ExamGecko
Search Search Login
Home Home / Isaca / CISA

Isaca CISA Practice Test - Questions Answers, Page 78

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
The FIRST step in an incident response plan is to:
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
An IS auditor is reviewing a contract for the outsourcing of IT facilities. If missing, which of the following should present the GREATEST concern to the auditor?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
An IS auditor is reviewing the backup procedures in an organization that has high volumes of data with frequent changes to transactions. Which of the following is the BEST backup scheme to recommend given the need for a shorter restoration time in the event of a disruption?

Question 771

Report
Export
Collapse

An IS auditor is reviewing processes for importing market price data from external data providers. Which of the following findings should the auditor consider MOST critical?

A.
Imported data is not disposed of frequently.
A.
Imported data is not disposed of frequently.
Answers
B.
The transfer protocol is not encrypted.
B.
The transfer protocol is not encrypted.
Answers
C.
The transfer protocol does not require authentication.
C.
The transfer protocol does not require authentication.
Answers
D.
The quality of the data is not monitored.
D.
The quality of the data is not monitored.
Answers
Suggested answer: D

Question 772

Report
Export
Collapse

Who is accountable for an organization's enterprise risk management (ERM) program?

A.
Board of directors
A.
Board of directors
Answers
B.
Steering committee
B.
Steering committee
Answers
C.
Chief risk officer (CRO)
C.
Chief risk officer (CRO)
Answers
D.
Executive management
D.
Executive management
Answers
Suggested answer: A

Question 773

Report
Export
Collapse

Which of the following would be an IS auditor's BEST recommendation to senior management when several IT initiatives are found to be misaligned with the organization's strategy?

A.
Define key performance indicators (KPIs) for IT.
A.
Define key performance indicators (KPIs) for IT.
Answers
B.
Modify IT initiatives that do not map to business strategies.
B.
Modify IT initiatives that do not map to business strategies.
Answers
C.
Reassess the return on investment (ROI) for the IT initiatives.
C.
Reassess the return on investment (ROI) for the IT initiatives.
Answers
D.
Reassess IT initiatives that do not map to business strategies.
D.
Reassess IT initiatives that do not map to business strategies.
Answers
Suggested answer: D

Question 774

Report
Export
Collapse

Which of the following is the MOST effective way to evaluate the physical security of a data center?

A.
Review data center access logs.
A.
Review data center access logs.
Answers
B.
Interview data center stakeholders.
B.
Interview data center stakeholders.
Answers
C.
Review camera footage from the data center.
C.
Review camera footage from the data center.
Answers
D.
Perform a data center tour.
D.
Perform a data center tour.
Answers
Suggested answer: D

Question 775

Report
Export
Collapse

Which of the following user actions poses the GREATEST risk for inadvertently introducing malware into a local network?

A.
Uploading a file onto an internal server
A.
Uploading a file onto an internal server
Answers
B.
Viewing a hypertext markup language (HTML) document
B.
Viewing a hypertext markup language (HTML) document
Answers
C.
Downloading a file from an enterprise file share
C.
Downloading a file from an enterprise file share
Answers
D.
Opening an email attachment from an external account
D.
Opening an email attachment from an external account
Answers
Suggested answer: D

Question 776

Report
Export
Collapse

Which of the following is the GREATEST risk if two users have concurrent access to the same database record?

A.
Data integrity
A.
Data integrity
Answers
B.
Entity integrity
B.
Entity integrity
Answers
C.
Referential integrity
C.
Referential integrity
Answers
D.
Availability integrity
D.
Availability integrity
Answers
Suggested answer: A

Question 777

Report
Export
Collapse

Which of the following is the GREATEST concern related to an organization's data classification processes?

A.
Users responsible for managing records are unaware of the data classification processes.
A.
Users responsible for managing records are unaware of the data classification processes.
Answers
B.
Systems used to manage the data classification processes are not synchronized.
B.
Systems used to manage the data classification processes are not synchronized.
Answers
C.
The data classification processes have not been updated in the last year.
C.
The data classification processes have not been updated in the last year.
Answers
D.
The data classification processes are not aligned with industry standards.
D.
The data classification processes are not aligned with industry standards.
Answers
Suggested answer: A

Question 778

Report
Export
Collapse

An IS auditor learns that a business owner violated the organization's security policy by creating a web page with access to production data. The auditor's NEXT step should be to:

A.
determine if sufficient access controls exist.
A.
determine if sufficient access controls exist.
Answers
B.
assess the sensitivity of the production data.
B.
assess the sensitivity of the production data.
Answers
C.
shut down the web page.
C.
shut down the web page.
Answers
D.
escalate to senior management.
D.
escalate to senior management.
Answers
Suggested answer: D

Question 779

Report
Export
Collapse

Which of the following should be the PRIMARY focus when communicating an IS audit issue to management?

A.
The risk to which the organization is exposed due to the issue
A.
The risk to which the organization is exposed due to the issue
Answers
B.
The nature, extent, and timing of subsequent audit follow-up
B.
The nature, extent, and timing of subsequent audit follow-up
Answers
C.
How the issue was found and who bears responsibility
C.
How the issue was found and who bears responsibility
Answers
D.
A detailed solution for resolving the issue
D.
A detailed solution for resolving the issue
Answers
Suggested answer: A

Question 780

Report
Export
Collapse

A senior IS auditor suspects that a PC may have been used to perpetrate fraud in a finance department. The auditor should FIRST report this suspicion to:

A.
the audit committee.
A.
the audit committee.
Answers
B.
audit management.
B.
audit management.
Answers
C.
auditee line management.
C.
auditee line management.
Answers
D.
the police.
D.
the police.
Answers
Suggested answer: B
Total 1.198 questions
Go to page: of 120
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms