause the GREATEST concern to an IS
auditor? The provider:
A. deploys patches automatically without testing.
B. is not internationally certified for high availability.
C. does not store backup media offsite.
D. hosts systems for the organization's competitor.
NEW QUESTION: 167

What should be the PRIMARY basis for scheduling a follow-up audit?
A. The significance of reported findings
B. The availability of audit resources
C. The completion of all corrective actions
D. The time elapsed after audit report submission
NEW QUESTION: 168

An organization has established hiring policies and procedures designed specifically to
ensure network administrators are well qualified. Which type of control is in place?
A. Detective
B. Corrective
C. Preventive
D. Directive
NEW QUESTION: 169

Which of the following is a corrective control that reduces the impact of a threat event?
A. Business process analysis
B. Business continuity plan (BCP)
C. Security policy
D. Segregation of duties (SoD)
NEW QUESTION: 170
A CIO has asked an IS auditor to implement several security controls for an organization s
IT processes and systems. The auditor should:
A. refuse due to independence issues.
B. obtain approval from executive management for the implementation
C. perform the assignment and future audits with due professional care.
D. communicate the conflict of interest to audit management
NEW QUESTION: 171

Data analytics tools and techniques are MOST helpful to an IS auditor during which of the
following audit activities?
A. Walk-through testing
B. Substantive testing
C. Audit follow-up
D. Audit and resource planning
NEW QUESTION: 172

An auditor is creating an audit program in which the objective is to establish the adequacy
of personal data privacy controls in a payroll process. Which of the following would be
MOST important to include?
A. Segregation of duties controls
B. User access provisioning
C. Audit logging of administrative user activity
D. Approval of data changes
NEW QUESTION: 173

An IS auditor reviewing the database controls for a new e-commerce system discovers a
security weakness in the database configuration. Which of the following should be the IS
auditor's NEXT course of action?
A. Disclose the findings to senior management
B. Assist in drafting corrective actions
C. Identify existing mitigating controls
D. Attempt to exploit the weakness
NEW QUESTION: 174

Which of the following is a characteristic of a single mirrored data center used for disaster
recovery?
A. Real-time data replication occurs from the production site
B. The mirrored data center does not require staffing.
C. The mirrored site may create brief interruptions noticeable to users
D. Data replication to the mirrored site should continue after failover
NEW QUESTION: 175

Which of the following development practices would BEST mitigate the risk associated with
theft of user credentials transmitted between mobile devices and the corporate network?
A. Release mobile applications in debugging mode to allow for easy troubleshooting.
B. Embed cryptographic keys within the mobile application source code.
C. Enforce the validation of digital certificates used in the communication sessions.
D. Allow persistent sessions between mobile applications and the corporate network.
NEW QUESTION: 176

An IS auditor is reviewing database log settings and notices that only INSERT and
DELETE operations are being monitored in the database. What is the MOST significant
risk?
A. Newly added records may not be logged.
B. Metadata may not be logged.
C. Purged records may not be logged.
D. Changes to existing records may not be logged.
NEW QUESTION: 177

An IS auditor reviewed the business case for a proposed investment to virtualize an
organization's server infrastructure. Which of the following is MOST likely to be included
among the benefits in the project proposal?
A. Fewer operating system licenses
B. Less memory and storage space
C. Reduced hardware footprint
D. Better efficiency of logical resources
NEW QUESTION: 178

Which of the following should be an IS auditor's PRIMARY focus when developing a risk-
banned IS audit program?
A. Business plans
B. Portfolio management
C. IT strategic plans
D. Business processes
NEW QUESTION: 179

An IS auditor is using data analytics in an audit and has obtained the data to be used for
testing. Which of the following is the MOST important task before testing begins?
A. Verify data analytics test scripts
B. Verify the completeness and accuracy of the data
C. Select the analytical sampling model
D. Document the method used to obtain the data
NEW QUESTION: 180

Which of the following is the PRIMARY advantage of using virtualization technology for
corporate applications?
A. Improved disaster recovery
B. Stronger data security
C. Increased application performance
D. Better utilization of resources
NEW QUESTION: 181

On a public-key cryptosystem when there is no previous knowledge between parties,
which of the following will BEST help to prevent one person from using a fictitious key to
impersonate someone else?
A. Encrypt the message containing the sender's public key using a private-key
B. Send the public key to the recipient prior to establishing the connection
C. Send a certificate that can be verified by a certification authority with the public key
D. cryptosystem 1 Encrypt the message containing the sender's public key. using the
recipient's public key
NEW QUESTION: 182

Which of the following represents a potential single point of failure in the virtualized
environment that could result in a compromise with greater scope and impact?
A. Applications installed on the guest operating system
B. Underlying hardware on the guest operating system
C. The host operating system
D. Dual operating system
NEW QUESTION: 183

Which of the following is the BEST way to mitigate the risk associated with a document
storage application that has a syncing feature that could allow malware to spread to other
machines in the network?
A. Content inspection technologies should be used to scan files for sensitive data.
B. User behavior modeling and analysis should be performed to discover anomalies in
user behavior.
C. An audit should be conducted to detect shadow data and shadow IT in the network.
D. All files should be scanned when they are uploaded to and downloaded from the
application.
NEW QUESTION: 184

Which of the following establishes the role of the internal audit function?
A. Audit objectives
B. plan Audit charter
C. Audit project
D. Audit governance
NEW QUESTION: 185

The PRIMARY reason an IS department should analyze past incidents and problems is to:
A. determine if all incidents and problems are reported
B. identify the causes of recurring incidents and problems.
C. assess help desk performance
D. assign responsibility for problems.
NEW QUESTION: 186

Which of the following is MOST important for an IS auditor to assess during a post-
implementation review of a newly modified IT application developed in-house?
A. Rollback plans for changes
B. Updates required for end user manuals
C. Resource management plan
D. Sufficiency of implemented controls
NEW QUESTION: 187

Which of the following would be an IS auditor's GREATEST concern when reviewing the
early stages of a software development project?
A. The lack of acceptance criteria behind user requirements
B. The lack of a detailed unit and system test plan
C. The lack of technical documentation to support the program code
D. The lack of completion of all requirements at the end of each sprint
NEW QUESTION: 188

Which of the following is an IS auditor's BEST recommendation to mitigate the risk of
eavesdropping associated with an application programming interface (API) integration
implementation?
A. Implement Transport Layer Security (TLS)
B. Implement Simple Object Access Protocol (SOAP)
C. Encrypt the extensible markup language (XML) file
D. Mask the API endpoints
NEW QUESTION: 189

A legacy application is running on an operating system that is no longer supported by
vendor, if the organization continues to use the current application, which of the application
should be the IS auditor's GREATEST concern?
A. Inability to update the legacy application database
B. Increased cost of maintaining the system
C. Potential exploitation of zero-day vulnerabilities in the system
D. Inability to use the operating system due to potential licence issues
NEW QUESTION: 190

An IS auditor reviewing the use of encryption finds that the symmetric key is sent by an
email message between the parties. Which of the following audit responses is correct in
this situation?
A. An audit finding is recorded as the key should be asymmetric and therefore changed
B. An audit finding is recorded as the key should be distributed in a secure manner
C. No audit finding is recorded as the key can only be used once
D. No audit finding is recorded as it is normal to distribute a key of this nature in this
manner
NEW QUESTION: 191

In an environment where most IT services have been outsourced, continuity planning is
BEST controlled by:
A. outsourced service provider management
B. IT management,
C. business management.
D. continuity planning specialists.
NEW QUESTION: 192

An organization maintains an inventory of the IT applications used by its staff Which of the
following would pose the GREATEST concern with regard to the quality of the inventory
data?
A. The inventory does not contain a formal risk ranking for all the IT applications
B. The application owner and contact information fields are not required to be completed
C. Inventory data is available on and downloadable from the corporate intranet
D. The organization has not established a formal recertification process for the inventory
data
NEW QUESTION: 193

Which of the following would be the MOST significant factor when choosing among several
backup system alternatives with different restoration speeds?
A. Maximum tolerable outages (MTOs)
B. Recovery time objective (RTO)
C. Recovery point objective (RPO)
D. Mean time between failures (MTBFs)
NEW QUESTION: 194

Which of the following is the BEST indicator of the effectiveness of signature-based
intrusion detection systems (IDSs)?
A. An increase in the number of identified false positives
B. An increase in the number of detected incidents not previously identified
C. An increase in the number of unfamiliar sources of intruders
D. An increase in the number of internally reported critical incidents
NEW QUESTION: 195

A project team evaluated vendor responses to a request for proposal (RFP). An IS auditor
reviewing the evaluation process would expect the team to have considered each
vendor's:
A. security policy.
B. financial stability
C. acceptance test plan
D. development methodology.
NEW QUESTION: 196

Which of the following would be the GREATEST risk associated with a new chat feature on
a retailer's website?
A. Reputational damage
B. Productivity loss
C. Data loss
D. System downtime
NEW QUESTION: 197

A USB device containing sensitive production data was lost by an employee and its
contents were subsequently found published online Which of the following controls is the
BEST recommendation to prevent a similar recurrence?
A. Training users on USB device security
B. Monitoring data being downloaded on USB devices
C. Using a strong encryption algorithm
D. Electronically tracking portable devices
NEW QUESTION: 198
During a systems development project, participation in which of the following activities
would compromise the IS auditor's independence?
A. Making design decisions related to automated controls
B. Recommending which reports are required to be converted
C. Reviewing process for each program specification
D. Participating in weekly project management team presentations
NEW QUESTION: 199

The PRIMARY objective of IT service level management is to.
A. increase awareness of IT services
B. improve IT cost control
C. satisfy customer requirements.
D. manage computer operations activities.
NEW QUESTION: 200

A financial institution suspects that a manager has been crediting customer accounts
without authorization. Which of the following is the MOST effective method to validate this
concern?
A. Stop or go sampling
B. Attribute sampling
C. Discovery sampling
D. Variable sampling
NEW QUESTION: 201

Which of the following should be of GREATEST concern to an IS auditor testing interface
controls for an associated bank wire transfer process?
A. The wire transfer was not completed with the most recent secure protocol.
B. Customer-provided information does not appear to be accurate.
C. Data is not independently verified by a third party.
D. Data in the bank's wire transfer system does not reconcile with transferred data.
NEW QUESTION: 202

What would be of GREATEST concern to an IS auditor observing shared key cards being
utilized to access an organization's data center?
A. The lack of a multi-factor authentication system
B. The lack of enforcement of organizational policy and procedures
C. The inability to track the number of misplaced cards
D. The inability to identify who has entered the data center
NEW QUESTION: 203

An organization recently decided to send the backup of its customer relationship
management (CRM) system to its cloud provider for recovery. Which of the following
should be of GREATEST concern to an IS auditor reviewing this process?
A. The cloud provider is located in a different country.
B. Validation of backup data has not been performed.
C. Backups are sent and stored in unencrypted format.
D. Testing of restore data has not been performed.
NEW QUESTION: 204

When removing a financial application system from production, which of the following is
MOST important?2E1457D5D1DDCBD40AB3BF70D5D
A. End-user requests for changes are recorded and tracked.
B. Media used by the retired system has been sanitized.
C. Software license agreements are retained.
D. Data retained for regulatory purposes can be retrieved.
NEW QUESTION: 205

Which of the following is MOST important to ensure when reviewing a global organization's
controls to protect data held on its IT infrastructure across all of its locations?
A. The threat of natural disasters in each location hosting infrastructure has been
accounted for.
B. Relevant data protection legislation and regulations for each location are adhered to.
C. Technical capabilities exist in each location to manage the data and recovery operations
D. The capacity of underlying communications infrastructure in the host locations is
sufficient.
NEW QUESTION: 206

Which of the following is the GREATEST concern associated with control self-
assessments (CSAs)?
A. The assessment may not provide sufficient assurance to stakeholders.
B. Communication between operational management and senior management may not be
effective.
C. Employees may have insufficient awareness of controls.
D. Controls may not be assessed objectively.
NEW QUESTION: 207

An IS auditor learns the organization has experienced several server failures in its
distributed environment. Which of the following is the BEST recommendation to limit the
potential Impact of server failures in the future?
A. Redundant pathways
B. Failover power
C. Parallel testing
D. Clustering
NEW QUESTION: 208

What would be an IS auditor's BEST recommendation upon finding that a third-party IT
service provider hosts the organization's human resources (HR) system in a foreign
country?
A. Implement change management review.
B. Perform background verification checks.
C. Review third-party audit reports.
D. Conduct a privacy impact analysis.
NEW QUESTION: 209

An IS auditor evaluating a three-tier client/server architecture observes an issue with
graphical user interface (GUI) tasks. Which layer should the auditor recommend the client
address?
A. Storage layer
B. Presentation layer
C. Application layer
D. Transport layer
NEW QUESTION: 210

A healthcare facility offers patients health tracking devices that can be monitored remotely
by healthcare professionals. Which of the following is the BEST way to protect patient
personal information from unauthorized exfiltration?
A. Configure the devices to reboot automatically every 7 days.
B. Add a digital certificate to the devices that limits communication to specific servers.
C. Provide the patients with Internet security training and education programs.
D. Restrict the devices to using Internet Protocol (IP) version 6 only.
NEW QUESTION: 211

Which of the following must be in place before an IS auditor initiates audit follow-up
activities?
A. Available resources for the activities included in the action plan
B. A management response in the final report with a committed implementation date
C. Supporting evidence for the gaps and recommendations mentioned in the audit report
D. A heat map with the gaps and recommendations displayed in terms of risk
NEW QUESTION: 212

An organization is within a jurisdiction where new regulations have recently been
announced to restrict cross-border data transfer of personally identifiable information (PIl).
Which of the following IT decisions will MOST likely need to be assessed in the context of
this?
A. Purchasing cyber insurance from an overseas insurance company
B. Hiring IT consultants from overseas
C. Hosting the payroll system at an external cloud service provider
D. Applying encryption to databases hosting PII data
NEW QUESTION: 213

Which of the following is MOST important for an effective control self-assessment (CSA)
program?
A. Understanding the business process
B. Performing detailed test procedures
C. Determining the scope of the assessment
D. Evaluating changes to the risk environment
NEW QUESTION: 214

In a typical system development life cycle (SDLC), which group is PRIMARILY responsible
for confirming compliance with requirements?
A. Internal audit
B. Steering committee
C. Quality assurance (QA)
D. Risk management
NEW QUESTION: 215

An IS auditor discovers a box of hard drives in a secured location that are overdue for
physical destruction. The vendor responsible for this task was never made aware of these
hard drives. Which of the following is the BEST course of action to address this issue?
A. Escalate the finding to the asset owner for remediation
B. Evaluate the corporate asset handling policy for potential gaps.
C. Recommend the drives be sent to the vendor for destruction.
D. Examine the workflow to identify gaps in asset handling responsibilities.
NEW QUESTION: 216

Which of the following human resources management practices BEST leads to the
detection of fraudulent activity?
A. Mandatory time off
B. Background checks
C. Time reporting
D. Employee code of ethics
NEW QUESTION: 217

An IS auditor is assigned to review the IS departments quality procedures Upon contacting
the IS manager, the auditor finds that there is an informal unwritten set of standards Which
of the following should be the auditor's NEXT action?
A. Postpone the audit until IS management implements written standards
B. Document and test compliance with the informal standards
C. Make recommendations to IS management as to appropriate quality standards
D. Finalize the audit and report the finding
NEW QUESTION: 218

An organization recently implemented a cloud document storage solution and removed the
ability for end users to save data to their local workstation hard drives Which of the
following findings should be the IS auditor's GREATEST concern?
A. Users are not required to sign updated acceptable
B. Mobile devices are not encrypted.
C. The business continuity plan (BCP) was not updated.
D. Users have not been trained on the new system.
NEW QUESTION: 219

Which of the following is the MAIN purpose of data classification?
A. Defining parameter requirements for security labels
B. Ensuring the segregation of duties
C. Ensuring integrity of sensitive information
D. Applying the appropriate protective measures
NEW QUESTION: 220

An IS auditor is reviewing a banking mobile application that allows end users to perform
financial transactions. Which of the following poses a security risk to the organization?
A. Lack of strong device passwords
B. Outdated mobile network settings
C. Application programming interface (API) logic faults
D. Unpatched security vulnerabilities in the mobile operating system
NEW QUESTION: 221

Which of the following is the BEST incident of an effective problem management process?
A. Incidents are assigned to engineers immediately.
B. The number of repeat incidents is reduced.
C. Incident are logged in a centralized system.
D. The time to close an incident is reduced.
NEW QUESTION: 222

Which of the following is MOST appropriate for measuring a batch processing application's
system performance over time?
A. Idle time
B. Uptime
C. Throughput
D. System utilization
NEW QUESTION: 223

Prior to the of acquired software into production, it is MOST important that the IS auditor
review the:
A. system documentation.
B. source code escrow agreement.
C. user acceptance lest report.
D. vendor testing report.
NEW QUESTION: 224

Which of the following is the MOST effective control for protecting the confidentiality and
integrity of data stored unencrypted on virtual machines?
A. Review logical access controls on virtual machines regularly
B. Restrict access to images and snapshots of virtual machines
C. Monitor access To stored images and snapshots of virtual machines
D. Limit creation of virtual machine images and snapshots
NEW QUESTION: 225

Which of the following is the GREATEST security risk associated with data migration from
a legacy human resources (HR) system to a cloud-based system''
A. Data from the source and target system may have different data formats
B. System performance may be impacted by the migration
C. Records past their retention period may not be migrated to the new system
D. Data from the source and target system may be intercepted
NEW QUESTION: 226

Which of the following is the MOST effective control to mitigate unintentional misuse of
authorized access?
A. Formalized disciplinary action
B. Security awareness training
C. Regular monitoring of user access logs
D. Annual sign-off of acceptable use policy
NEW QUESTION: 227

An IS auditor is assessing the results of an organization's post-implementation review of a
newly developed information system. Which of the following should be the auditor's MAIN
focus?
A. Benefits realization analysis has been completed
B. Lessons learned have been identified
C. The procurement contract has been closed
D. The disaster recovery plan (DRP) has been updated
NEW QUESTION: 228

During a review of operations, it is noted that during a batch update, an error was detected
and the database initiated a roll-back. An IT operator stopped the roll-back and re-initiated
the update. What should the operator have done PRIOR to re-initiating the update?
A. Determined the cause of the error
B. Obtained approval before re-initiating the update
C. Allowed the roll-back to complete
D. Scheduled the roll-back for a later time
NEW QUESTION: 229

An organization is acquiring a new customer relationship management (CRM) system In
which of the following would the IS auditor find the MOST relevant information on projected
cost savings?
A. Request for proposal (RFP)
B. Results of prototype testing
C. Feasibility study document
D. Business case
NEW QUESTION: 230

The PRIMARY advantage of object-oriented technology is enhanced:
A. management of sequential program execution for data access
B. grouping of objects into methods for data access
C. management of a restricted variety of data types for a data object
D. efficiency due to the re-use of elements of logic
NEW QUESTION: 231
Which of the following is MOST important for an IS auditor to verify when evaluating an
organization's firewall?
A. Automated alerts are being sent when a risk is detected.
B. Insider attacks are being controlled.
C. Access to configuration files is restricted.
D. Logs are being collected in a separate protected host.
NEW QUESTION: 232

Which of the following is MOST important to ensure that electronic evidence collected
during a forensic investigation will be admissible in future legal proceeding?
A. Performing investigate procedures on the original hard drives rather than images of the
hard drives
B. Engaging an independent third party to perform the forensic investigation
C. Restricting evidence access to professionally certified forensic investigation
D. Documentation evidence handling by personnel throughout the forensic investigation
NEW QUESTION: 233

An IS auditor wants to understand the collective effect of the preventive, detective, and
corrective controls for a specific business process. Which of the following should the
auditor focus on FIRST?
A. Whether the existence of preventive controls causes corrective controls to become
unnecessary
B. The formal documentation of the process and how adherence is measured
C. Whether segregation of duties is in place when two controls are applied simultaneously
D. The various points in the process where controls are exercised
NEW QUESTION: 234

Which of the following should be defined in an audit chatter?
A. Audit results
B. Audit schedule
C. Audit authority
D. Audit methodology
NEW QUESTION: 235

When auditing the alignment of IT to the business strategy, it is MOST important (or the IS
auditor to:
A. compare the organization's strategic plan against industry best practice.
B. interview senior managers for their opinion of the IT function.
C. ensure an IT steering committee is appointed to monitor new IT projects.
D. evaluate deliverables of new IT initiatives against planned business services.
NEW QUESTION: 236

Reviewing project plans and status reports throughout the development life cycle will:
A. eliminate the need to perform a risk assessment
B. guarantee that the project will meet its intended deliverables
C. postpone documenting the project's progress until the final phase.
D. facilitate the optimal use of resources over the life of the project.
NEW QUESTION: 237

Which of the following is the MOST likely reason an organization would use Platform as a
Service (PaaS)?
A. To develop and integrate its applications
B. To operate third-party hosted applications
C. To install and manage operating systems
D. To establish a network and security architecture
NEW QUESTION: 238

Which of the following should an IS auditor be MOST concerned with when reviewing the
IT asset disposal process?
A. Data stored on the asset
B. Monetary value of the asset
C. Certificate of destruction
D. Data migration to the new asset
NEW QUESTION: 239

During an IT operations audit multiple unencrypted backup tapes containing sensitive
credit card information cannot be found Which of the following presents the GREATEST
risk to the organization?
A. Reputational damage due to potential identity theft
B. The cost of recreating the missing backup tapes
C. Business disruption if a data restore cannot be completed
D. Human resource cost of responding to the incident
NEW QUESTION: 240
An organization processing high volumes of financial transactions has implemented log file
analysis on a central log server to continuously monitor compliance with its fraud policy.
Which of the following poses the GREATEST risk to this control?
A. Software developers have read access to the log server.
B. Data entry staff have privileged access to the log server.
C. IT operations staff are able to stop the payment processing system.
D. IT operations staff have the right to restart the log server.
NEW QUESTION: 241

Which of the following metrics would be MOST useful to an IS auditor when assessing the
resilience of an application programming interface (API)?
A. Number of defects logged during development compared to other APIs
B. Number of patches released within a time interval for the API
C. Number of developers adopting the API for their applications
D. Number of API calls expected versus actually received within a lime interval
NEW QUESTION: 242

The results of an IS audit indicating the need to strengthen controls has been
communicated to the appropriate stakeholders. Which of the following is the BEST way for
management to enforce implementation of the recommendations?
A. Have stakeholders develop a business case for control changes.
B. Assign ownership to each remediation activity.
C. Request auditors to design a roadmap for closure.
D. Copy senior management on communications related to the audit
NEW QUESTION: 243

To BEST evaluate the effectiveness of a disaster recovery plan, the IS auditor should
review the:
A. capacity of backup facilities.
B. hardware and software inventory.
C. plans and procedures in the business continuity plan
D. test plan and results of past tests.
NEW QUESTION: 244

Which of the following fire suppression systems needs to be combined with an automatic
switch to shut down the electricity supply in the event of activation?
A. Halon
B. Carbon dioxide
C. FM-200
D. Dry pipe
NEW QUESTION: 245

Which of the following processes BEST addresses the risk associated with the deployment
of a new production system?
A. Incident management
B. Release management
C. Change management
D. Configuration management
NEW QUESTION: 246

An organization has begun using social media to communicate with current and potential
clients. Which of the following should be of PRIMARY concern to the auditor?
A. Negative posts by customers affecting the organization's image
B. Using a third-party provider to host and manage content
C. Lack of guidance on appropriate social media usage and monitoring
D. Reduced productivity of staff using social media
NEW QUESTION: 247

Which of the following falls within the scope of an information security governance
committee?
A. Reviewing content for information security awareness programs
B. Prioritizing information security technology initiatives
C. Selecting the organization's external security auditors
D. Approving access to critical financial systems
NEW QUESTION: 248
In a database management system (DBMS) normalization is used to:
A. standardize data names
B. reduce access time
C. eliminate processing deadlocks
D. reduce data redundancy
NEW QUESTION: 249

Which of the following is the PRIMARY benefit of performing a maturity model
assessment'?
A. It identifies and fixes attribute weaknesses
B. It acts as a measuring tool and progress indicator
C. It ensures organizational consistency and improvement
D. It facilitates the execution of an improvement plan
NEW QUESTION: 250

Which of the following strategies BEST optimizes data storage without compromising data
retention practices?
A. Automatically deleting emails older than one year
B. Limiting the size of file attachments being sent via email
C. Allowing employees to store large emails on flash drives
D. Moving emails to a virtual email vault after 30 days
NEW QUESTION: 251

Which of the following is MOST critical to include when developing a data loss prevention
(DIP) policy?
A. Identification of the relevant network channels requiring protection
B. Identification of enforcement actions
C. Identification of the content to protect
D. Identification of the users, groups, and roles to whom the policy will apply
NEW QUESTION: 252

When an organization introduces virtualization into its architecture, which of the following
should be an IS auditor's PRIMARY area of focus to verify adequate protection?
A. Host operating system configuration
B. Shared storage space
C. Multiple versions of the same operating system
D. Maintenance cycles
NEW QUESTION: 253

Which of the following would BEST indicate the effectiveness of a security awareness
training program?
A. Reduced unintentional violations
B. Results of third-parry social engineering tests
C. Increased number of employees completing training
D. Employee satisfaction with trailing
NEW QUESTION: 254

Which of the following is the BEST source of information for an IS auditor to use as a
baseline to assess the adequacy of an organization's privacy policy?
A. Historical privacy breaches and related root causes
B. Globally accepted privacy best practices
C. Local privacy standards and regulations
D. Benchmark studies of similar organizations
NEW QUESTION: 255

An IS auditor has discovered that unauthorized customer management software was
installed on a workstation. The auditor determines the software has been uploading
customer data to an external party Which of the following is the IS auditor's BEST course
of action?
A. Present the issue at the next audit progress meeting.
B. Notify the incident response team
C. Review other workstations to determine the extent of the incident
D. Determine the number of customer records that were uploaded
NEW QUESTION: 256

Which of the following is a corrective control?
A. Verifying duplicate calculations in data processing
B. Reviewing user access rights for segregation of duties
C. Executing emergency response plans
D. Separating equipment development, testing, and production
NEW QUESTION: 257

Which of the following is the MOST effective way to maintain network integrity when using
mobile devices?
A. Review access control lists.
B. Implement outbound firewall rules
C. Implement network access control.
D. Perform network reviews
NEW QUESTION: 258

A new regulation in one country of a global organization has recently prohibited cross-
border transfer of personal dat a. An IS auditor has been asked to determine the
organization's level of exposure in the affected country. Which of the following would be
MOST helpful in making this assessment?
A. Developing an inventory of all business entities that exchange personal data with the
affected jurisdiction
B. Identifying data security threats in the affected jurisdiction
C. Identifying business processes associated with personal data exchange with the
affected jurisdiction
D. Reviewing data classification procedures associated with the affected jurisdiction
NEW QUESTION: 259

Which of the following would be MOST important to update once a decision has been
made to outsource a critical application to a cloud service provider?
A. IT budget
B. IT resource plan
C. Business impact analysis (BIA)
D. Project portfolio
NEW QUESTION: 260

A user of a telephone banking system has forgotten his personal identification number
(PIN), after the user has been authenticated, the BEST method of issuing a new pin is to
have:
A. A randomly generated pin communicated by banking personnel
B. The user enter a new PIN twice
C. Banking personnel assign the user a new PIN via email
D. Banking personnel verbally assign a new PIN
NEW QUESTION: 261

Which of the following is the MOST important difference between end-user computing
(EUC) applications and traditional applications?
A. Traditional applications require periodic patching whereas EUC applications do not.
B. Traditional application documentation is typically less comprehensive than EUC
application documentation.
C. Traditional applications require roll-back procedures whereas EUC applications do not.
D. Traditional application input controls are typically more robust than EUC application
input controls.
NEW QUESTION: 262

Which of the following is an example of a corrective control?
A. Generating automated batch job failure notifications
B. Utilizing processes that enforce segregation of duties
C. Restoring system information from data backups
D. Employing only qualified personnel to execute tasks
NEW QUESTION: 263

Which of the following would BEST detect unauthorized modification of data by a database
administrator (DBA)?
A. Compare data to input records.
B. Audit database change requests.
C. Review changes to edit checks.
D. Audit database activity log
NEW QUESTION: 264

Which of the following provides the BEST method for maintaining the security of corporate
applications pushed to employee-owned mobile devices?
A. Requiring security awareness training for mobile users
B. Implementing mobile device management (MDM)
C. Enabling remote data destruction capabilities
D. Disabling unnecessary network connectivity options
NEW QUESTION: 265

To create a digital signature in a message using asymmetric encryption, it is necessary to:
A. transmit the actual digital signature in unencrypted clear text.
B. encrypt the authentication sequence using a public key.
C. First use a symmetric algorithm for the authentication sequence.
D. encrypt the authentication sequence using a private key.
NEW QUESTION: 266

Which of the following practices BEST ensures that archived electronic information of
permanent importance is accessible over time?
A. Regularly migrate data to current technology.
B. Periodically backup the archived data.
C. Acquire applications that emulate old software.
D. Periodically test the integrity of the information.
NEW QUESTION: 267

As part of a recent business-critical initiative, an organization is re- purposing its customer
dat a. However, its customers are unaware that their data is being used for another
purpose. What is the BEST recommendation to address the associated data privacy risk to
the organization?
A. Obtain customer consent for secondary use of the data.
B. Ensure the data processing activity remains onshore.
C. Maintain an audit trail of the data analysis activity
D. Adjust the existing data retention requirements.
NEW QUESTION: 268

Which of the following is the BEST compensating control when segregation of duties is
lacking in a small IS department?
A. Background checks
B. User awareness training
C. Mandatory holidays
D. Transaction log review
NEW QUESTION: 269
Which of the following would be of GREATEST concern to an IS auditor evaluating
governance over open source development components?
A. Existing open source policies have not been approved in over a year
B. The development project has gone over budget and time
C. The open source development components do not meet industry best practices
D. The software is not analyzed for compliance with organizational requirements
NEW QUESTION: 270

Following an IS audit, which of the following types of risk would be MOST critical to
communicate to key stakeholders?
A. Audit
B. Inherent
C. Control
D. Residual
NEW QUESTION: 271

When is the BEST time to commence continuity planning for a new application system?
A. immediately after implementation
B. Just prior to the handover to the system maintenance group
C. Following successful user testing
D. During the design phase
NEW QUESTION: 272

An IS auditor notes that application super-user activity was not recorded in system logs.
What is the auditor's BEST course of action?
A. Investigate the reason for the lack of logging
B. Recommend activation of super user activity logging
C. Report the issue to the audit manager
D. Recommend a least privilege access model
NEW QUESTION: 273

Which of the following is MOST important to ensure during computer forensics
investigations?
A. Effective backup schemes are in place to preserve digital evidence.
B. The analysis is performed against the original digital evidence.
C. The contents of digital evidence are preserved in their original form.
D. Personnel undertaking the investigation process are certified to collect digital evidence.
NEW QUESTION: 274

Which of the following is MOST important to verify when implementing an organization's
information security program?
A. The security program is adequately funded in the budget.
B. The IT department has developed and implemented training programs.
C. The security program has been benchmarked to industry standards.
D. The organization's security strategy is documented and approved.
NEW QUESTION: 275

Data analytics Tools are BEST suited for which of the following purposes?
A. Quantifying business impact analysis (BIA) results
B. Analyzing the effectiveness of risk assessment processes
C. Identifying business process errors
D. Examining low-frequency business transactions
NEW QUESTION: 276

Which of the following security assessment techniques attempts to exploit a system's open
ports?
A. Network scanning
B. Password cracking
C. Vulnerability scanning
D. Penetration testing
NEW QUESTION: 277

An IS auditor concludes that an organization has a quality security policy. Which of the
following is MOST important to determine next? The policy must be:
A. based on industry standards.
B. developed by process owners.
C. updated frequently.
D. well understood by all employees.
NEW QUESTION: 278

What information within change records would provide an IS auditor with the MOST
assurance that configuration management is operating effectively?
A. Implementation checklist for release management
B. Post-implementation review documentation
C. Affected configuration items and associated impacts
D. Configuration management plan and operating procedures
NEW QUESTION: 279

A large insurance company is about to replace a major financial application. Which of the
following is the IS auditor's PRIMARY focus when conducting the pre-implementation
review?
A. Unit testing
B. System manuals
C. Procedure updates
D. Migration of data
NEW QUESTION: 280

An IS auditor is evaluating a virtual server environment and teams that the production
server, development server and management console are housed in the same physical
host. What
A. The physical host is a single point of failure.
B. The development server and management console share the same host.
C. The development and production servers share the same host.
D. The management console is a single point of failure
NEW QUESTION: 281

When aligning IT projects with organizational objectives, it is MOST important to ensure
that the:
A. percentage of growth in project intake is reviewed.
B. business cases have been clearly defined for all projects.
C. overall success rate of projects is high.
D. project portfolio database is updated when new systems are acquired.
NEW QUESTION: 282

Which of the following BEST demonstrates the degree of alignment between IT and
business strategy?
A. Number of IT projects driven by business requirements
B. Number of IT policies that refer directly to business goals
C. Percentage of IT value drivers mapped to business value drivers
D. Percentage of users aware of information security policies
NEW QUESTION: 283

Which of the following should an IS auditor review FIRST when evaluating a business
process for auditing?
A. Design and implementation of controls
B. Evidence that IS-related controls are operating effectively
C. Competence of the personnel performing the process
D. Assignment of responsibility for process management
NEW QUESTION: 284

Which of the following metrics would BEST measure the agility of an organization's IT
function?
A. Average number of learning and training hours per IT staff member
B. Frequency of security assessments against the most recent standards and guidelines
C. Average time to turn strategic IT objectives into an agreed upon and approved initiative
D. Percentage of staff with sufficient IT-related skills for the competency required of their
roles
NEW QUESTION: 285

An organization offers an online information security awareness program to employees on
an annual basis. Which of the following from an audit of the program should be the
auditor's GREATEST concern?
A. The post-training test content is two years old.
B. New employees are given three months to complete the training
C. Employees have complained about the length of the program
D. Training completions is not mandatory for staff.
NEW QUESTION: 286
Which of the following should an IS auditor do FIRST when assessing the level of
compliance for an organization in the banking industry?
A. Confirm there are procedures in place to ensure organizational agreements address
legal requirements.
B. Identify industry-specific requirements that apply to the organization.
C. Determine whether the organization has established benchmarks against industry peers
for compliance.
D. Review internal documentation to evaluate adherence to external requirements.
NEW QUESTION: 287

An existing system is being replaced with a new application package User acceptance
testing (UAT) should ensure that
A. the new system functions as expected.
B. data from the old system has been converted correctly
C. there is a business need for the new system
D. the new system is better than the old system.
NEW QUESTION: 288

A database audit reveals an issue with the way data ownership for client data is defined.
Which of the following roles should be accountable for this finding?
A. Privacy manager
B. Information security management
C. Business management
D. Database administrator
NEW QUESTION: 289

An IS auditor is evaluating a virtual server environment and learns that the production
server, development server, and management console are housed in the same physical
host. What should be the auditor's PRIMARY concern?
A. The management console is a single point of failure.
B. The development server and management console share the same host
C. The development and production servers share the same host
D. The physical host is a single point of failure
NEW QUESTION: 290

Which of the following is the MAIN benefit of using data analytics when testing the
effectiveness of controls?
A. Analytics can be applied to any type of control
B. The demand for IS auditors is reduced over time
C. The full population can be tested.
D. Analytics remove the need to focus on areas of higher risk
NEW QUESTION: 291

After the release of an application system, an IS auditor wants to verify that the system is
providing value to the organization. The auditor's BEST course of action would be to:
A. Confirm that risk has declined since the application system release
B. Perform a gap analysis against the benefits defined in the business case
C. Review the results of compliance testing
D. Quantify improvements in client satisfaction
NEW QUESTION: 292

An IS auditor s role in privacy and security is to:
A. verify compliance with applicable laws.
B. implement risk management methodologies.
C. assist the governance steering committee with implementing a security policy.
D. assist in developing an IS security strategy.
NEW QUESTION: 293

The IS quality assurance (OA) group is responsible for
A. ensuring that the output received from system processing is complete.
B. monitoring the execution of computer processing tasks
C. ensuring that program changes adhere to established standards.
D. designing procedures to protect data against accidental disclosure.
NEW QUESTION: 294

An organization's business function wants to capture customer data and must comply with
global data protection regulations. Which of the following should be considered FIRST?
A. The encryption method for the data
B. The location of data storage
C. The legal basis for collecting the data
D. The attributes of collected data
NEW QUESTION: 295

An IS auditor previously worked in an organization s IT department and was involved with
the design of the business continuity plan (BCP). The IS auditor has now been asked to
review this same BCP. The auditor should FIRST.
A. communicate the conflict of interest to the audit manager prior to starting the
assignment.
B. communicate the conflict of interest to the audit committee prior to starting the
assignment
C. document the conflict in the audit report.
D. decline the audit assignment.
NEW QUESTION: 296

Which of the following is the FIRST step in initiating a data classification program?
A. Risk appetite assessment
B. Assignment of data ownership
C. Assignment of sensitivity levels
D. Inventory of data assets
NEW QUESTION: 297

Which of the following is MOST important to review when evaluating the performance of a
critical web application?
A. Strategy for application performance monitoring in the cloud
B. Roles and responsibilities for reporting
C. Business-defined application response times
D. Feedback from customer satisfaction surveys
NEW QUESTION: 298

Within the context of an IT-related governance framework, which type of organization
would be considered MOST mature?
A. An organization in which processes are repeatable and results periodically reviewed
B. An organization with processes systematically managed by continuous improvement
C. An organization with established sets of documented standard processes
D. An organization m a state of dynamic growth with continuously updated policies and
procedures
NEW QUESTION: 299

An IS auditor has been asked to assess the security of a recently migrated database
system that contains personal and financial data for a bank's customers. Which of the
following controls is MOST important for the auditor to confirm is in place?
A. The default administration account is used after changing the account password.
B. The default configurations have been changed.
C. The service port used by the database server has been changed.
D. All tables in the database are normalized.
NEW QUESTION: 300

An IS auditor conducting a follow-up audit learns that previously funded recommendations
have not been implemented due to recent budget restrictions. Which of the following
should the
A. Report the matter to the chief financial officer (CFO) and recommend funding be
reinstated
B. Start an audit of the project funding allocation process
C. Report to the audit committee that the recommendations are still open
D. Close the audit recommendations in the tracking register
NEW QUESTION: 301

An IS auditor is reviewing the implementation of an international quality management
standard Which of the following provides the BEST evidence that quality management
objectives have been achieved?
A. Reduction in risk profile
B. Measurable processes
C. Quality assurance (QA) documentation
D. Enhanced compliance with laws and regulations
NEW QUESTION: 302

Which of the following is MOST likely to enable a hacker to successfully penetrate a
system?
A. Lack of DoS protection
B. Decentralized dialup access
C. Unpatched software
D. Lack of virus protection
NEW QUESTION: 303

In a typical network architecture used for e-commerce a load balancer is normally found
between the
A. routers and me web servers,
B. databases and internal firewalls
C. mail servers and the mail repositories
D. users and the external gateways
NEW QUESTION: 304

An IS auditor assessing the controls within a newly implemented call center would FIRST
A. review the manual and automated controls in the call center.
B. evaluate the operational risk associated with the call center.
C. test the technical infrastructure at the call center.
D. gather information from the customers regarding response times and quality of service.
NEW QUESTION: 305

The purpose of data migration testing is to validate data:
A. availability.
B. completeness.
C. confidentiality.
D. retention.
NEW QUESTION: 306

Following the discovery of inaccuracies in a data warehouse, an organization has
implemented data profiling, cleansing, and handling filters to enhance the quality of data
obtained from c
A. Corrective control
B. Detective control
C. Compensating control
D. Directive control
NEW QUESTION: 307

During which phase of the incident management life cycle should metrics such as "mean
time to incident discovery" and "cost of recovery" be reported?
A. Post-incident assessment
B. Containment, analysis, tracking, and recovery
C. Planning and preparation
D. Detection, triage, and investigation
NEW QUESTION: 308

When reviewing an organization's information security policies, an IS auditor should verify
that the policies have been defined PRIMARILY on the basis of
A. a risk management process
B. an information security framework
C. industry best practices
D. past information security incidents
NEW QUESTION: 309

An IS audit reveals an organization's IT department reports any deviations from its security
standards to an internal IT risk committee involving IT senior management. Which of the
following should be the IS auditor's GREATEST concern?
A. The chief information officer (CIO) did not attend a number of IT risk committee
meetings during the past year.
B. The IT risk committee has no reporting line to any governance committee outside IT.
C. The list of IT risk committee members does not include the board member responsible
for IT.
D. The IT risk committee meeting minutes are not signed off by all participants.
NEW QUESTION: 310

An IS auditor finds that periodic reviews of read-only users for a reporting system are not
being performed. Which of the following should be the IS auditor's NEXT course of action?
A. Obtain a verbal confirmation from IT for this exemption.
B. Report this control process weakness to senior management.
C. Review the list of end users and evaluate for authorization.
D. Verify management's approval for this exemption.
NEW QUESTION: 311

An organization's enterprise architecture (EA) department decides to change a legacy
system's components while maintaining its original functionality Which of the following is
MOST important for an IS auditor to understand when reviewing this decision?
A. The database entity relationships within the legacy system
B. The data flows between the components to be used by the redesigned system
C. The current business capabilities delivered by the legacy system.
D. The proposed network topology to be used by the redesigned system
NEW QUESTION: 312

An organization is in the process of deciding whether to allow a bring your own device
(BYOD) program. If approved, which of the following should be the FIRST control required
before implementation''
A. An acceptable use policy
B. An awareness program
C. Device registration
D. Device baseline configurations
NEW QUESTION: 313

Which of the following provides the MOST assurance over the completeness and accuracy
of loan application processing with respect to the implementation of a new system?
A. Reviewing quality assurance (QA) procedures
B. Loading balance and transaction data to the new system
C. Comparing code between old and new systems
D. Running historical transactions through the new system
NEW QUESTION: 314

Which of the following would be an IS auditor's GREATEST concern when reviewing an
organization's security controls for policy compliance?
A. Security policy documents are available on a public domain website.
B. Security policies are not uniformly applicable across the organization
C. The security policy has not been reviewed within the past year
D. End users are not required to acknowledge security policy training.
NEW QUESTION: 315

Which of the following should be an IS auditor's GREATEST concern when a security audit
reveals the organization's vulnerability assessment approach is limited to running a
vulnerability scanner on its network?
A. External risks in the organization's environment may go undetected.
B. A scanner does not exploit the vulnerability in the systems.
C. System performance may be degraded by the scanner.
D. Some of the vulnerabilities discovered may be false positives.
NEW QUESTION: 316

During an incident management audit, an IS auditor finds that several similar incidents
were logged during the audit period Which of the following is the auditor's MOST important
course of action?
A. Determine if a root cause analysis was conducted
B. Document the finding and present it to management.
C. Validate whether all incidents have been actioned.
D. Confirm the resolution time of the incidents.
NEW QUESTION: 317

A small financial institution is preparing to implement a check image processing system to
support planned mobile banking product offerings Which of the following is MOST critical
to the successful implementation of the system?
A. Feasibility studies
B. Integration testing
C. End user training
D. Control design
NEW QUESTION: 318

Which of the following is the PRIMARY purpose of using data analytics when auditing an
enterprise resource planning (ERP) system for a large organization?
A. To determine recovery point objectives (RPOs)
B. To identify threats to the ERP
C. To identify business processing errors
D. To select sampling methods
NEW QUESTION: 319

A company uses a standard form to document and approve all changes in production
programs. To ensure that the forms are properly authorized, which of the following is the
MOST effective sampling method?
A. Stratified
B. Random
C. Attribute
D. Variable
NEW QUESTION: 320

Which of the following is the BEST control to prevent the transfer of files to external parties
through instant messaging (IM) applications'?
A. File Transfer Protocol (FTP)
B. Instant messaging policy
C. File level encryption
D. Application level firewalls

ISACA CISA v2022-01-10 q320

Uploaded by

Copyright:

Available Formats

ISACA CISA v2022-01-10 q320

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ISACA CISA v2022-01-10 q320

Uploaded by

Copyright:

Available Formats

ISACA.CISA.v2022-01-10.

Exam Code: CISA

NEW QUESTION: 100

NEW QUESTION: 101

NEW QUESTION: 102

NEW QUESTION: 103

NEW QUESTION: 104

NEW QUESTION: 106

NEW QUESTION: 107

NEW QUESTION: 109

NEW QUESTION: 110

NEW QUESTION: 111

NEW QUESTION: 112

NEW QUESTION: 113

NEW QUESTION: 114

NEW QUESTION: 115

NEW QUESTION: 116

NEW QUESTION: 117

NEW QUESTION: 118

NEW QUESTION: 119

NEW QUESTION: 120

NEW QUESTION: 121

NEW QUESTION: 122

NEW QUESTION: 123

NEW QUESTION: 124

NEW QUESTION: 125

NEW QUESTION: 126

NEW QUESTION: 127

NEW QUESTION: 128

NEW QUESTION: 129

NEW QUESTION: 130

NEW QUESTION: 131

NEW QUESTION: 132

NEW QUESTION: 134

NEW QUESTION: 135

NEW QUESTION: 136

NEW QUESTION: 137

NEW QUESTION: 138

NEW QUESTION: 139

NEW QUESTION: 140

NEW QUESTION: 141

NEW QUESTION: 142

NEW QUESTION: 143

NEW QUESTION: 144

NEW QUESTION: 145

NEW QUESTION: 146

NEW QUESTION: 147

NEW QUESTION: 148

NEW QUESTION: 149

NEW QUESTION: 150

NEW QUESTION: 151

NEW QUESTION: 152

NEW QUESTION: 153

NEW QUESTION: 154

NEW QUESTION: 155

NEW QUESTION: 156

NEW QUESTION: 157

NEW QUESTION: 158

NEW QUESTION: 159